diff --git a/barbican/templates/configmap-etc.yaml b/barbican/templates/configmap-etc.yaml
index 91cd192d66..1468de7cee 100644
--- a/barbican/templates/configmap-etc.yaml
+++ b/barbican/templates/configmap-etc.yaml
@@ -21,7 +21,7 @@
{{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.barbican.database.oslo.db.connection -}}
@@ -32,6 +32,10 @@
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- end -}}
+{{- if empty .Values.conf.barbican.default.barbican.common.config.host_href -}}
+{{- tuple "key-manager" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.barbican.default.barbican.common.config "host_href" | quote | trunc 0 -}}
+{{- end -}}
+
apiVersion: v1
kind: ConfigMap
metadata:
diff --git a/barbican/templates/ingress-api.yaml b/barbican/templates/ingress-api.yaml
new file mode 100644
index 0000000000..c3e2f69b52
--- /dev/null
+++ b/barbican/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: b-api
+ - host: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: b-api
+{{- end }}
diff --git a/barbican/templates/service-api.yaml b/barbican/templates/service-api.yaml
index eb09847b68..19186b4d24 100644
--- a/barbican/templates/service-api.yaml
+++ b/barbican/templates/service-api.yaml
@@ -13,10 +13,10 @@
apiVersion: v1
kind: Service
metadata:
- name: barbican-api
+ name: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - name: barbican-api
+ - name: b-api
port: {{ .Values.conf.barbican.barbican_api.barbican.config.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: .Values.network.api.node_port.port
diff --git a/barbican/templates/service-ingress-api.yaml b/barbican/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..94d3334d58
--- /dev/null
+++ b/barbican/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/barbican/values.yaml b/barbican/values.yaml
index bc7975da1b..2f707379f9 100644
--- a/barbican/values.yaml
+++ b/barbican/values.yaml
@@ -39,8 +39,8 @@ pod_disruption_budget:
network:
api:
- name: "barbican-api"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 39486
@@ -135,19 +135,29 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: http
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
key-manager:
name: barbican
hosts:
default: barbican-api
- path: /v1
- scheme: http
+ public: barbican
+ path:
+ default: /v1
+ scheme:
+ default: http
port:
- api: 9311
+ api:
+ default: 9311
+ public: 80
oslo_db:
auth:
admin:
@@ -161,7 +171,8 @@ endpoints:
path: /barbican
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -175,12 +186,14 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
resources:
enabled: false
diff --git a/ceph/templates/configmap-etc.yaml b/ceph/templates/configmap-etc.yaml
index 3a1203562a..e7152c4428 100644
--- a/ceph/templates/configmap-etc.yaml
+++ b/ceph/templates/configmap-etc.yaml
@@ -13,7 +13,7 @@
# limitations under the License.
{{- if empty .Values.conf.ceph.config.global.mon_host -}}
-{{- $monHost := tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }}
+{{- $monHost := tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $monHostDomain := default .Release.Namespace .Values.ceph.namespace }}
{{- $monHostURI := cat $monHost "." $monHostDomain | nospace -}}
{{- $monHostURI | set .Values.conf.ceph.config.global "mon_host" | quote | trunc 0 -}}
diff --git a/ceph/templates/statefulset-mon.yaml b/ceph/templates/statefulset-mon.yaml
index 0f1ca1e169..33e7151fe9 100644
--- a/ceph/templates/statefulset-mon.yaml
+++ b/ceph/templates/statefulset-mon.yaml
@@ -24,7 +24,7 @@ metadata:
daemon: mon
name: ceph-mon
spec:
- serviceName: {{ tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }}
+ serviceName: {{ tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
replicas: {{ .Values.replicas.mon }}
template:
metadata:
diff --git a/ceph/templates/storage.yaml b/ceph/templates/storage.yaml
index e75fd35df6..db0cd9e4fb 100644
--- a/ceph/templates/storage.yaml
+++ b/ceph/templates/storage.yaml
@@ -20,7 +20,7 @@ metadata:
name: {{ .Values.storageclass.name }}
provisioner: kubernetes.io/rbd
parameters:
- monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }}
+ monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
adminId: {{ .Values.storageclass.admin_id }}
adminSecretName: {{ .Values.storageclass.admin_secret_name }}
adminSecretNamespace: {{ .Values.storageclass.admin_secret_namespace }}
diff --git a/ceph/values.yaml b/ceph/values.yaml
index ebfd7160d4..32dbccb27a 100644
--- a/ceph/values.yaml
+++ b/ceph/values.yaml
@@ -221,4 +221,5 @@ endpoints:
hosts:
default: ceph-mon
port:
- mon: 6789
+ mon:
+ default: 6789
diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml
index f817c45bae..a646838d43 100644
--- a/cinder/templates/configmap-etc.yaml
+++ b/cinder/templates/configmap-etc.yaml
@@ -24,7 +24,7 @@
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.cinder.database.oslo.db.connection -}}
diff --git a/cinder/templates/ingress-api.yaml b/cinder/templates/ingress-api.yaml
new file mode 100644
index 0000000000..40f7c7bee3
--- /dev/null
+++ b/cinder/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: c-api
+ - host: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: c-api
+{{- end }}
diff --git a/cinder/templates/service-api.yaml b/cinder/templates/service-api.yaml
index 6254ca296e..0fb56d3e69 100644
--- a/cinder/templates/service-api.yaml
+++ b/cinder/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: cinder-api
+ name: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
+ - name: c-api
+ port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/cinder/templates/service-ingress-api.yaml b/cinder/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..927371d331
--- /dev/null
+++ b/cinder/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/cinder/values.yaml b/cinder/values.yaml
index 433cea4be7..0493000f6b 100644
--- a/cinder/values.yaml
+++ b/cinder/values.yaml
@@ -77,7 +77,8 @@ keystone:
network:
api:
- name: "cinder-api"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30877
@@ -233,44 +234,81 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
image:
name: glance
hosts:
default: glance-api
- path: null
- scheme: 'http'
+ public: glance
+ path:
+ default: null
+ scheme:
+ default: http
port:
- api: 9292
- registry: 9191
+ api:
+ default: 9292
+ public: 80
+ image_registry:
+ name: glance-registry
+ hosts:
+ default: glance-registry
+ public: glance-reg
+ path:
+ default: null
+ scheme:
+ default: 'http'
+ port:
+ api:
+ default: 9191
+ public: 80
volume:
name: cinder
hosts:
default: cinder-api
- path: '/v1/%(tenant_id)s'
- scheme: 'http'
+ public: cinder
+ path:
+ default: '/v1/%(tenant_id)s'
+ scheme:
+ default: 'http'
port:
- api: 8776
+ api:
+ default: 8776
+ public: 80
volumev2:
name: cinder
hosts:
default: cinder-api
- path: '/v2/%(tenant_id)s'
- scheme: 'http'
+ public: cinder
+ path:
+ default: '/v2/%(tenant_id)s'
+ scheme:
+ default: 'http'
port:
- api: 8776
+ api:
+ default: 8776
+ public: 80
volumev3:
name: cinder
hosts:
default: cinder-api
- path: '/v3/%(tenant_id)s'
- scheme: 'http'
+ public: cinder
+ path:
+ default: '/v3/%(tenant_id)s'
+ scheme:
+ default: 'http'
port:
- api: 8776
+ api:
+ default: 8776
+ public: 80
oslo_db:
auth:
admin:
@@ -284,7 +322,8 @@ endpoints:
path: /cinder
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -298,12 +337,14 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
resources:
enabled: false
