Ingress controller for public endpoints

This PS provides the framework for Ingress controller based access to
public APIs.

Services covered:
 * Barbican
 * Cinder
 * Glance
 * Heat
 * Horizon
 * Keystone
 * Magnum
 * Mistral
 * Neutron
 * Nova
 * Senlin

Change-Id: I82d55f6ca41859ebed3312ec7d95b353df09e772
Implements: blueprint api-ingress
External-Tracking-Id: OSH-58, OSH-62
This commit is contained in:
Pete Birley 2017-06-14 20:04:05 -05:00
parent 2af464b548
commit c0cf2337a2
97 changed files with 1668 additions and 258 deletions

View File

@ -21,7 +21,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.barbican.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.database.oslo.db.connection -}} {{- if empty .Values.conf.barbican.database.oslo.db.connection -}}
@ -32,6 +32,10 @@
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.default.oslo.messaging "transport_url" | quote | trunc 0 -}} {{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.barbican.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.barbican.default.barbican.common.config.host_href -}}
{{- tuple "key-manager" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.barbican.default.barbican.common.config "host_href" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: b-api
- host: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: b-api
{{- end }}

View File

@ -13,10 +13,10 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: barbican-api name: {{ tuple "key-manager" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- name: barbican-api - name: b-api
port: {{ .Values.conf.barbican.barbican_api.barbican.config.bind_port }} port: {{ .Values.conf.barbican.barbican_api.barbican.config.bind_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: .Values.network.api.node_port.port nodePort: .Values.network.api.node_port.port

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "key-manager" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -39,8 +39,8 @@ pod_disruption_budget:
network: network:
api: api:
name: "barbican-api" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 39486 port: 39486
@ -135,19 +135,29 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: http path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
key-manager: key-manager:
name: barbican name: barbican
hosts: hosts:
default: barbican-api default: barbican-api
path: /v1 public: barbican
scheme: http path:
default: /v1
scheme:
default: http
port: port:
api: 9311 api:
default: 9311
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -161,7 +171,8 @@ endpoints:
path: /barbican path: /barbican
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -175,12 +186,14 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
resources: resources:
enabled: false enabled: false

View File

@ -13,7 +13,7 @@
# limitations under the License. # limitations under the License.
{{- if empty .Values.conf.ceph.config.global.mon_host -}} {{- if empty .Values.conf.ceph.config.global.mon_host -}}
{{- $monHost := tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }} {{- $monHost := tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
{{- $monHostDomain := default .Release.Namespace .Values.ceph.namespace }} {{- $monHostDomain := default .Release.Namespace .Values.ceph.namespace }}
{{- $monHostURI := cat $monHost "." $monHostDomain | nospace -}} {{- $monHostURI := cat $monHost "." $monHostDomain | nospace -}}
{{- $monHostURI | set .Values.conf.ceph.config.global "mon_host" | quote | trunc 0 -}} {{- $monHostURI | set .Values.conf.ceph.config.global "mon_host" | quote | trunc 0 -}}

View File

@ -24,7 +24,7 @@ metadata:
daemon: mon daemon: mon
name: ceph-mon name: ceph-mon
spec: spec:
serviceName: {{ tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }} serviceName: {{ tuple "ceph_mon" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
replicas: {{ .Values.replicas.mon }} replicas: {{ .Values.replicas.mon }}
template: template:
metadata: metadata:

View File

@ -20,7 +20,7 @@ metadata:
name: {{ .Values.storageclass.name }} name: {{ .Values.storageclass.name }}
provisioner: kubernetes.io/rbd provisioner: kubernetes.io/rbd
parameters: parameters:
monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }} monitors: {{ tuple "ceph_mon" "internal" "mon" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
adminId: {{ .Values.storageclass.admin_id }} adminId: {{ .Values.storageclass.admin_id }}
adminSecretName: {{ .Values.storageclass.admin_secret_name }} adminSecretName: {{ .Values.storageclass.admin_secret_name }}
adminSecretNamespace: {{ .Values.storageclass.admin_secret_namespace }} adminSecretNamespace: {{ .Values.storageclass.admin_secret_namespace }}

View File

@ -221,4 +221,5 @@ endpoints:
hosts: hosts:
default: ceph-mon default: ceph-mon
port: port:
mon: 6789 mon:
default: 6789

