From d1e775547c076a865fc0ff7b8a98e63a313f8024 Mon Sep 17 00:00:00 2001 From: Sean Larimore Date: Mon, 25 Sep 2017 13:52:44 -0600 Subject: [PATCH] Adding database drop jobs Implemented Kubernetes jobs to drop a database for an OpenStack service on deletion of Helm chart. This job is configurable to be enabled or disabled in the values.yaml file for each chart. Change-Id: Ia1a0834cb43c7e883aaf507a7c7683fa1cf4e838 --- barbican/templates/configmap-bin.yaml | 2 + barbican/templates/job-db-drop.yaml | 81 +++++++++++ barbican/values.yaml | 13 ++ cinder/templates/configmap-bin.yaml | 2 + cinder/templates/job-db-drop.yaml | 80 +++++++++++ cinder/values.yaml | 13 ++ doc/source/devref/images.rst | 24 ++-- doc/source/install/developer/all-in-one.rst | 22 +++ doc/source/install/multinode.rst | 5 +- glance/templates/configmap-bin.yaml | 2 + glance/templates/job-db-drop.yaml | 80 +++++++++++ glance/values.yaml | 13 ++ heat/templates/configmap-bin.yaml | 2 + heat/templates/job-db-drop.yaml | 80 +++++++++++ heat/values.yaml | 13 ++ .../templates/scripts/_db-drop.py.tpl | 132 ++++++++++++++++++ horizon/templates/configmap-bin.yaml | 2 + horizon/templates/job-db-drop.yaml | 72 ++++++++++ horizon/values.yaml | 13 ++ keystone/templates/configmap-bin.yaml | 2 + keystone/templates/job-db-drop.yaml | 84 +++++++++++ keystone/values.yaml | 13 ++ magnum/templates/configmap-bin.yaml | 2 + magnum/templates/job-db-drop.yaml | 80 +++++++++++ magnum/values.yaml | 13 ++ mistral/templates/configmap-bin.yaml | 2 + mistral/templates/job-db-drop.yaml | 80 +++++++++++ mistral/values.yaml | 13 ++ neutron/templates/configmap-bin.yaml | 2 + neutron/templates/job-db-drop.yaml | 81 +++++++++++ neutron/values.yaml | 13 ++ nova/templates/configmap-bin.yaml | 2 + nova/templates/job-db-drop.yaml | 109 +++++++++++++++ nova/values.yaml | 13 ++ senlin/templates/configmap-bin.yaml | 2 + senlin/templates/job-db-drop.yaml | 80 +++++++++++ senlin/values.yaml | 13 ++ 37 files changed, 1244 insertions(+), 11 deletions(-) create mode 100644 barbican/templates/job-db-drop.yaml create mode 100644 cinder/templates/job-db-drop.yaml create mode 100644 glance/templates/job-db-drop.yaml create mode 100644 heat/templates/job-db-drop.yaml create mode 100644 helm-toolkit/templates/scripts/_db-drop.py.tpl create mode 100644 horizon/templates/job-db-drop.yaml create mode 100644 keystone/templates/job-db-drop.yaml create mode 100644 magnum/templates/job-db-drop.yaml create mode 100644 mistral/templates/job-db-drop.yaml create mode 100644 neutron/templates/job-db-drop.yaml create mode 100644 nova/templates/job-db-drop.yaml create mode 100644 senlin/templates/job-db-drop.yaml diff --git a/barbican/templates/configmap-bin.yaml b/barbican/templates/configmap-bin.yaml index f4f5117dd1..019b1d9eb6 100644 --- a/barbican/templates/configmap-bin.yaml +++ b/barbican/templates/configmap-bin.yaml @@ -32,6 +32,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} barbican.sh: | {{ tuple "bin/_barbican.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} ks-service.sh: | diff --git a/barbican/templates/job-db-drop.yaml b/barbican/templates/job-db-drop.yaml new file mode 100644 index 0000000000..279b4a9013 --- /dev/null +++ b/barbican/templates/job-db-drop.yaml @@ -0,0 +1,81 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: barbican-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "barbican" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: barbican-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/barbican/barbican.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: DEFAULT + - name: OPENSTACK_CONFIG_DB_KEY + value: sql_connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: barbican-etc + mountPath: /etc/barbican + - name: barbican-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: barbican-conf + mountPath: /etc/barbican/barbican.conf + subPath: barbican.conf + readOnly: true + volumes: + - name: barbican-etc + emptyDir: {} + - name: barbican-conf + configMap: + name: barbican-etc + defaultMode: 0444 + - name: barbican-bin + configMap: + name: barbican-bin + defaultMode: 0555 + +{{- end }} diff --git a/barbican/values.yaml b/barbican/values.yaml index 3600937d05..abd0477d1d 100644 --- a/barbican/values.yaml +++ b/barbican/values.yaml @@ -22,6 +22,7 @@ images: test: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-barbican-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -92,6 +93,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -145,6 +153,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -465,6 +477,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml index 751c762fa6..b653e363eb 100644 --- a/cinder/templates/configmap-bin.yaml +++ b/cinder/templates/configmap-bin.yaml @@ -29,6 +29,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/cinder/templates/job-db-drop.yaml b/cinder/templates/job-db-drop.yaml new file mode 100644 index 0000000000..573a9611c0 --- /dev/null +++ b/cinder/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: cinder-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "cinder" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: cinder-db-drop + image: {{ .Values.images.db_drop | quote }} + imagePullPolicy: {{ .Values.images.pull_policy | quote }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/cinder/cinder.