diff --git a/doc/source/install/all-in-one.rst b/doc/source/install/all-in-one.rst
index 690efd3218..147083ef6a 100644
--- a/doc/source/install/all-in-one.rst
+++ b/doc/source/install/all-in-one.rst
@@ -138,6 +138,7 @@ The below snippet will install the given chart name from the local repository us
helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack
+ helm install --name=ingress local/ingress --namespace=openstack
helm install --name=keystone local/keystone --namespace=openstack
diff --git a/doc/source/install/multinode.rst b/doc/source/install/multinode.rst
index 28ee45511c..033a4e0cc8 100644
--- a/doc/source/install/multinode.rst
+++ b/doc/source/install/multinode.rst
@@ -413,13 +413,14 @@ Installation of Other Services
Now you can easily install the other services simply by going in order:
-**Install Memcached/Etcd/RabbitMQ:**
+**Install Memcached/Etcd/RabbitMQ/Ingress:**
::
helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack
+ helm install --name=ingress local/ingress --namespace=openstack
**Install Keystone:**
diff --git a/glance/templates/bin/_bootstrap.sh.tpl b/glance/templates/bin/_bootstrap.sh.tpl
index 9f7c96b279..1ac0a21c2a 100644
--- a/glance/templates/bin/_bootstrap.sh.tpl
+++ b/glance/templates/bin/_bootstrap.sh.tpl
@@ -16,7 +16,6 @@
set -ex
export HOME=/tmp
-
{{ if .Values.bootstrap.enabled }}
cd /tmp/images
diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml
index 13655b773a..c751b64f66 100644
--- a/glance/templates/configmap-etc.yaml
+++ b/glance/templates/configmap-etc.yaml
@@ -30,10 +30,10 @@
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.database.oslo.db.connection -}}
@@ -51,17 +51,21 @@
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_host -}}
-{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }}
+{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._0 | set .Values.conf.glance.default.glance.api "registry_host" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_port -}}
-{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }}
+{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._1 | set .Values.conf.glance.default.glance.api "registry_port" | quote | trunc 0 -}}
{{- end -}}
+{{- if empty .Values.conf.glance.default.glance.api.public_endpoint -}}
+{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.default.glance.api "public_endpoint" | quote | trunc 0 -}}
+{{- end -}}
+
apiVersion: v1
kind: ConfigMap
metadata:
diff --git a/glance/templates/ingress-api.yaml b/glance/templates/ingress-api.yaml
new file mode 100644
index 0000000000..57855a87ef
--- /dev/null
+++ b/glance/templates/ingress-api.yaml
@@ -0,0 +1,40 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+ ingress.kubernetes.io/proxy-body-size: {{ .Values.network.api.ingress.proxy_body_size }}
+spec:
+ rules:
+ - host: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: g-api
+ - host: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: g-api
+{{- end }}
diff --git a/glance/templates/ingress-registry.yaml b/glance/templates/ingress-registry.yaml
new file mode 100644
index 0000000000..f0a88f5fe4
--- /dev/null
+++ b/glance/templates/ingress-registry.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.registry.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: g-reg
+ - host: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: g-reg
+{{- end }}
diff --git a/glance/templates/service-api.yaml b/glance/templates/service-api.yaml
index 1e1250fcec..8e0813092f 100644
--- a/glance/templates/service-api.yaml
+++ b/glance/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: glance-api
+ name: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.glance.default.glance.api.bind_port }}
+ - name: g-api
+ port: {{ .Values.conf.glance.default.glance.api.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: .Values.network.api.node_port.port
{{ end }}
diff --git a/glance/templates/service-ingress-api.yaml b/glance/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..6adec249fd
--- /dev/null
+++ b/glance/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/glance/templates/service-ingress-registry.yaml b/glance/templates/service-ingress-registry.yaml
new file mode 100644
index 0000000000..c4a4dfea44
--- /dev/null
+++ b/glance/templates/service-ingress-registry.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.registry.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/glance/templates/service-registry.yaml b/glance/templates/service-registry.yaml
index 750ed48183..0e93cb3694 100644
--- a/glance/templates/service-registry.yaml
+++ b/glance/templates/service-registry.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: glance-registry
+ name: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
+ - name: g-reg
+ port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
{{ if .Values.network.registry.node_port.enabled }}
nodePort: {{ .Values.network.registry.node_port.port }}
{{ end }}
diff --git a/glance/values.yaml b/glance/values.yaml
index 1e45fe850c..c33e1db1a1 100644
--- a/glance/values.yaml
+++ b/glance/values.yaml
@@ -111,6 +111,9 @@ conf:
override:
append:
default:
+ oslo:
+ log:
+ debug: true
glance:
api:
bind_port: 9292
@@ -159,12 +162,15 @@ conf:
network:
api:
- name: "glance-api"
+ ingress:
+ public: true
+ proxy_body_size: 1024M
node_port:
enabled: false
port: 30092
registry:
- name: "glance-registry"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30091
@@ -300,27 +306,42 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
image:
name: glance
hosts:
default: glance-api
- path: null
- scheme: 'http'
+ public: glance
+ path:
+ default: null
+ scheme:
+ default: http
port:
- api: 9292
+ api:
+ default: 9292
+ public: 80
image_registry:
name: glance-registry
hosts:
default: glance-registry
- path: null
- scheme: 'http'
+ public: glance-reg
+ path:
+ default: null
+ scheme:
+ default: 'http'
port:
- api: 9191
+ api:
+ default: 9191
+ public: 80
oslo_db:
auth:
admin:
@@ -334,12 +355,14 @@ endpoints:
path: /glance
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
oslo_messaging:
auth:
admin:
@@ -353,7 +376,8 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
mounts:
glance_api:
diff --git a/heat/templates/configmap-etc.yaml b/heat/templates/configmap-etc.yaml
index 1e7fb1dd37..5097230d42 100644
--- a/heat/templates/configmap-etc.yaml
+++ b/heat/templates/configmap-etc.yaml
@@ -24,7 +24,7 @@
{{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.database.oslo.db.connection -}}
@@ -36,7 +36,7 @@
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
-{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
+{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
@@ -48,11 +48,11 @@
{{- end -}}
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
-{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
+{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}}
-{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
+{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1
diff --git a/heat/templates/ingress-api.yaml b/heat/templates/ingress-api.yaml
new file mode 100644
index 0000000000..fdc1983af5
--- /dev/null
+++ b/heat/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-api
+ - host: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-api
+{{- end }}
diff --git a/heat/templates/ingress-cfn.yaml b/heat/templates/ingress-cfn.yaml
new file mode 100644