View File

@ -24,7 +24,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.cinder.database.oslo.db.connection -}} {{- if empty .Values.conf.cinder.database.oslo.db.connection -}}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: c-api
- host: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: c-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: cinder-api name: {{ tuple "volume" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }} - name: c-api
port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "volume" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -77,7 +77,8 @@ keystone:
network: network:
api: api:
name: "cinder-api" ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30877 port: 30877
@ -233,44 +234,81 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
image: image:
name: glance name: glance
hosts: hosts:
default: glance-api default: glance-api
path: null public: glance
scheme: 'http' path:
default: null
scheme:
default: http
port: port:
api: 9292 api:
registry: 9191 default: 9292
public: 80
image_registry:
name: glance-registry
hosts:
default: glance-registry
public: glance-reg
path:
default: null
scheme:
default: 'http'
port:
api:
default: 9191
public: 80
volume: volume:
name: cinder name: cinder
hosts: hosts:
default: cinder-api default: cinder-api
path: '/v1/%(tenant_id)s' public: cinder
scheme: 'http' path:
default: '/v1/%(tenant_id)s'
scheme:
default: 'http'
port: port:
api: 8776 api:
default: 8776
public: 80
volumev2: volumev2:
name: cinder name: cinder
hosts: hosts:
default: cinder-api default: cinder-api
path: '/v2/%(tenant_id)s' public: cinder
scheme: 'http' path:
default: '/v2/%(tenant_id)s'
scheme:
default: 'http'
port: port:
api: 8776 api:
default: 8776
public: 80
volumev3: volumev3:
name: cinder name: cinder
hosts: hosts:
default: cinder-api default: cinder-api
path: '/v3/%(tenant_id)s' public: cinder
scheme: 'http' path:
default: '/v3/%(tenant_id)s'
scheme:
default: 'http'
port: port:
api: 8776 api:
default: 8776
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -284,7 +322,8 @@ endpoints:
path: /cinder path: /cinder
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -298,12 +337,14 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
resources: resources:
enabled: false enabled: false

View File

@ -138,6 +138,7 @@ The below snippet will install the given chart name from the local repository us
helm install --name=memcached local/memcached --namespace=openstack helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack helm install --name=rabbitmq local/rabbitmq --namespace=openstack
helm install --name=ingress local/ingress --namespace=openstack
helm install --name=keystone local/keystone --namespace=openstack helm install --name=keystone local/keystone --namespace=openstack

View File

@ -413,13 +413,14 @@ Installation of Other Services
Now you can easily install the other services simply by going in order: Now you can easily install the other services simply by going in order:
**Install Memcached/Etcd/RabbitMQ:** **Install Memcached/Etcd/RabbitMQ/Ingress:**
:: ::
helm install --name=memcached local/memcached --namespace=openstack helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack helm install --name=rabbitmq local/rabbitmq --namespace=openstack
helm install --name=ingress local/ingress --namespace=openstack
**Install Keystone:** **Install Keystone:**

View File

@ -16,7 +16,6 @@
set -ex set -ex
export HOME=/tmp export HOME=/tmp
{{ if .Values.bootstrap.enabled }} {{ if .Values.bootstrap.enabled }}
cd /tmp/images cd /tmp/images

View File

@ -30,10 +30,10 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.database.oslo.db.connection -}} {{- if empty .Values.conf.glance.database.oslo.db.connection -}}
@ -51,17 +51,21 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_host -}} {{- if empty .Values.conf.glance.default.glance.api.registry_host -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }} {{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}} {{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._0 | set .Values.conf.glance.default.glance.api "registry_host" | quote | trunc 0 -}} {{- $imageRegistryHostURI._0 | set .Values.conf.glance.default.glance.api "registry_host" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_port -}} {{- if empty .Values.conf.glance.default.glance.api.registry_port -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" }} {{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}} {{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._1 | set .Values.conf.glance.default.glance.api "registry_port" | quote | trunc 0 -}} {{- $imageRegistryHostURI._1 | set .Values.conf.glance.default.glance.api "registry_port" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.public_endpoint -}}
{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.default.glance.api "public_endpoint" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:

View File

@ -0,0 +1,40 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
ingress.kubernetes.io/proxy-body-size: {{ .Values.network.api.ingress.proxy_body_size }}
spec:
rules:
- host: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: g-api
- host: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: g-api
{{- end }}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.registry.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: g-reg
- host: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: g-reg
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: glance-api name: {{ tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.glance.default.glance.api.bind_port }} - name: g-api
port: {{ .Values.conf.glance.default.glance.api.bind_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: .Values.network.api.node_port.port nodePort: .Values.network.api.node_port.port
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "image" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.registry.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "image_registry" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: glance-registry name: {{ tuple "image_registry" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }} - name: g-reg
port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
{{ if .Values.network.registry.node_port.enabled }} {{ if .Values.network.registry.node_port.enabled }}
nodePort: {{ .Values.network.registry.node_port.port }} nodePort: {{ .Values.network.registry.node_port.port }}
{{ end }} {{ end }}