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: cinder-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etccinder + mountPath: /etc/cinder + - name: cinder-etc + mountPath: /etc/cinder/cinder.conf + subPath: cinder.conf + readOnly: true + volumes: + - name: etccinder + emptyDir: {} + - name: cinder-etc + configMap: + name: cinder-etc + defaultMode: 0444 + - name: cinder-bin + configMap: + name: cinder-bin + defaultMode: 0555 +{{- end }} diff --git a/cinder/values.yaml b/cinder/values.yaml index 581e4423f5..235ad48fe2 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -29,6 +29,7 @@ images: test: docker.io/kolla/ubuntu-source-rally:4.0.0 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-cinder-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -130,6 +131,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -410,6 +418,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -652,6 +664,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/doc/source/devref/images.rst b/doc/source/devref/images.rst index db55683f89..55ea08cd3c 100644 --- a/doc/source/devref/images.rst +++ b/doc/source/devref/images.rst @@ -39,6 +39,8 @@ defined by the service itself: for the OpenStack service. - db\_sync: The image that will perform database sync (schema initialization and migration) for the OpenStack service. +- db\_drop: The image that will perform database deletion operations + for the OpenStack service. - ks\_user: The image that will perform keystone user creation for the service. - ks\_service: The image that will perform keystone service @@ -54,16 +56,18 @@ chart: :: images: - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.1 - db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - db_sync: docker.io/kolla/ubuntu-source-heat-api:3.0.1 - ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - ks_endpoints: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - api: docker.io/kolla/ubuntu-source-heat-api:3.0.1 - cfn: docker.io/kolla/ubuntu-source-heat-api:3.0.1 - cloudwatch: docker.io/kolla/ubuntu-source-heat-api:3.0.1 - engine: docker.io/kolla/ubuntu-source-heat-engine:3.0.1 + bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + db_sync: docker.io/kolla/ubuntu-source-heat-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + api: docker.io/kolla/ubuntu-source-heat-api:3.0.3 + cfn: docker.io/kolla/ubuntu-source-heat-api:3.0.3 + cloudwatch: docker.io/kolla/ubuntu-source-heat-api:3.0.3 + engine: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 + dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 pull_policy: "IfNotPresent" The OpenStack-Helm project today uses a mix of Docker images from diff --git a/doc/source/install/developer/all-in-one.rst b/doc/source/install/developer/all-in-one.rst index e6acc3fa00..c42ddb8d1d 100644 --- a/doc/source/install/developer/all-in-one.rst +++ b/doc/source/install/developer/all-in-one.rst @@ -252,3 +252,25 @@ insight into the services' deployment status. Once the pods all register as Ready, the OpenStack services should be ready to receive requests. + +Removing Helm Charts +======================= + +To delete an installed helm chart, use the following command: + +.. code-block:: shell + + helm delete ${RELEASE_NAME} --purge + +This will delete all Kubernetes resources generated when the chart was +instantiated. However for Openstack charts, by default, this will not delete +the database and database users that were created when the chart was installed. +All OpenStack projects can be configured such that upon deletion, their database +will also be removed. To delete the database when the chart is deleted the database +drop job must be enabled before installing the chart. There are two ways to enable +the job, set the job_db_drop value to true in the chart's values.yaml file, or override +the value using the helm install command as follows: + +.. code-block:: shell + + helm install ${RELEASE_NAME} --set manifests.job_db_drop=true diff --git a/doc/source/install/multinode.rst b/doc/source/install/multinode.rst index 3ca1284558..686b65119f 100644 --- a/doc/source/install/multinode.rst +++ b/doc/source/install/multinode.rst @@ -321,7 +321,10 @@ in the ``openstack-helm`` directory: helm delete --purge keystone -Please ensure that you use ``--purge`` whenever deleting a project. +Please ensure that you use ``--purge`` whenever deleting a project. Please note that by default +this will not delete the database associated with the project. To enable the deletion of the +associated database when the chart is deleted the manifests.job_db_drop value should be set +to true when the chart is installed. Ceph Installation and Verification ---------------------------------- diff --git a/glance/templates/configmap-bin.yaml b/glance/templates/configmap-bin.yaml index 275a8d7afc..f59b0b08b0 100644 --- a/glance/templates/configmap-bin.yaml +++ b/glance/templates/configmap-bin.yaml @@ -31,6 +31,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/glance/templates/job-db-drop.yaml b/glance/templates/job-db-drop.yaml new file mode 100644 index 0000000000..6d1d727769 --- /dev/null +++ b/glance/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: glance-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "glance" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: glance-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/glance/glance-api.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: glance-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcglance + mountPath: /etc/glance + - name: glance-etc + mountPath: /etc/glance/glance-api.conf + subPath: glance-api.conf + readOnly: true + volumes: + - name: etcglance + emptyDir: {} + - name: glance-etc + configMap: + name: glance-etc + defaultMode: 0444 + - name: glance-bin + configMap: + name: glance-bin + defaultMode: 0555 +{{- end }} diff --git a/glance/values.yaml b/glance/values.yaml index cee108e625..8075c4dee4 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -31,6 +31,7 @@ images: storage_init: quay.io/attcomdev/ceph-daemon:tag-build-master-jewel-ubuntu-16.04 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-glance-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -269,6 +270,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal bootstrap: jobs: - glance-storage-init @@ -545,6 +550,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_user: requests: memory: "128Mi" @@ -592,6 +604,7 @@ manifests: job_clean: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/heat/templates/configmap-bin.yaml b/heat/templates/configmap-bin.yaml index a913b23ed2..7b34f80be3 100644 --- a/heat/templates/configmap-bin.yaml +++ b/heat/templates/configmap-bin.yaml @@ -30,6 +30,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/heat/templates/job-db-drop.yaml b/heat/templates/job-db-drop.yaml new file mode 100644 index 0000000000..2cb7703ea9 --- /dev/null +++ b/heat/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: heat-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "heat" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: heat-db-drop + image: {{ .Values.images.db_drop | quote }} + imagePullPolicy: {{ .Values.images.pull_policy | quote }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/heat/heat.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: heat-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcheat + mountPath: /etc/heat + - name: heat-etc + mountPath: /etc/heat/heat.conf + subPath: heat.conf + readOnly: true + volumes: + - name: etcheat + emptyDir: {} + - name: heat-etc + configMap: + name: heat-etc + defaultMode: 0444 + - name: heat-bin + configMap: + name: heat-bin + defaultMode: 0555 +{{- end }} diff --git a/heat/values.yaml b/heat/values.yaml index 6eccf2955c..ebc32cfe2b 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -27,6 +27,7 @@ images: bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-heat-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -249,6 +250,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -570,6 +575,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -618,6 +630,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/helm-toolkit/templates/scripts/_db-drop.py.tpl b/helm-toolkit/templates/scripts/_db-drop.py.tpl new file mode 100644 index 0000000000..2f661bccf0 --- /dev/null +++ b/helm-toolkit/templates/scripts/_db-drop.py.tpl @@ -0,0 +1,132 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- define "helm-toolkit.scripts.db_drop" }} +#!