index 0000000000..b23f847d00
--- /dev/null
+++ b/heat/templates/ingress-cfn.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.cfn.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-cfn
+ - host: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-cfn
+{{- end }}
diff --git a/heat/templates/ingress-cloudwatch.yaml b/heat/templates/ingress-cloudwatch.yaml
new file mode 100644
index 0000000000..c5680ec352
--- /dev/null
+++ b/heat/templates/ingress-cloudwatch.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.cloudwatch.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-cwh
+ - host: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: h-cwh
+{{- end }}
diff --git a/heat/templates/service-api.yaml b/heat/templates/service-api.yaml
index d8b6c48a1c..a5b6c9f6e0 100644
--- a/heat/templates/service-api.yaml
+++ b/heat/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: heat-api
+ name: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
+ - name: h-api
+ port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/heat/templates/service-cfn.yaml b/heat/templates/service-cfn.yaml
index e9d547865e..89268b6d17 100644
--- a/heat/templates/service-cfn.yaml
+++ b/heat/templates/service-cfn.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: heat-cfn
+ name: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
+ - name: h-cfn
+ port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
{{ if .Values.network.cfn.node_port.enabled }}
nodePort: {{ .Values.network.cfn.node_port.port }}
{{ end }}
diff --git a/heat/templates/service-cloudwatch.yaml b/heat/templates/service-cloudwatch.yaml
index a575ca91fe..04f42dcc5b 100644
--- a/heat/templates/service-cloudwatch.yaml
+++ b/heat/templates/service-cloudwatch.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: heat-cloudwatch
+ name: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
+ - name: h-cwh
+ port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
{{ if .Values.network.cloudwatch.node_port.enabled }}
nodePort: {{ .Values.network.cloudwatch.node_port.port }}
{{ end }}
diff --git a/heat/templates/service-ingress-api.yaml b/heat/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..f46060d74d
--- /dev/null
+++ b/heat/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/heat/templates/service-ingress-cfn.yaml b/heat/templates/service-ingress-cfn.yaml
new file mode 100644
index 0000000000..881619ca02
--- /dev/null
+++ b/heat/templates/service-ingress-cfn.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.cfn.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/heat/templates/service-ingress-cloudwatch.yaml b/heat/templates/service-ingress-cloudwatch.yaml
new file mode 100644
index 0000000000..94a203752b
--- /dev/null
+++ b/heat/templates/service-ingress-cloudwatch.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.cloudwatch.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/heat/values.yaml b/heat/values.yaml
index f49109ba04..2a0e8eb122 100644
--- a/heat/values.yaml
+++ b/heat/values.yaml
@@ -165,20 +165,20 @@ conf:
network:
api:
- name: "heat-api"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30004
cfn:
- name: "heat-cfn"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30800
cloudwatch:
- name: "heat-cloudwatch"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30003
@@ -257,37 +257,57 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: 'http'
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
orchestration:
name: heat
hosts:
default: heat-api
- path: '/v1/%(project_id)s'
- scheme: 'http'
+ public: heat
+ path:
+ default: '/v1/%(project_id)s'
+ scheme:
+ default: 'http'
port:
- api: 8004
+ api:
+ default: 8004
+ public: 80
cloudformation:
name: heat-cfn
hosts:
default: heat-cfn
- path: /v1
- scheme: 'http'
+ public: cloudformation
+ path:
+ default: /v1
+ scheme:
+ default: 'http'
port:
- api: 8000
+ api:
+ default: 8000
+ public: 80
# Cloudwatch does not get an entry in the keystone service catalog
cloudwatch:
name: heat-cloudwatch
hosts:
default: heat-cloudwatch
- path: null
+ public: cloudwatch
+ path:
+ default: null
type: null
- scheme: 'http'
+ scheme:
+ default: 'http'
port:
- api: 8003
+ api:
+ default: 8003
+ public: 80
oslo_db:
auth:
admin:
@@ -301,12 +321,14 @@ endpoints:
path: /heat
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
oslo_messaging:
auth:
admin:
@@ -320,7 +342,8 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
resources:
enabled: false
diff --git a/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl b/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
index c2928682be..4f4a8f02c4 100644
--- a/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
+++ b/helm-toolkit/templates/endpoints/_authenticated_endpoint_uri_lookup.tpl
@@ -28,7 +28,7 @@
{{- $context := index . 4 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- $userMap := index $endpointMap.auth $userclass }}
-{{- $fqdn := $context.Release.Namespace -}}
+{{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
@@ -37,7 +37,8 @@
{{- $endpointUser := index $userMap "username" }}
{{- $endpointPass := index $userMap "password" }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
-{{- $endpointPort := index .port $port | default .port.default }}
+{{- $endpointPortMAP := index .port $port }}
+{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- $endpointPath := .path | default "" }}
{{- printf "%s://%s:%s@%s.%s:%1.f%s" $endpointScheme $endpointUser $endpointPass $endpointHost $fqdn $endpointPort $endpointPath -}}
{{- end -}}
diff --git a/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl b/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl
new file mode 100644
index 0000000000..37b6a91659
--- /dev/null
+++ b/helm-toolkit/templates/endpoints/_endpoint_port_lookup.tpl
@@ -0,0 +1,34 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This function returns hostnames from endpoint definitions for use cases
+# where the uri style return is not appropriate, and only the hostname
+# portion is used or relevant in the template:
+# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }
+# returns: internal_host:port
+#
+# Output that requires the port aspect striped could simply split the output based on ':'
+
+{{- define "helm-toolkit.endpoints.endpoint_port_lookup" -}}
+{{- $type := index . 0 -}}
+{{- $endpoint := index . 1 -}}
+{{- $port := index . 2 -}}
+{{- $context := index . 3 -}}
+{{- $endpointMap := index $context.Values.endpoints $type }}
+{{- with $endpointMap -}}
+{{- $endpointPortMAP := index .port $port }}
+{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
+{{- printf "%1.f" $endpointPort -}}
+{{- end -}}
+{{- end -}}
diff --git a/helm-toolkit/templates/endpoints/_hostname_endpoint_uri_lookup.tpl b/helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl
similarity index 80%
rename from helm-toolkit/templates/endpoints/_hostname_endpoint_uri_lookup.tpl
rename to helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl
index 1917a371a4..b4cd0448dc 100644
--- a/helm-toolkit/templates/endpoints/_hostname_endpoint_uri_lookup.tpl
+++ b/helm-toolkit/templates/endpoints/_host_and_port_endpoint_uri_lookup.tpl
@@ -15,25 +15,26 @@
# This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template:
-# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }
+# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }
# returns: internal_host:port
#
# Output that requires the port aspect striped could simply split the output based on ':'
-{{- define "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" -}}
+{{- define "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}}
{{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
-{{- $fqdn := $context.Release.Namespace -}}
+{{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
{{- with $endpointMap -}}
{{- $endpointScheme := .scheme }}
-{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
-{{- $endpointPort := index .port $port | default .port.default }}
+{{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
+{{- $endpointPortMAP := index .port $port }}
+{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- printf "%s.%s:%1.f" $endpointHost $fqdn $endpointPort -}}
{{- end -}}
{{- end -}}
diff --git a/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl b/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl
new file mode 100644
index 0000000000..9f0640ab65
--- /dev/null
+++ b/helm-toolkit/templates/endpoints/_hostname_fqdn_endpoint_lookup.tpl
@@ -0,0 +1,35 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This function returns hostnames from endpoint definitions for use cases
+# where the uri style return is not appropriate, and only the hostname
+# portion is used or relevant in the template:
+# { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }
+# returns: internal_host_fqdn
+
+{{- define "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" -}}
+{{- $type := index . 0 -}}
+{{- $endpoint := index . 1 -}}
+{{- $context := index . 2 -}}
+{{- $endpointMap := index $context.Values.endpoints $type }}
+{{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
+{{- if $context.Values.endpoints.fqdn -}}
+{{- $fqdn := $context.Values.endpoints.fqdn -}}
+{{- end -}}
+{{- with $endpointMap -}}
+{{- $endpointScheme := .scheme }}
+{{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
+{{- printf "%s.%s" $endpointHost $fqdn -}}
+{{- end -}}
+{{- end -}}
diff --git a/helm-toolkit/templates/endpoints/_hostname_endpoint_lookup.tpl b/helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl
similarity index 92%
rename from helm-toolkit/templates/endpoints/_hostname_endpoint_lookup.tpl
rename to helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl
index de813ab431..1eaaa9471e 100644
--- a/helm-toolkit/templates/endpoints/_hostname_endpoint_lookup.tpl
+++ b/helm-toolkit/templates/endpoints/_hostname_short_endpoint_lookup.tpl
@@ -15,11 +15,10 @@
# This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the short hostname or
# kubernetes servicename is used or relevant in the template:
-# { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }
+# { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }
# returns: the short internal hostname, which will also match the service name
-
-{{- define "helm-toolkit.endpoints.hostname_endpoint_lookup" -}}
+{{- define "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $context := index . 2 -}}
diff --git a/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl b/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl
index 7717ec841a..ff51995a79 100644
--- a/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl
+++ b/helm-toolkit/templates/endpoints/_keystone_endpoint_name_lookup.tpl
@@ -14,7 +14,7 @@
# This function is used in endpoint management templates
# it returns the service type for an openstack service eg:
-# { tuple orchestration . | include "ks_endpoint_type" }
+# { tuple orchestration . | include "keystone_endpoint_name_lookup" }
# will return "heat"
{{- define "helm-toolkit.endpoints.keystone_endpoint_name_lookup" -}}
diff --git a/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl b/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl
new file mode 100644
index 0000000000..f85cbeb5fc
--- /dev/null
+++ b/helm-toolkit/templates/endpoints/_keystone_endpoint_path_lookup.tpl
@@ -0,0 +1,30 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This function returns the path for a service, it takes an tuple
+# input in the form: service-type, endpoint-class, port-name. eg:
+# { tuple "orchestration" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }
+# will return the appropriate path.
+
+{{- define "helm-toolkit.endpoints.keystone_endpoint_path_lookup" -}}
+{{- $type := index . 0 -}}
+{{- $endpoint := index . 1 -}}
+{{- $port := index . 2 -}}
+{{- $context := index . 3 -}}
+{{- $endpointMap := index $context.Values.endpoints $type }}
+{{- with $endpointMap -}}
+{{- $endpointPath := index .path $endpoint | default .path.default | default "/" }}
+{{- printf "%s" $endpointPath -}}
+{{- end -}}
+{{- end -}}
diff --git a/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl b/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl
index 401894023b..1115b85179 100644
--- a/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl
+++ b/helm-toolkit/templates/endpoints/_keystone_endpoint_uri_lookup.tpl
@@ -23,15 +23,16 @@
{{- $port := index . 2 -}}
{{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
-{{- $fqdn := $context.Release.Namespace -}}
+{{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
{{- with $endpointMap -}}
-{{- $endpointScheme := .scheme }}
-{{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
-{{- $endpointPort := index .port $port }}
-{{- $endpointPath := .path | default "" }}
+{{- $endpointScheme := index .scheme $endpoint | default .scheme.default }}
+{{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
+{{- $endpointPortMAP := index .port $port }}
+{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
+{{- $endpointPath := index .path $endpoint | default .path.default | default "/" }}
{{- printf "%s://%s.%s:%1.f%s" $endpointScheme $endpointHost $fqdn $endpointPort $endpointPath -}}
{{- end -}}
{{- end -}}
diff --git a/helm-toolkit/templates/utils/_comma_joined_hostname_list.tpl b/helm-toolkit/templates/utils/_comma_joined_hostname_list.tpl
index f697d616c6..a9820571d8 100644
--- a/helm-toolkit/templates/utils/_comma_joined_hostname_list.tpl
+++ b/helm-toolkit/templates/utils/_comma_joined_hostname_list.tpl
@@ -15,5 +15,5 @@
{{- define "helm-toolkit.utils.comma_joined_hostname_list" -}}
{{- $deps := index . 0 -}}
{{- $envAll := index . 1 -}}
-{{- range $k, $v := $deps -}}{{- if $k -}},{{- end -}}{{ tuple $v.service $v.endpoint $envAll | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }}{{- end -}}
+{{- range $k, $v := $deps -}}{{- if $k -}},{{- end -}}{{ tuple $v.service $v.endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}{{- end -}}
{{- end -}}
diff --git a/horizon/templates/etc/_local_settings.tpl b/horizon/templates/etc/_local_settings.tpl
index 5f1d582f77..45b64ae6f5 100644
--- a/horizon/templates/etc/_local_settings.tpl
+++ b/horizon/templates/etc/_local_settings.tpl
@@ -144,7 +144,7 @@ SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
- 'LOCATION': '{{ .Values.memcached.host }}:{{ .Values.memcached.port }}'
+ 'LOCATION': '{{ tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}'
}
}
@@ -165,7 +165,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
#]
-OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}"
+OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
# Enables keystone web single-sign-on if set to True.
@@ -309,7 +309,7 @@ IMAGE_RESERVED_CUSTOM_PROPERTIES = []