View File

@ -111,6 +111,9 @@ conf:
override: override:
append: append:
default: default:
oslo:
log:
debug: true
glance: glance:
api: api:
bind_port: 9292 bind_port: 9292
@ -159,12 +162,15 @@ conf:
network: network:
api: api:
name: "glance-api" ingress:
public: true
proxy_body_size: 1024M
node_port: node_port:
enabled: false enabled: false
port: 30092 port: 30092
registry: registry:
name: "glance-registry" ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30091 port: 30091
@ -300,27 +306,42 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
image: image:
name: glance name: glance
hosts: hosts:
default: glance-api default: glance-api
path: null public: glance
scheme: 'http' path:
default: null
scheme:
default: http
port: port:
api: 9292 api:
default: 9292
public: 80
image_registry: image_registry:
name: glance-registry name: glance-registry
hosts: hosts:
default: glance-registry default: glance-registry
path: null public: glance-reg
scheme: 'http' path:
default: null
scheme:
default: 'http'
port: port:
api: 9191 api:
default: 9191
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -334,12 +355,14 @@ endpoints:
path: /glance path: /glance
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -353,7 +376,8 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
mounts: mounts:
glance_api: glance_api:

View File

@ -24,7 +24,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.heat.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.database.oslo.db.connection -}} {{- if empty .Values.conf.heat.database.oslo.db.connection -}}
@ -36,7 +36,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}} {{- if empty .Values.conf.heat.default.heat.common.config.heat_metadata_server_url -}}
{{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}} {{- tuple "cloudformation" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.cloudformation.path.default | set .Values.conf.heat.default.heat.common.config "heat_metadata_server_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}} {{- if empty .Values.conf.heat.default.heat.common.config.heat_waitcondition_server_url -}}
@ -48,11 +48,11 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}} {{- if empty .Values.conf.heat.clients_keystone.heat.common.config.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.clients_keystone.heat.common.config "auth_uri" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}} {{- if empty .Values.conf.heat.trustee.heat.common.context.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}} {{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.identity.path.default | set .Values.conf.heat.trustee.heat.common.context "auth_url" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
apiVersion: v1 apiVersion: v1

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-api
- host: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-api
{{- end }}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.cfn.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-cfn
- host: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-cfn
{{- end }}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.cloudwatch.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-cwh
- host: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: h-cwh
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: heat-api name: {{ tuple "orchestration" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }} - name: h-api
port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: heat-cfn name: {{ tuple "cloudformation" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }} - name: h-cfn
port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }}
{{ if .Values.network.cfn.node_port.enabled }} {{ if .Values.network.cfn.node_port.enabled }}
nodePort: {{ .Values.network.cfn.node_port.port }} nodePort: {{ .Values.network.cfn.node_port.port }}
{{ end }} {{ end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: heat-cloudwatch name: {{ tuple "cloudwatch" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }} - name: h-cwh
port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }}
{{ if .Values.network.cloudwatch.node_port.enabled }} {{ if .Values.network.cloudwatch.node_port.enabled }}
nodePort: {{ .Values.network.cloudwatch.node_port.port }} nodePort: {{ .Values.network.cloudwatch.node_port.port }}
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "orchestration" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.cfn.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "cloudformation" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.cloudwatch.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "cloudwatch" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -165,20 +165,20 @@ conf:
network: network:
api: api:
name: "heat-api" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 30004 port: 30004
cfn: cfn:
name: "heat-cfn" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 30800 port: 30800
cloudwatch: cloudwatch:
name: "heat-cloudwatch" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 30003 port: 30003
@ -257,37 +257,57 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: 'http'
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
orchestration: orchestration:
name: heat name: heat
hosts: hosts:
default: heat-api default: heat-api
path: '/v1/%(project_id)s' public: heat
scheme: 'http' path:
default: '/v1/%(project_id)s'
scheme:
default: 'http'
port: port:
api: 8004 api:
default: 8004
public: 80
cloudformation: cloudformation:
name: heat-cfn name: heat-cfn
hosts: hosts:
default: heat-cfn default: heat-cfn
path: /v1 public: cloudformation
scheme: 'http' path:
default: /v1
scheme:
default: 'http'
port: port:
api: 8000 api:
default: 8000
public: 80
# Cloudwatch does not get an entry in the keystone service catalog # Cloudwatch does not get an entry in the keystone service catalog
cloudwatch: cloudwatch:
name: heat-cloudwatch name: heat-cloudwatch
hosts: hosts:
default: heat-cloudwatch default: heat-cloudwatch
path: null public: cloudwatch
path:
default: null
type: null type: null
scheme: 'http' scheme:
default: 'http'
port: port:
api: 8003 api:
default: 8003
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -301,12 +321,14 @@ endpoints:
path: /heat path: /heat
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -320,7 +342,8 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
resources: resources:
enabled: false enabled: false