/usr/bin/env python + +# Drops db and user for an OpenStack Service: +# Set ROOT_DB_CONNECTION and DB_CONNECTION environment variables to contain +# SQLAlchemy strings for the root connection to the database and the one you +# wish the service to use. Alternatively, you can use an ini formatted config +# at the location specified by OPENSTACK_CONFIG_FILE, and extract the string +# from the key OPENSTACK_CONFIG_DB_KEY, in the section specified by +# OPENSTACK_CONFIG_DB_SECTION. + +import os +import sys +import ConfigParser +import logging +from sqlalchemy import create_engine + +# Create logger, console handler and formatter +logger = logging.getLogger('OpenStack-Helm DB Drop') +logger.setLevel(logging.DEBUG) +ch = logging.StreamHandler() +ch.setLevel(logging.DEBUG) +formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s') + +# Set the formatter and add the handler +ch.setFormatter(formatter) +logger.addHandler(ch) + + +# Get the connection string for the service db root user +if "ROOT_DB_CONNECTION" in os.environ: + db_connection = os.environ['ROOT_DB_CONNECTION'] + logger.info('Got DB root connection') +else: + logger.critical('environment variable ROOT_DB_CONNECTION not set') + sys.exit(1) + +# Get the connection string for the service db +if "OPENSTACK_CONFIG_FILE" in os.environ: + os_conf = os.environ['OPENSTACK_CONFIG_FILE'] + if "OPENSTACK_CONFIG_DB_SECTION" in os.environ: + os_conf_section = os.environ['OPENSTACK_CONFIG_DB_SECTION'] + else: + logger.critical('environment variable OPENSTACK_CONFIG_DB_SECTION not set') + sys.exit(1) + if "OPENSTACK_CONFIG_DB_KEY" in os.environ: + os_conf_key = os.environ['OPENSTACK_CONFIG_DB_KEY'] + else: + logger.critical('environment variable OPENSTACK_CONFIG_DB_KEY not set') + sys.exit(1) + try: + config = ConfigParser.RawConfigParser() + logger.info("Using {0} as db config source".format(os_conf)) + config.read(os_conf) + logger.info("Trying to load db config from {0}:{1}".format( + os_conf_section, os_conf_key)) + user_db_conn = config.get(os_conf_section, os_conf_key) + logger.info("Got config from {0}".format(os_conf)) + except: + logger.critical("Tried to load config from {0} but failed.".format(os_conf)) + raise +elif "DB_CONNECTION" in os.environ: + user_db_conn = os.environ['DB_CONNECTION'] + logger.info('Got config from DB_CONNECTION env var') +else: + logger.critical('Could not get db config, either from config file or env var') + sys.exit(1) + +# Root DB engine +try: + root_engine_full = create_engine(db_connection) + root_user = root_engine_full.url.username + root_password = root_engine_full.url.password + drivername = root_engine_full.url.drivername + host = root_engine_full.url.host + port = root_engine_full.url.port + root_engine_url = ''.join([drivername, '://', root_user, ':', root_password, '@', host, ':', str (port)]) + root_engine = create_engine(root_engine_url) + connection = root_engine.connect() + connection.close() + logger.info("Tested connection to DB @ {0}:{1} as {2}".format( + host, port, root_user)) +except: + logger.critical('Could not connect to database as root user') + raise + +# User DB engine +try: + user_engine = create_engine(user_db_conn) + # Get our user data out of the user_engine + database = user_engine.url.database + user = user_engine.url.username + password = user_engine.url.password + logger.info('Got user db config') +except: + logger.critical('Could not get user database config') + raise + +# Delete DB +try: + root_engine.execute("DROP DATABASE IF EXISTS {0}".format(database)) + logger.info("Deleted database {0}".format(database)) +except: + logger.critical("Could not drop database {0}".format(database)) + raise + +# Delete DB User +try: + root_engine.execute("DROP USER IF EXISTS {0}".format(user)) + logger.info("Deleted user {0}".format(user)) +except: + logger.critical("Could not delete user {0}".format(user)) + raise + +logger.info('Finished DB Management') +{{- end }} diff --git a/horizon/templates/configmap-bin.yaml b/horizon/templates/configmap-bin.yaml index 4289c51212..113bbff0c6 100644 --- a/horizon/templates/configmap-bin.yaml +++ b/horizon/templates/configmap-bin.yaml @@ -26,6 +26,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} horizon.sh: | {{ tuple "bin/_horizon.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} manage.py: | diff --git a/horizon/templates/job-db-drop.yaml b/horizon/templates/job-db-drop.yaml new file mode 100644 index 0000000000..c472c432c2 --- /dev/null +++ b/horizon/templates/job-db-drop.yaml @@ -0,0 +1,72 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} + +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +{{- $mounts_horizon_db_init := .Values.pod.mounts.horizon_db_init.horizon_db_init }} +{{- $mounts_horizon_db_init_init := .Values.pod.mounts.horizon_db_init.init_container }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: horizon-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "horizon" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: horizon-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.user }} + key: DB_CONNECTION + command: + - /tmp/db-drop.py + volumeMounts: + - name: horizon-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true +{{ if $mounts_horizon_db_init.volumeMounts }}{{ toYaml $mounts_horizon_db_init.volumeMounts | indent 10 }}{{ end }} + volumes: + - name: horizon-bin + configMap: + name: horizon-bin + defaultMode: 0555 +{{ if $mounts_horizon_db_init.volumes }}{{ toYaml $mounts_horizon_db_init.volumes | indent 6 }}{{ end }} +{{- end }} diff --git a/horizon/values.yaml b/horizon/values.yaml index 295d000bdd..ff484e1c15 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -20,6 +20,7 @@ images: db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-horizon:4.0.0 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 horizon: docker.io/kolla/ubuntu-source-horizon:4.0.0 dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 pull_policy: "IfNotPresent" @@ -1133,6 +1134,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal pod: affinity: @@ -1191,6 +1196,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" # Names of secrets used by bootstrap and environmental checks secrets: @@ -1266,6 +1278,7 @@ manifests: ingress_api: true job_db_init: true job_db_sync: true + job_db_drop: false pdb: true secret_db: true service_ingress: true diff --git a/keystone/templates/configmap-bin.yaml b/keystone/templates/configmap-bin.yaml index 52efbc7cff..e3abde5213 100644 --- a/keystone/templates/configmap-bin.yaml +++ b/keystone/templates/configmap-bin.yaml @@ -33,6 +33,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} keystone-api.sh: | {{ tuple "bin/_keystone-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} fernet-manage.py: | diff --git a/keystone/templates/job-db-drop.yaml b/keystone/templates/job-db-drop.yaml new file mode 100644 index 0000000000..fdb4c5733c --- /dev/null +++ b/keystone/templates/job-db-drop.yaml @@ -0,0 +1,84 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +{{- $mounts_keystone_db_init := .Values.pod.mounts.keystone_db_init.keystone_db_init }} +{{- $mounts_keystone_db_init_init := .Values.pod.mounts.keystone_db_init.init_container }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: keystone-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "keystone" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: keystone-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/keystone/keystone.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: etckeystone + mountPath: /etc/keystone + - name: keystone-etc + mountPath: /etc/keystone/keystone.conf + subPath: keystone.conf + readOnly: true + - name: keystone-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true +{{ if $mounts_keystone_db_init.volumeMounts }}{{ toYaml $mounts_keystone_db_init.volumeMounts | indent 10 }}{{ end }} + volumes: + - name: etckeystone + emptyDir: {} + - name: keystone-etc + configMap: + name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: + name: keystone-bin + defaultMode: 0555 +{{ if $mounts_keystone_db_init.volumes }}{{ toYaml $mounts_keystone_db_init.volumes | indent 6 }}{{ end }} +{{- end }} diff --git a/keystone/values.yaml b/keystone/values.yaml index 003e6fe1e0..3508439c7d 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -28,6 +28,7 @@ images: test: docker.io/kolla/ubuntu-source-rally:4.0.0 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-keystone:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 fernet_setup: docker.io/kolla/ubuntu-source-keystone:3.0.3 fernet_rotate: docker.io/kolla/ubuntu-source-keystone:3.0.3 credential_setup: docker.io/kolla/ubuntu-source-keystone:3.0.3 @@ -85,6 +86,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal fernet_setup: fernet_rotate: jobs: @@ -184,6 +189,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" tests: requests: memory: "128Mi" @@ -588,6 +600,7 @@ manifests: job_credential_setup: true job_db_init: true job_db_sync: true + job_db_drop: false job_fernet_setup: true pdb_api: true pod_rally_test: true diff --git a/magnum/templates/configmap-bin.yaml b/magnum/templates/configmap-bin.yaml index 14eddff0a9..a3f7985866 100644 --- a/magnum/templates/configmap-bin.yaml +++ b/magnum/templates/configmap-bin.yaml @@ -30,6 +30,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/magnum/templates/job-db-drop.yaml b/magnum/templates/job-db-drop.yaml new file mode 100644 index 0000000000..e9afd1f065 --- /dev/null +++ b/magnum/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: magnum-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "magnum" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: magnum-db-drop + image: {{ .Values.images.db_drop | quote }} + imagePullPolicy: {{ .Values.images.pull_policy | quote }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/magnum/magnum.