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
# in the Keystone service catalog. Use this setting when Horizon is running
# external to the OpenStack environment. The default is 'publicURL'.
-OPENSTACK_ENDPOINT_TYPE = "internalURL"
+OPENSTACK_ENDPOINT_TYPE = "publicURL"
# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the
# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints
diff --git a/horizon/templates/ingress-api.yaml b/horizon/templates/ingress-api.yaml
new file mode 100644
index 0000000000..ff6792f73d
--- /dev/null
+++ b/horizon/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: http
+ - host: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: http
+{{- end }}
diff --git a/horizon/templates/service-ingress.yaml b/horizon/templates/service-ingress.yaml
new file mode 100644
index 0000000000..6535f45186
--- /dev/null
+++ b/horizon/templates/service-ingress.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/horizon/templates/service.yaml b/horizon/templates/service.yaml
index 7c849908f3..d50586eead 100644
--- a/horizon/templates/service.yaml
+++ b/horizon/templates/service.yaml
@@ -15,16 +15,18 @@
apiVersion: v1
kind: Service
metadata:
- name: horizon
+ name: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
{{ if .Values.network.enable_node_port }}
- - nodePort: {{ .Values.network.node_port }}
+ - name: http
+ nodePort: {{ .Values.network.node_port }}
port: {{ .Values.network.port }}
protocol: TCP
targetPort: {{ .Values.network.port }}
{{ else }}
- - port: {{ .Values.network.port }}
+ - name: http
+ port: {{ .Values.network.port }}
protocol: TCP
targetPort: {{ .Values.network.port }}
{{ end }}
diff --git a/horizon/values.yaml b/horizon/values.yaml
index d601919a47..d0ca2fb76b 100644
--- a/horizon/values.yaml
+++ b/horizon/values.yaml
@@ -44,14 +44,12 @@ labels:
node_selector_value: enabled
network:
+ ingress:
+ public: true
port: 80
node_port: 31000
enable_node_port: false
-memcached:
- host: memcached
- port: 11211
-
local_settings:
horizon_secret_key: 9aee62c0-5253-4a86-b189-e0fb71fa503c
debug: "True"
@@ -82,16 +80,34 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
+ dashboard:
+ name: horizon
+ hosts:
+ default: horizon-int
+ public: horizon
+ path:
+ default: null
+ scheme:
+ default: http
+ port:
+ web:
+ default: 80
mounts:
horizon:
diff --git a/ingress/templates/error-deployment.yaml b/ingress/templates/deployment-error.yaml
similarity index 100%
rename from ingress/templates/error-deployment.yaml
rename to ingress/templates/deployment-error.yaml
diff --git a/ingress/templates/ingress-deployment.yaml b/ingress/templates/deployment-ingress.yaml
similarity index 99%
rename from ingress/templates/ingress-deployment.yaml
rename to ingress/templates/deployment-ingress.yaml
index b14bff12a8..574a7a1eaa 100644
--- a/ingress/templates/ingress-deployment.yaml
+++ b/ingress/templates/deployment-ingress.yaml
@@ -83,7 +83,6 @@ spec:
args:
- /nginx-ingress-controller
- '--default-backend-service=$(POD_NAMESPACE)/ingress-error-pages'
- - '--v=3'
{{- if .Values.network.host_namespace }}
volumeMounts:
- name: ingress-etc
diff --git a/ingress/templates/error-service.yaml b/ingress/templates/service-error.yaml
similarity index 100%
rename from ingress/templates/error-service.yaml
rename to ingress/templates/service-error.yaml
diff --git a/ingress/templates/service-ingress.yaml b/ingress/templates/service-ingress.yaml
new file mode 100644
index 0000000000..7c29946ae2
--- /dev/null
+++ b/ingress/templates/service-ingress.yaml
@@ -0,0 +1,32 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: ingress-api
+ name: {{ .Values.endpoints.ingress.host }}
+spec:
+ ports:
+ - name: http
+ port: {{ .Values.endpoints.ingress.port.http }}
+ protocol: TCP
+ targetPort: 80
+ - name: https
+ port: {{ .Values.endpoints.ingress.port.https }}
+ protocol: TCP
+ targetPort: 443
+ selector:
+ app: ingress-api
diff --git a/ingress/values.yaml b/ingress/values.yaml
index 48c560dccc..0fc204c5f3 100644
--- a/ingress/values.yaml
+++ b/ingress/values.yaml
@@ -23,7 +23,8 @@ replicas:
images:
entrypoint: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
- ingress: gcr.io/google_containers/nginx-ingress-controller:0.8.3
+ # https://github.com/kubernetes/ingress/blob/master/controllers/nginx/Changelog.md
+ ingress: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.8
error_pages: gcr.io/google_containers/defaultbackend:1.0
pull_policy: "IfNotPresent"
@@ -48,6 +49,13 @@ network:
- 10.96.0.10
- 8.8.8.8
+endpoints:
+ ingress:
+ host: openstack
+ port:
+ http: 80
+ https: 443
+
deployment_type: Deployment
resources:
diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml
index ddf987c56e..a144a7ca3b 100644
--- a/keystone/templates/configmap-etc.yaml
+++ b/keystone/templates/configmap-etc.yaml
@@ -23,7 +23,7 @@
{{- end -}}
{{- if empty .Values.conf.keystone.cache.oslo.cache.memcache_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.keystone.cache.oslo.cache "memcache_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.keystone.cache.oslo.cache "memcache_servers" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1
diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl
index 6fdef25fa4..879fe7279a 100644
--- a/keystone/templates/etc/_wsgi-keystone.conf.tpl
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@@ -18,6 +18,10 @@ Listen 0.0.0.0:{{ .Values.network.admin.port }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
+SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
+CustomLog /dev/stdout combined env=!forwarded
+CustomLog /dev/stdout proxy env=forwarded
+
WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
@@ -49,3 +53,23 @@ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-A
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
+
+Alias /identity /var/www/cgi-bin/keystone/keystone-wsgi-public
+
+ SetHandler wsgi-script
+ Options +ExecCGI
+
+ WSGIProcessGroup keystone-public
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+
+
+Alias /identity_admin /var/www/cgi-bin/keystone/keystone-wsgi-admin
+
+ SetHandler wsgi-script
+ Options +ExecCGI
+
+ WSGIProcessGroup keystone-admin
+ WSGIApplicationGroup %{GLOBAL}
+ WSGIPassAuthorization On
+
diff --git a/keystone/templates/ingress.yaml b/keystone/templates/ingress.yaml
new file mode 100644
index 0000000000..118de4d9cc
--- /dev/null
+++ b/keystone/templates/ingress.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: ks-pub
+ - host: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: ks-pub
+{{- end }}
diff --git a/keystone/templates/service-ingress.yaml b/keystone/templates/service-ingress.yaml
new file mode 100644
index 0000000000..d0bf5284c0
--- /dev/null
+++ b/keystone/templates/service-ingress.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/keystone/templates/service.yaml b/keystone/templates/service.yaml
index 3aa07b8dbd..f323996cf1 100644
--- a/keystone/templates/service.yaml
+++ b/keystone/templates/service.yaml
@@ -15,15 +15,15 @@
apiVersion: v1