View File

@ -28,7 +28,7 @@
{{- $context := index . 4 -}} {{- $context := index . 4 -}}
{{- $endpointMap := index $context.Values.endpoints $type }} {{- $endpointMap := index $context.Values.endpoints $type }}
{{- $userMap := index $endpointMap.auth $userclass }} {{- $userMap := index $endpointMap.auth $userclass }}
{{- $fqdn := $context.Release.Namespace -}} {{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}} {{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}} {{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}} {{- end -}}
@ -37,7 +37,8 @@
{{- $endpointUser := index $userMap "username" }} {{- $endpointUser := index $userMap "username" }}
{{- $endpointPass := index $userMap "password" }} {{- $endpointPass := index $userMap "password" }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default}} {{- $endpointHost := index .hosts $endpoint | default .hosts.default}}
{{- $endpointPort := index .port $port | default .port.default }} {{- $endpointPortMAP := index .port $port }}
{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- $endpointPath := .path | default "" }} {{- $endpointPath := .path | default "" }}
{{- printf "%s://%s:%s@%s.%s:%1.f%s" $endpointScheme $endpointUser $endpointPass $endpointHost $fqdn $endpointPort $endpointPath -}} {{- printf "%s://%s:%s@%s.%s:%1.f%s" $endpointScheme $endpointUser $endpointPass $endpointHost $fqdn $endpointPort $endpointPath -}}
{{- end -}} {{- end -}}

View File

@ -0,0 +1,34 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template:
# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }
# returns: internal_host:port
#
# Output that requires the port aspect striped could simply split the output based on ':'
{{- define "helm-toolkit.endpoints.endpoint_port_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}}
{{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- with $endpointMap -}}
{{- $endpointPortMAP := index .port $port }}
{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- printf "%1.f" $endpointPort -}}
{{- end -}}
{{- end -}}

View File

@ -15,25 +15,26 @@
# This function returns hostnames from endpoint definitions for use cases # This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname # where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template: # portion is used or relevant in the template:
# { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" } # { tuple "memcache" "internal" "portName" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }
# returns: internal_host:port # returns: internal_host:port
# #
# Output that requires the port aspect striped could simply split the output based on ':' # Output that requires the port aspect striped could simply split the output based on ':'
{{- define "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" -}} {{- define "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" -}}
{{- $type := index . 0 -}} {{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}} {{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}} {{- $port := index . 2 -}}
{{- $context := index . 3 -}} {{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }} {{- $endpointMap := index $context.Values.endpoints $type }}
{{- $fqdn := $context.Release.Namespace -}} {{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}} {{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}} {{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}} {{- end -}}
{{- with $endpointMap -}} {{- with $endpointMap -}}
{{- $endpointScheme := .scheme }} {{- $endpointScheme := .scheme }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default }} {{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
{{- $endpointPort := index .port $port | default .port.default }} {{- $endpointPortMAP := index .port $port }}
{{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- printf "%s.%s:%1.f" $endpointHost $fqdn $endpointPort -}} {{- printf "%s.%s:%1.f" $endpointHost $fqdn $endpointPort -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

View File

@ -0,0 +1,35 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the hostname
# portion is used or relevant in the template:
# { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }
# returns: internal_host_fqdn
{{- define "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $context := index . 2 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}}
{{- with $endpointMap -}}
{{- $endpointScheme := .scheme }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
{{- printf "%s.%s" $endpointHost $fqdn -}}
{{- end -}}
{{- end -}}

View File

@ -15,11 +15,10 @@
# This function returns hostnames from endpoint definitions for use cases # This function returns hostnames from endpoint definitions for use cases
# where the uri style return is not appropriate, and only the short hostname or # where the uri style return is not appropriate, and only the short hostname or
# kubernetes servicename is used or relevant in the template: # kubernetes servicename is used or relevant in the template:
# { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_endpoint_lookup" } # { tuple "memcache" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }
# returns: the short internal hostname, which will also match the service name # returns: the short internal hostname, which will also match the service name
{{- define "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
{{- define "helm-toolkit.endpoints.hostname_endpoint_lookup" -}}
{{- $type := index . 0 -}} {{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}} {{- $endpoint := index . 1 -}}
{{- $context := index . 2 -}} {{- $context := index . 2 -}}