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: magnum-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcmagnum + mountPath: /etc/magnum + - name: magnum-etc + mountPath: /etc/magnum/magnum.conf + subPath: magnum.conf + readOnly: true + volumes: + - name: etcmagnum + emptyDir: {} + - name: magnum-etc + configMap: + name: magnum-etc + defaultMode: 0444 + - name: magnum-bin + configMap: + name: magnum-bin + defaultMode: 0555 +{{- end }} diff --git a/magnum/values.yaml b/magnum/values.yaml index ad4883de76..e34f0f68d2 100644 --- a/magnum/values.yaml +++ b/magnum/values.yaml @@ -27,6 +27,7 @@ images: bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-magnum-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -133,6 +134,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -347,6 +352,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -384,6 +396,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/mistral/templates/configmap-bin.yaml b/mistral/templates/configmap-bin.yaml index d853e9f61c..64a767e516 100644 --- a/mistral/templates/configmap-bin.yaml +++ b/mistral/templates/configmap-bin.yaml @@ -30,6 +30,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: |+ {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/mistral/templates/job-db-drop.yaml b/mistral/templates/job-db-drop.yaml new file mode 100644 index 0000000000..1fd6569b88 --- /dev/null +++ b/mistral/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: mistral-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "mistral" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: mistral-db-drop + image: {{ .Values.images.db_drop | quote }} + imagePullPolicy: {{ .Values.images.pull_policy | quote }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/mistral/mistral.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: mistral-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: pod-etc-mistral + mountPath: /etc/mistral + - name: mistral-etc + mountPath: /etc/mistral/mistral.conf + subPath: mistral.conf + readOnly: true + volumes: + - name: mistral-bin + configMap: + name: mistral-bin + defaultMode: 0555 + - name: pod-etc-mistral + emptyDir: {} + - name: mistral-etc + configMap: + name: mistral-etc + defaultMode: 0444 +{{- end }} diff --git a/mistral/values.yaml b/mistral/values.yaml index 51ac67bd7e..e76e977025 100644 --- a/mistral/values.yaml +++ b/mistral/values.yaml @@ -28,6 +28,7 @@ images: dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-mistral-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -61,6 +62,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -385,6 +390,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -423,6 +435,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml index 397c1052d9..777e23a5c8 100644 --- a/neutron/templates/configmap-bin.yaml +++ b/neutron/templates/configmap-bin.yaml @@ -33,6 +33,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: |+ {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/neutron/templates/job-db-drop.yaml b/neutron/templates/job-db-drop.yaml new file mode 100644 index 0000000000..c13ef0f755 --- /dev/null +++ b/neutron/templates/job-db-drop.yaml @@ -0,0 +1,81 @@ + +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: neutron-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "neutron" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: neutron-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/neutron/neutron.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: neutron-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcneutron + mountPath: /etc/neutron + - name: neutron-etc + mountPath: /etc/neutron/neutron.conf + subPath: neutron.conf + readOnly: true + volumes: + - name: etcneutron + emptyDir: {} + - name: neutron-etc + configMap: + name: neutron-etc + defaultMode: 0444 + - name: neutron-bin + configMap: + name: neutron-bin + defaultMode: 0555 +{{- end }} diff --git a/neutron/values.yaml b/neutron/values.yaml index c519a01d53..49aef4be36 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -24,6 +24,7 @@ images: test: docker.io/kolla/ubuntu-source-rally:4.0.0 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-neutron-server:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -106,6 +107,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -335,6 +340,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -881,6 +893,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index bc19de69be..73b4f57e46 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -29,6 +29,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: |+ {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/nova/templates/job-db-drop.yaml b/nova/templates/job-db-drop.yaml new file mode 100644 index 0000000000..87ed03f838 --- /dev/null +++ b/nova/templates/job-db-drop.yaml @@ -0,0 +1,109 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: nova-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "nova" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: nova-db-drop + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/nova/nova.