kind: Service
metadata:
- name: keystone-api
+ name: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - name: keystone-api-public
+ - name: ks-pub
port: {{ .Values.network.api.port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
- - name: keystone-api-admin
+ - name: ks-adm
port: {{ .Values.network.admin.port }}
{{ if .Values.network.admin.node_port.enabled }}
nodePort: {{ .Values.network.admin.node_port.port }}
diff --git a/keystone/values.yaml b/keystone/values.yaml
index 05fb28de22..e87ca30bbc 100644
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@@ -69,13 +69,13 @@ bootstrap:
network:
api:
- name: "keystone-api"
- port: 5000
+ port: 80
+ ingress:
+ public: true
node_port:
enabled: false
port: 30500
admin:
- name: "keystone-admin"
port: 35357
node_port:
enabled: false
@@ -202,11 +202,16 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
oslo_db:
auth:
admin:
@@ -220,7 +225,8 @@ endpoints:
path: /keystone
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -234,9 +240,11 @@ endpoints:
path: /openstack
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
diff --git a/magnum/templates/configmap-etc.yaml b/magnum/templates/configmap-etc.yaml
index 4e156b42f5..51f7dac680 100644
--- a/magnum/templates/configmap-etc.yaml
+++ b/magnum/templates/configmap-etc.yaml
@@ -24,7 +24,7 @@
{{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.magnum.database.oslo.db.connection -}}
diff --git a/magnum/templates/ingress-api.yaml b/magnum/templates/ingress-api.yaml
new file mode 100644
index 0000000000..c3eb789095
--- /dev/null
+++ b/magnum/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: m-api
+ - host: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: m-api
+{{- end }}
diff --git a/magnum/templates/service-api.yaml b/magnum/templates/service-api.yaml
index ddbf627b2b..e470c06baf 100644
--- a/magnum/templates/service-api.yaml
+++ b/magnum/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: magnum-api
+ name: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.magnum.api.magnum.port }}
+ - name: m-api
+ port: {{ .Values.conf.magnum.api.magnum.port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/magnum/templates/service-ingress-api.yaml b/magnum/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..a773b776b4
--- /dev/null
+++ b/magnum/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/magnum/values.yaml b/magnum/values.yaml
index 3d16b45911..27d54f89b5 100644
--- a/magnum/values.yaml
+++ b/magnum/values.yaml
@@ -94,8 +94,8 @@ conf:
network:
api:
- name: "magnum-api"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30511
@@ -154,19 +154,29 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
container-infra:
name: magnum
hosts:
default: magnum-api
- path: /v1
- scheme: 'http'
+ public: magnum
+ path:
+ default: /v1
+ scheme:
+ default: http
port:
- api: 9511
+ api:
+ default: 9511
+ public: 80
oslo_db:
auth:
admin:
@@ -180,12 +190,14 @@ endpoints:
path: /magnum
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
oslo_messaging:
auth:
admin:
@@ -199,7 +211,8 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
resources:
enabled: false
diff --git a/mistral/templates/bin/_db-sync.sh.tpl b/mistral/templates/bin/_db-sync.sh.tpl
index f89bdace5f..799abf4ba5 100644
--- a/mistral/templates/bin/_db-sync.sh.tpl
+++ b/mistral/templates/bin/_db-sync.sh.tpl
@@ -1,3 +1,5 @@
+#!/bin/bash
+
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,7 +13,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-#!/bin/bash
set -ex
diff --git a/mistral/templates/bin/_mistral-engine.sh.tpl b/mistral/templates/bin/_mistral-engine.sh.tpl
index ac74543ee7..04b2ee8e71 100644
--- a/mistral/templates/bin/_mistral-engine.sh.tpl
+++ b/mistral/templates/bin/_mistral-engine.sh.tpl
@@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec mistral-server \
--server engine \
--config-file /etc/mistral/mistral.conf
diff --git a/mistral/templates/bin/_mistral-event-engine.sh.tpl b/mistral/templates/bin/_mistral-event-engine.sh.tpl
index 83faced05c..9c9368008b 100644
--- a/mistral/templates/bin/_mistral-event-engine.sh.tpl
+++ b/mistral/templates/bin/_mistral-event-engine.sh.tpl
@@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec mistral-server \
--server event-engine \
--config-file /etc/mistral/mistral.conf
diff --git a/mistral/templates/bin/_mistral-executor.sh.tpl b/mistral/templates/bin/_mistral-executor.sh.tpl
index 5b16b754e3..b25459b09e 100644
--- a/mistral/templates/bin/_mistral-executor.sh.tpl
+++ b/mistral/templates/bin/_mistral-executor.sh.tpl
@@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-set -x
+set -ex
exec mistral-server \
--server executor \
--config-file /etc/mistral/mistral.conf
diff --git a/mistral/templates/configmap-etc.yaml b/mistral/templates/configmap-etc.yaml
index 4d9848ac05..439555d90f 100644
--- a/mistral/templates/configmap-etc.yaml
+++ b/mistral/templates/configmap-etc.yaml
@@ -23,7 +23,7 @@
{{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.mistral.database.oslo.db.connection -}}
diff --git a/mistral/templates/ingress-api.yaml b/mistral/templates/ingress-api.yaml
new file mode 100644
index 0000000000..26eece5476
--- /dev/null
+++ b/mistral/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: w-api
+ - host: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: w-api
+{{- end }}
diff --git a/mistral/templates/service-api.yaml b/mistral/templates/service-api.yaml
index 1e827b4a99..87a851df5e 100644
--- a/mistral/templates/service-api.yaml
+++ b/mistral/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: mistral-api
+ name: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.mistral.api.mistral.config.port }}
+ - name: w-api
+ port: {{ .Values.conf.mistral.api.mistral.config.port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/mistral/templates/service-ingress-api.yaml b/mistral/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..1ed8f5d17b
--- /dev/null
+++ b/mistral/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/mistral/values.yaml b/mistral/values.yaml
index 92fb08849f..a387b5bc7a 100644
--- a/mistral/values.yaml
+++ b/mistral/values.yaml
@@ -78,8 +78,8 @@ keystone:
network:
api:
- name: "mistral-api"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 28989
@@ -158,19 +158,29 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
workflow:
name: mistral
hosts:
default: mistral-api
- path: /v2
- scheme: 'http'
+ public: mistral
+ path:
+ default: /v2
+ scheme:
+ default: 'http'
port:
- api: 8989
+ api:
+ default: 8989
+ public: 80
oslo_db:
auth:
admin:
@@ -184,7 +194,8 @@ endpoints:
path: /mistral
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -198,12 +209,14 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
mounts:
mistral_api:
diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml
index 709b9125da..a71d4c93ee 100644
--- a/neutron/templates/configmap-etc.yaml
+++ b/neutron/templates/configmap-etc.yaml
@@ -34,7 +34,7 @@
{{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end }}