View File

@ -14,7 +14,7 @@
# This function is used in endpoint management templates # This function is used in endpoint management templates
# it returns the service type for an openstack service eg: # it returns the service type for an openstack service eg:
# { tuple orchestration . | include "ks_endpoint_type" } # { tuple orchestration . | include "keystone_endpoint_name_lookup" }
# will return "heat" # will return "heat"
{{- define "helm-toolkit.endpoints.keystone_endpoint_name_lookup" -}} {{- define "helm-toolkit.endpoints.keystone_endpoint_name_lookup" -}}

View File

@ -0,0 +1,30 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This function returns the path for a service, it takes an tuple
# input in the form: service-type, endpoint-class, port-name. eg:
# { tuple "orchestration" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }
# will return the appropriate path.
{{- define "helm-toolkit.endpoints.keystone_endpoint_path_lookup" -}}
{{- $type := index . 0 -}}
{{- $endpoint := index . 1 -}}
{{- $port := index . 2 -}}
{{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }}
{{- with $endpointMap -}}
{{- $endpointPath := index .path $endpoint | default .path.default | default "/" }}
{{- printf "%s" $endpointPath -}}
{{- end -}}
{{- end -}}

View File

@ -23,15 +23,16 @@
{{- $port := index . 2 -}} {{- $port := index . 2 -}}
{{- $context := index . 3 -}} {{- $context := index . 3 -}}
{{- $endpointMap := index $context.Values.endpoints $type }} {{- $endpointMap := index $context.Values.endpoints $type }}
{{- $fqdn := $context.Release.Namespace -}} {{- $fqdn := default "svc.cluster.local" $context.Release.Namespace -}}
{{- if $context.Values.endpoints.fqdn -}} {{- if $context.Values.endpoints.fqdn -}}
{{- $fqdn := $context.Values.endpoints.fqdn -}} {{- $fqdn := $context.Values.endpoints.fqdn -}}
{{- end -}} {{- end -}}
{{- with $endpointMap -}} {{- with $endpointMap -}}
{{- $endpointScheme := .scheme }} {{- $endpointScheme := index .scheme $endpoint | default .scheme.default }}
{{- $endpointHost := index .hosts $endpoint | default .hosts.default }} {{- $endpointHost := index .hosts $endpoint | default .hosts.default }}
{{- $endpointPort := index .port $port }} {{- $endpointPortMAP := index .port $port }}
{{- $endpointPath := .path | default "" }} {{- $endpointPort := index $endpointPortMAP $endpoint | default (index $endpointPortMAP "default") }}
{{- $endpointPath := index .path $endpoint | default .path.default | default "/" }}
{{- printf "%s://%s.%s:%1.f%s" $endpointScheme $endpointHost $fqdn $endpointPort $endpointPath -}} {{- printf "%s://%s.%s:%1.f%s" $endpointScheme $endpointHost $fqdn $endpointPort $endpointPath -}}
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}

View File

@ -15,5 +15,5 @@
{{- define "helm-toolkit.utils.comma_joined_hostname_list" -}} {{- define "helm-toolkit.utils.comma_joined_hostname_list" -}}
{{- $deps := index . 0 -}} {{- $deps := index . 0 -}}
{{- $envAll := index . 1 -}} {{- $envAll := index . 1 -}}
{{- range $k, $v := $deps -}}{{- if $k -}},{{- end -}}{{ tuple $v.service $v.endpoint $envAll | include "helm-toolkit.endpoints.hostname_endpoint_lookup" }}{{- end -}} {{- range $k, $v := $deps -}}{{- if $k -}},{{- end -}}{{ tuple $v.service $v.endpoint $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}{{- end -}}
{{- end -}} {{- end -}}