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: nova-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcnova + mountPath: /etc/nova + - name: nova-etc + mountPath: /etc/nova/nova.conf + subPath: nova.conf + readOnly: true + - name: nova-db-drop-api + image: {{ .Values.images.db_drop }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/nova/nova.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: api_database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: nova-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcnova + mountPath: /etc/nova + - name: nova-etc + mountPath: /etc/nova/nova.conf + subPath: nova.conf + readOnly: true + volumes: + - name: etcnova + emptyDir: {} + - name: nova-etc + configMap: + name: nova-etc + defaultMode: 0444 + - name: nova-bin + configMap: + name: nova-bin + defaultMode: 0555 +{{- end }} diff --git a/nova/values.yaml b/nova/values.yaml index 003d86e134..bf957506ae 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -50,6 +50,7 @@ images: test: docker.io/kolla/ubuntu-source-rally:4.0.0 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-nova-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -159,6 +160,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal bootstrap: services: - service: identity @@ -990,6 +995,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -1034,6 +1046,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/senlin/templates/configmap-bin.yaml b/senlin/templates/configmap-bin.yaml index 9a202dc46c..2aff8efa3a 100644 --- a/senlin/templates/configmap-bin.yaml +++ b/senlin/templates/configmap-bin.yaml @@ -30,6 +30,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + db-drop.py: |+ +{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/senlin/templates/job-db-drop.yaml b/senlin/templates/job-db-drop.yaml new file mode 100644 index 0000000000..fdf0d03451 --- /dev/null +++ b/senlin/templates/job-db-drop.yaml @@ -0,0 +1,80 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.job_db_drop }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.db_drop }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: senlin-db-drop-{{ randAlphaNum 5 | lower }} + annotations: + "helm.sh/hook": pre-delete + "helm.sh/hook-delete-policy": hook-succeeded +spec: + template: + metadata: + labels: +{{ tuple $envAll "senlin" "db-drop" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + spec: + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }} + initContainers: +{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: senlin-db-drop + image: {{ .Values.images.db_drop | quote }} + imagePullPolicy: {{ .Values.images.pull_policy | quote }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_drop | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + env: + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: {{ .Values.secrets.oslo_db.admin }} + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/senlin/senlin.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection + command: + - /tmp/db-drop.py + volumeMounts: + - name: senlin-bin + mountPath: /tmp/db-drop.py + subPath: db-drop.py + readOnly: true + - name: etcsenlin + mountPath: /etc/senlin + - name: senlin-etc + mountPath: /etc/senlin/senlin.conf + subPath: senlin.conf + readOnly: true + volumes: + - name: etcsenlin + emptyDir: {} + - name: senlin-etc + configMap: + name: senlin-etc + defaultMode: 0444 + - name: senlin-bin + configMap: + name: senlin-bin + defaultMode: 0555 +{{- end }} diff --git a/senlin/values.yaml b/senlin/values.yaml index 680deabdf8..662e6755ad 100644 --- a/senlin/values.yaml +++ b/senlin/values.yaml @@ -27,6 +27,7 @@ images: bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 db_sync: docker.io/kolla/ubuntu-source-senlin-api:3.0.3 + db_drop: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 @@ -146,6 +147,10 @@ dependencies: services: - service: oslo_db endpoint: internal + db_drop: + services: + - service: oslo_db + endpoint: internal ks_user: services: - service: identity @@ -360,6 +365,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + db_drop: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" ks_endpoints: requests: memory: "128Mi" @@ -397,6 +409,7 @@ manifests: job_bootstrap: true job_db_init: true job_db_sync: true + job_db_drop: false job_ks_endpoints: true job_ks_service: true job_ks_user: true