{{- if empty .Values.conf.neutron.database.oslo.db.connection -}}
diff --git a/neutron/templates/ingress.yaml b/neutron/templates/ingress.yaml
new file mode 100644
index 0000000000..42eb8ad5c4
--- /dev/null
+++ b/neutron/templates/ingress.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.server.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: q-api
+ - host: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: q-api
+{{- end }}
diff --git a/neutron/templates/service-ingress-neutron.yaml b/neutron/templates/service-ingress-neutron.yaml
new file mode 100644
index 0000000000..693a08de52
--- /dev/null
+++ b/neutron/templates/service-ingress-neutron.yaml
@@ -0,0 +1,25 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.server.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/neutron/templates/service.yaml b/neutron/templates/service.yaml
index bb3cbe3bc3..18b04c1bb6 100644
--- a/neutron/templates/service.yaml
+++ b/neutron/templates/service.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: neutron-server
+ name: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.network.server.port }}
+ - name: q-api
+ port: {{ .Values.network.server.port }}
{{ if .Values.network.server.node_port.enabled }}
nodePort: {{ .Values.network.server.node_port.port }}
{{ end }}
diff --git a/neutron/values.yaml b/neutron/values.yaml
index 3e4df466e7..d55c9a71c8 100644
--- a/neutron/values.yaml
+++ b/neutron/values.yaml
@@ -98,13 +98,13 @@ network:
# br0: if0
# br1: iface_two
server:
- name: "neutron-server"
port: 9696
+ ingress:
+ public: true
node_port:
enabled: false
port: 30096
metadata:
- name: "neutron-metadata"
port: 8775
keystone:
@@ -438,6 +438,14 @@ conf:
metadata_agent:
override:
append:
+ default:
+ neutron:
+ metadata:
+ agent:
+ nova_metadata_ip: 10.97.120.234
+ nova_metadata_port: 80
+ nova_metadata_protocol: http
+ metadata_proxy_shared_secret: "password"
sriov_agent:
override:
append:
@@ -466,7 +474,8 @@ endpoints:
path: /neutron
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -480,39 +489,58 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
compute:
name: nova
hosts:
default: nova-api
- path: "/v2/%(tenant_id)s"
- scheme: 'http'
+ public: nova
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: 'http'
port:
- api: 8774
- metadata: 8775
- novncproxy: 6080
+ api:
+ default: 8774
+ public: 80
+ metadata:
+ default: 8775
+ novncproxy:
+ default: 6080
identity:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
network:
name: neutron
hosts:
default: neutron-server
- path: null
- scheme: 'http'
+ public: neutron
+ path:
+ default: null
+ scheme:
+ default: 'http'
port:
- api: 9696
+ api:
+ default: 9696
+ public: 80
mounts:
neutron_server:
diff --git a/nova/templates/bin/_nova-api.sh.tpl b/nova/templates/bin/_nova-api.sh.tpl
index 4c334f7c5b..d929242297 100644
--- a/nova/templates/bin/_nova-api.sh.tpl
+++ b/nova/templates/bin/_nova-api.sh.tpl
@@ -19,7 +19,7 @@ COMMAND="${@:-start}"
function start () {
exec nova-api-os-compute \
- --config-file /etc/nova/nova.conf
+ --config-file /etc/nova/nova.conf --debug
}
function stop () {
diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml
index 706fb2ef41..391912ca71 100644
--- a/nova/templates/configmap-etc.yaml
+++ b/nova/templates/configmap-etc.yaml
@@ -24,7 +24,7 @@
{{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.nova.database.oslo.db.connection -}}
@@ -52,7 +52,15 @@
{{- end -}}
{{- if empty .Values.conf.nova.cache.nova.conf.memcache_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.nova.cache.nova.conf "memcache_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.cache.nova.conf "memcache_servers" | quote | trunc 0 -}}
+{{- end -}}
+
+{{- if empty .Values.conf.nova.default.nova.conf.metadata_host -}}
+{{- set .Values.conf.nova.default.nova.conf "metadata_host" .Values.network.metadata.ip | quote | trunc 0 -}}
+{{- end -}}
+
+{{- if empty .Values.conf.nova.default.nova.conf.metadata_port -}}
+{{- tuple "compute_metadata" "public" "metadata" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.nova.default.nova.conf "metadata_port" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1
diff --git a/nova/templates/ingress-metadata.yaml b/nova/templates/ingress-metadata.yaml
new file mode 100644
index 0000000000..87c0474b72
--- /dev/null
+++ b/nova/templates/ingress-metadata.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.metadata.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: n-meta
+ - host: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: n-meta
+{{- end }}
diff --git a/nova/templates/ingress-osapi.yaml b/nova/templates/ingress-osapi.yaml
new file mode 100644
index 0000000000..fd71963db4
--- /dev/null
+++ b/nova/templates/ingress-osapi.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.osapi.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: n-api
+ - host: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: n-api
+{{- end }}
diff --git a/nova/templates/service-ingress-metadata.yaml b/nova/templates/service-ingress-metadata.yaml
new file mode 100644
index 0000000000..df3994d130
--- /dev/null
+++ b/nova/templates/service-ingress-metadata.yaml
@@ -0,0 +1,27 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.metadata.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ clusterIP: {{ .Values.network.metadata.ip }}
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/nova/templates/service-ingress-osapi.yaml b/nova/templates/service-ingress-osapi.yaml
new file mode 100644
index 0000000000..fba905eaa7
--- /dev/null
+++ b/nova/templates/service-ingress-osapi.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.osapi.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/nova/templates/service-metadata.yaml b/nova/templates/service-metadata.yaml
index 29de9f0069..a34ab7e77d 100644
--- a/nova/templates/service-metadata.yaml
+++ b/nova/templates/service-metadata.yaml
@@ -15,10 +15,10 @@
apiVersion: v1
kind: Service
metadata:
- name: nova-metadata
+ name: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - name: nova-metadata
+ - name: n-meta
port: {{ .Values.network.metadata.port }}
{{ if .Values.network.metadata.node_port.enabled }}
nodePort: {{ .Values.network.metadata.node_port.port }}
diff --git a/nova/templates/service-osapi.yaml b/nova/templates/service-osapi.yaml
index fd9199e3d6..f1e7081aec 100644
--- a/nova/templates/service-osapi.yaml
+++ b/nova/templates/service-osapi.yaml
@@ -15,13 +15,10 @@
apiVersion: v1
kind: Service
metadata:
- # alanmeadows(TODO): refactor to nova-osapi
- # which requires updating other charts
- # dependencies
- name: nova-api
+ name: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - name: nova-api-osapi
+ - name: n-api
port: {{ .Values.network.osapi.port }}
{{ if .Values.network.osapi.node_port.enabled }}
nodePort: {{ .Values.network.osapi.node_port.port }}
diff --git a/nova/values.yaml b/nova/values.yaml
index b0239e30a1..f3fb9ba02b 100644
--- a/nova/values.yaml
+++ b/nova/values.yaml