View File

@ -144,7 +144,7 @@ SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = { CACHES = {
'default': { 'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache', 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '{{ .Values.memcached.host }}:{{ .Values.memcached.port }}' 'LOCATION': '{{ tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}'
} }
} }
@ -165,7 +165,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# ('http://cluster2.example.com:5000/v2.0', 'cluster2'), # ('http://cluster2.example.com:5000/v2.0', 'cluster2'),
#] #]
OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}" OPENSTACK_KEYSTONE_URL = "{{ tuple "identity" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
# Enables keystone web single-sign-on if set to True. # Enables keystone web single-sign-on if set to True.
@ -309,7 +309,7 @@ IMAGE_RESERVED_CUSTOM_PROPERTIES = []
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints # OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints
# in the Keystone service catalog. Use this setting when Horizon is running # in the Keystone service catalog. Use this setting when Horizon is running
# external to the OpenStack environment. The default is 'publicURL'. # external to the OpenStack environment. The default is 'publicURL'.
OPENSTACK_ENDPOINT_TYPE = "internalURL" OPENSTACK_ENDPOINT_TYPE = "publicURL"
# SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the # SECONDARY_ENDPOINT_TYPE specifies the fallback endpoint type to use in the
# case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints # case that OPENSTACK_ENDPOINT_TYPE is not present in the endpoints

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: http
- host: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: http
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "dashboard" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -15,16 +15,18 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: horizon name: {{ tuple "dashboard" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
{{ if .Values.network.enable_node_port }} {{ if .Values.network.enable_node_port }}
- nodePort: {{ .Values.network.node_port }} - name: http
nodePort: {{ .Values.network.node_port }}
port: {{ .Values.network.port }} port: {{ .Values.network.port }}
protocol: TCP protocol: TCP
targetPort: {{ .Values.network.port }} targetPort: {{ .Values.network.port }}
{{ else }} {{ else }}
- port: {{ .Values.network.port }} - name: http
port: {{ .Values.network.port }}
protocol: TCP protocol: TCP
targetPort: {{ .Values.network.port }} targetPort: {{ .Values.network.port }}
{{ end }} {{ end }}

View File

@ -44,14 +44,12 @@ labels:
node_selector_value: enabled node_selector_value: enabled
network: network:
ingress:
public: true
port: 80 port: 80
node_port: 31000 node_port: 31000
enable_node_port: false enable_node_port: false
memcached:
host: memcached
port: 11211
local_settings: local_settings:
horizon_secret_key: 9aee62c0-5253-4a86-b189-e0fb71fa503c horizon_secret_key: 9aee62c0-5253-4a86-b189-e0fb71fa503c
debug: "True" debug: "True"
@ -82,16 +80,34 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
dashboard:
name: horizon
hosts:
default: horizon-int
public: horizon
path:
default: null
scheme:
default: http
port:
web:
default: 80
mounts: mounts:
horizon: horizon:

View File

@ -83,7 +83,6 @@ spec:
args: args:
- /nginx-ingress-controller - /nginx-ingress-controller
- '--default-backend-service=$(POD_NAMESPACE)/ingress-error-pages' - '--default-backend-service=$(POD_NAMESPACE)/ingress-error-pages'
- '--v=3'
{{- if .Values.network.host_namespace }} {{- if .Values.network.host_namespace }}
volumeMounts: volumeMounts:
- name: ingress-etc - name: ingress-etc

View File

@ -0,0 +1,32 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
labels:
app: ingress-api
name: {{ .Values.endpoints.ingress.host }}
spec:
ports:
- name: http
port: {{ .Values.endpoints.ingress.port.http }}
protocol: TCP
targetPort: 80
- name: https
port: {{ .Values.endpoints.ingress.port.https }}
protocol: TCP
targetPort: 443
selector:
app: ingress-api

View File

@ -23,7 +23,8 @@ replicas:
images: images:
entrypoint: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0 entrypoint: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
ingress: gcr.io/google_containers/nginx-ingress-controller:0.8.3 # https://github.com/kubernetes/ingress/blob/master/controllers/nginx/Changelog.md
ingress: gcr.io/google_containers/nginx-ingress-controller:0.9.0-beta.8
error_pages: gcr.io/google_containers/defaultbackend:1.0 error_pages: gcr.io/google_containers/defaultbackend:1.0
pull_policy: "IfNotPresent" pull_policy: "IfNotPresent"
@ -48,6 +49,13 @@ network:
- 10.96.0.10 - 10.96.0.10
- 8.8.8.8 - 8.8.8.8
endpoints:
ingress:
host: openstack
port:
http: 80
https: 443
deployment_type: Deployment deployment_type: Deployment
resources: resources:

View File

@ -23,7 +23,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.keystone.cache.oslo.cache.memcache_servers -}} {{- if empty .Values.conf.keystone.cache.oslo.cache.memcache_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.keystone.cache.oslo.cache "memcache_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.keystone.cache.oslo.cache "memcache_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
apiVersion: v1 apiVersion: v1