@@ -106,20 +106,20 @@ network:
kubernetes_domain: "cluster.local"
other_domains: ""
osapi:
- name: "nova-osapi"
port: 8774
+ ingress:
+ public: true
node_port:
enabled: false
port: 30774
metadata:
- name: "nova-metadata"
+ ip: 10.97.120.234
port: 8775
+ ingress:
+ public: true
node_port:
enabled: false
port: 30775
- novncproxy:
- name: "nova-novncproxy"
- port: 6080
keystone:
admin_user: "admin"
@@ -326,6 +326,10 @@ conf:
oslo:
concurrency:
lock_path: /var/lib/nova/tmp
+ oslo_middleware:
+ oslo:
+ middleware:
+ enable_proxy_headers_parsing: true
glance:
nova:
conf:
@@ -410,7 +414,8 @@ endpoints:
path: /nova
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_db_api:
auth:
admin:
@@ -424,7 +429,8 @@ endpoints:
path: /nova_api
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_messaging:
auth:
admin:
@@ -438,48 +444,82 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
- compute:
- name: nova
- hosts:
- default: nova-api
- path: "/v2/%(tenant_id)s"
- scheme: 'http'
- port:
- api: 8774
- metadata: 8775
- novncproxy: 6080
+ memcache:
+ default: 11211
identity:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- api: 5000
- admin: 35357
+ admin:
+ default: 35357
+ api:
+ default: 80
image:
name: glance
hosts:
default: glance-api
- path: null
- scheme: 'http'
+ public: glance
+ path:
+ default: null
+ scheme:
+ default: http
port:
- api: 9292
- registry: 9191
+ api:
+ default: 9292
+ public: 80
+ compute:
+ name: nova
+ hosts:
+ default: nova-api
+ public: nova
+ path:
+ default: "/v2/%(tenant_id)s"
+ scheme:
+ default: 'http'
+ port:
+ api:
+ default: 8774
+ public: 80
+ novncproxy:
+ default: 6080
+ compute_metadata:
+ name: nova
+ hosts:
+ default: nova-metadata
+ public: metadata
+ path:
+ default: /
+ scheme:
+ default: 'http'
+ port:
+ metadata:
+ default: 8775
+ public: 80
network:
name: neutron
hosts:
default: neutron-server
- path: null
- scheme: 'http'
+ public: neutron
+ path:
+ default: null
+ scheme:
+ default: 'http'
port:
- api: 9696
+ api:
+ default: 9696
+ public: 80
resources:
diff --git a/senlin/templates/configmap-etc.yaml b/senlin/templates/configmap-etc.yaml
index aed6ffca9f..bec615d3a4 100644
--- a/senlin/templates/configmap-etc.yaml
+++ b/senlin/templates/configmap-etc.yaml
@@ -24,7 +24,7 @@
{{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
-{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
+{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.senlin.database.oslo.db.connection -}}
diff --git a/senlin/templates/ingress-api.yaml b/senlin/templates/ingress-api.yaml
new file mode 100644
index 0000000000..f3362ca1f3
--- /dev/null
+++ b/senlin/templates/ingress-api.yaml
@@ -0,0 +1,39 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ annotations:
+ kubernetes.io/ingress.class: "nginx"
+ ingress.kubernetes.io/rewrite-target: /
+spec:
+ rules:
+ - host: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: s-api
+ - host: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+ servicePort: s-api
+{{- end }}
diff --git a/senlin/templates/service-api.yaml b/senlin/templates/service-api.yaml
index 56eaa44c25..1251f0888e 100644
--- a/senlin/templates/service-api.yaml
+++ b/senlin/templates/service-api.yaml
@@ -15,10 +15,11 @@
apiVersion: v1
kind: Service
metadata:
- name: senlin-api
+ name: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- - port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }}
+ - name: s-api
+ port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/senlin/templates/service-ingress-api.yaml b/senlin/templates/service-ingress-api.yaml
new file mode 100644
index 0000000000..bcacfa88c9
--- /dev/null
+++ b/senlin/templates/service-ingress-api.yaml
@@ -0,0 +1,26 @@
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{- if .Values.network.api.ingress.public }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
+spec:
+ ports:
+ - name: http
+ port: 80
+ selector:
+ app: ingress-api
+{{- end }}
diff --git a/senlin/values.yaml b/senlin/values.yaml
index e26f505f10..1520e5477f 100644
--- a/senlin/values.yaml
+++ b/senlin/values.yaml
@@ -95,8 +95,8 @@ conf:
network:
api:
- name: "senlin-api"
- proto: "http"
+ ingress:
+ public: true
node_port:
enabled: false
port: 30778
@@ -155,19 +155,29 @@ endpoints:
name: keystone
hosts:
default: keystone-api
- path: /v3
- scheme: 'http'
+ public: keystone
+ path:
+ default: /v3
+ scheme:
+ default: http
port:
- admin: 35357
- api: 5000
+ admin:
+ default: 35357
+ api:
+ default: 80
clustering:
name: senlin
hosts:
default: senlin-api
- path: null
- scheme: 'http'
+ public: senlin
+ path:
+ default: null
+ scheme:
+ default: http
port:
- api: 8778
+ api:
+ default: 8778
+ public: 80
oslo_db:
auth:
admin:
@@ -181,12 +191,14 @@ endpoints:
path: /senlin
scheme: mysql+pymysql
port:
- mysql: 3306
+ mysql:
+ default: 3306
oslo_cache:
hosts:
default: memcached
port:
- memcache: 11211
+ memcache:
+ default: 11211
oslo_messaging:
auth:
admin:
@@ -200,7 +212,8 @@ endpoints:
path: /
scheme: rabbit
port:
- amqp: 5672
+ amqp:
+ default: 5672
resources:
enabled: false
diff --git a/tools/gate/basic_launch.sh b/tools/gate/basic_launch.sh
index 3a721bd19b..0b01601093 100755
--- a/tools/gate/basic_launch.sh
+++ b/tools/gate/basic_launch.sh
@@ -64,6 +64,7 @@ EOF"
kubectl exec -n ceph ceph-mon-0 -- ceph osd pool create vms 8
fi
+helm install --namespace=openstack local/ingress --name=ingress
helm install --namespace=openstack local/mariadb --name=mariadb
helm install --namespace=openstack local/memcached --name=memcached
helm install --namespace=openstack local/etcd --name=etcd-rabbitmq
@@ -101,3 +102,11 @@ helm_test_deployment keystone 600
helm_test_deployment glance 600
helm_test_deployment neutron 600
helm_test_deployment nova 600
+
+if [ "x$LAUNCH_ALL_OSH_SERVICES" == "xtrue" ]; then
+ helm install --namespace=openstack local/barbican --name=barbican
+ helm install --namespace=openstack local/magnum --name=magnum
+ helm install --namespace=openstack local/mistral --name=mistral
+ helm install --namespace=openstack local/senlin --name=senlin
+ kube_wait_for_pods openstack 600
+fi
diff --git a/tools/gate/openstack_aio_launch.sh b/tools/gate/openstack_aio_launch.sh
index 5126b7285e..06bc43d519 100644
--- a/tools/gate/openstack_aio_launch.sh
+++ b/tools/gate/openstack_aio_launch.sh
@@ -18,7 +18,7 @@ set -xe
: ${KS_PASSWORD:="password"}
: ${KS_USER_DOMAIN:="default"}
: ${KS_PROJECT_DOMAIN:="default"}
-: ${KS_URL:="http://keystone-api.openstack:5000/v3"}
+: ${KS_URL:="http://keystone.openstack/v3"}
: ${OSH_BR_EX_ADDR:="172.24.4.1/24"}
: ${OSH_EXT_SUBNET:="172.24.4.0/24"}
diff --git a/tools/gate/setup_gate.sh b/tools/gate/setup_gate.sh
index f9b72bf0d8..b732f8dad2 100755
--- a/tools/gate/setup_gate.sh
+++ b/tools/gate/setup_gate.sh
@@ -30,6 +30,7 @@ export PVC_BACKEND=ceph
# Setup the logging location: by default use the working dir as the root.
export LOGS_DIR=${LOGS_DIR:-"${WORK_DIR}/logs"}
+rm -rf ${LOGS_DIR} || true
mkdir -p ${LOGS_DIR}
function dump_logs () {