View File

@ -18,6 +18,10 @@ Listen 0.0.0.0:{{ .Values.network.admin.port }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
<VirtualHost *:{{ .Values.network.api.port }}> <VirtualHost *:{{ .Values.network.api.port }}>
WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP} WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public WSGIProcessGroup keystone-public
@ -49,3 +53,23 @@ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-A
CustomLog /dev/stdout combined env=!forwarded CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded CustomLog /dev/stdout proxy env=forwarded
</VirtualHost> </VirtualHost>
Alias /identity /var/www/cgi-bin/keystone/keystone-wsgi-public
<Location /identity>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup keystone-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
Alias /identity_admin /var/www/cgi-bin/keystone/keystone-wsgi-admin
<Location /identity_admin>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup keystone-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: ks-pub
- host: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: ks-pub
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -15,15 +15,15 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: keystone-api name: {{ tuple "identity" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- name: keystone-api-public - name: ks-pub
port: {{ .Values.network.api.port }} port: {{ .Values.network.api.port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}
- name: keystone-api-admin - name: ks-adm
port: {{ .Values.network.admin.port }} port: {{ .Values.network.admin.port }}
{{ if .Values.network.admin.node_port.enabled }} {{ if .Values.network.admin.node_port.enabled }}
nodePort: {{ .Values.network.admin.node_port.port }} nodePort: {{ .Values.network.admin.node_port.port }}

View File

@ -69,13 +69,13 @@ bootstrap:
network: network:
api: api:
name: "keystone-api" port: 80
port: 5000 ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30500 port: 30500
admin: admin:
name: "keystone-admin"
port: 35357 port: 35357
node_port: node_port:
enabled: false enabled: false
@ -202,11 +202,16 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -220,7 +225,8 @@ endpoints:
path: /keystone path: /keystone
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -234,9 +240,11 @@ endpoints:
path: /openstack path: /openstack
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211

View File

@ -24,7 +24,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.magnum.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.magnum.database.oslo.db.connection -}} {{- if empty .Values.conf.magnum.database.oslo.db.connection -}}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: m-api
- host: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: m-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: magnum-api name: {{ tuple "container-infra" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.magnum.api.magnum.port }} - name: m-api
port: {{ .Values.conf.magnum.api.magnum.port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "container-infra" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -94,8 +94,8 @@ conf:
network: network:
api: api:
name: "magnum-api" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 30511 port: 30511
@ -154,19 +154,29 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
container-infra: container-infra:
name: magnum name: magnum
hosts: hosts:
default: magnum-api default: magnum-api
path: /v1 public: magnum
scheme: 'http' path:
default: /v1
scheme:
default: http
port: port:
api: 9511 api:
default: 9511
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -180,12 +190,14 @@ endpoints:
path: /magnum path: /magnum
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -199,7 +211,8 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
resources: resources:
enabled: false enabled: false

View File

@ -1,3 +1,5 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors. # Copyright 2017 The Openstack-Helm Authors.
# #
# Licensed under the Apache License, Version 2.0 (the "License"); # Licensed under the Apache License, Version 2.0 (the "License");
@ -11,7 +13,6 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
#!/bin/bash
set -ex set -ex

View File

@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
set -x set -ex
exec mistral-server \ exec mistral-server \
--server engine \ --server engine \
--config-file /etc/mistral/mistral.conf --config-file /etc/mistral/mistral.conf

View File

@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
set -x set -ex
exec mistral-server \ exec mistral-server \
--server event-engine \ --server event-engine \
--config-file /etc/mistral/mistral.conf --config-file /etc/mistral/mistral.conf

View File

@ -14,7 +14,7 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
set -x set -ex
exec mistral-server \ exec mistral-server \
--server executor \ --server executor \
--config-file /etc/mistral/mistral.conf --config-file /etc/mistral/mistral.conf

View File

@ -23,7 +23,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.mistral.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.mistral.database.oslo.db.connection -}} {{- if empty .Values.conf.mistral.database.oslo.db.connection -}}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: w-api
- host: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: w-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: mistral-api name: {{ tuple "workflow" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.mistral.api.mistral.config.port }} - name: w-api
port: {{ .Values.conf.mistral.api.mistral.config.port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "workflow" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -78,8 +78,8 @@ keystone:
network: network:
api: api:
name: "mistral-api" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 28989 port: 28989
@ -158,19 +158,29 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
workflow: workflow:
name: mistral name: mistral
hosts: hosts:
default: mistral-api default: mistral-api
path: /v2 public: mistral
scheme: 'http' path:
default: /v2
scheme:
default: 'http'
port: port:
api: 8989 api:
default: 8989
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -184,7 +194,8 @@ endpoints:
path: /mistral path: /mistral
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -198,12 +209,14 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
mounts: mounts:
mistral_api: mistral_api:

View File

@ -34,7 +34,7 @@
{{- end }} {{- end }}
{{- if empty .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.neutron.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end }} {{- end }}
{{- if empty .Values.conf.neutron.database.oslo.db.connection -}} {{- if empty .Values.conf.neutron.database.oslo.db.connection -}}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.server.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: q-api
- host: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: q-api
{{- end }}

View File

@ -0,0 +1,25 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.server.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "network" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: neutron-server name: {{ tuple "network" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.network.server.port }} - name: q-api
port: {{ .Values.network.server.port }}
{{ if .Values.network.server.node_port.enabled }} {{ if .Values.network.server.node_port.enabled }}
nodePort: {{ .Values.network.server.node_port.port }} nodePort: {{ .Values.network.server.node_port.port }}
{{ end }} {{ end }}

View File

@ -98,13 +98,13 @@ network:
# br0: if0 # br0: if0
# br1: iface_two # br1: iface_two
server: server:
name: "neutron-server"
port: 9696 port: 9696
ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30096 port: 30096
metadata: metadata:
name: "neutron-metadata"
port: 8775 port: 8775
keystone: keystone:
@ -438,6 +438,14 @@ conf:
metadata_agent: metadata_agent:
override: override:
append: append:
default:
neutron:
metadata:
agent:
nova_metadata_ip: 10.97.120.234
nova_metadata_port: 80
nova_metadata_protocol: http
metadata_proxy_shared_secret: "password"
sriov_agent: sriov_agent:
override: override:
append: append:
@ -466,7 +474,8 @@ endpoints:
path: /neutron path: /neutron
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -480,39 +489,58 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
compute: compute:
name: nova name: nova
hosts: hosts:
default: nova-api default: nova-api
path: "/v2/%(tenant_id)s" public: nova
scheme: 'http' path:
default: "/v2/%(tenant_id)s"
scheme:
default: 'http'
port: port:
api: 8774 api:
metadata: 8775 default: 8774
novncproxy: 6080 public: 80
metadata:
default: 8775
novncproxy:
default: 6080
identity: identity:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
network: network:
name: neutron name: neutron
hosts: hosts:
default: neutron-server default: neutron-server
path: null public: neutron
scheme: 'http' path:
default: null
scheme:
default: 'http'
port: port:
api: 9696 api:
default: 9696
public: 80
mounts: mounts:
neutron_server: neutron_server:

View File

@ -19,7 +19,7 @@ COMMAND="${@:-start}"
function start () { function start () {
exec nova-api-os-compute \ exec nova-api-os-compute \
--config-file /etc/nova/nova.conf --config-file /etc/nova/nova.conf --debug
} }
function stop () { function stop () {

View File

@ -24,7 +24,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.database.oslo.db.connection -}} {{- if empty .Values.conf.nova.database.oslo.db.connection -}}
@ -52,7 +52,15 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.nova.cache.nova.conf.memcache_servers -}} {{- if empty .Values.conf.nova.cache.nova.conf.memcache_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.nova.cache.nova.conf "memcache_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.cache.nova.conf "memcache_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.nova.default.nova.conf.metadata_host -}}
{{- set .Values.conf.nova.default.nova.conf "metadata_host" .Values.network.metadata.ip | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.nova.default.nova.conf.metadata_port -}}
{{- tuple "compute_metadata" "public" "metadata" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.nova.default.nova.conf "metadata_port" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
apiVersion: v1 apiVersion: v1

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.metadata.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: n-meta
- host: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: n-meta
{{- end }}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.osapi.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: n-api
- host: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: n-api
{{- end }}

View File

@ -0,0 +1,27 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.metadata.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "compute_metadata" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
clusterIP: {{ .Values.network.metadata.ip }}
selector:
app: ingress-api
{{- end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.osapi.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "compute" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -15,10 +15,10 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: nova-metadata name: {{ tuple "compute_metadata" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- name: nova-metadata - name: n-meta
port: {{ .Values.network.metadata.port }} port: {{ .Values.network.metadata.port }}
{{ if .Values.network.metadata.node_port.enabled }} {{ if .Values.network.metadata.node_port.enabled }}
nodePort: {{ .Values.network.metadata.node_port.port }} nodePort: {{ .Values.network.metadata.node_port.port }}

View File

@ -15,13 +15,10 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
# alanmeadows(TODO): refactor to nova-osapi name: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
# which requires updating other charts
# dependencies
name: nova-api
spec: spec:
ports: ports:
- name: nova-api-osapi - name: n-api
port: {{ .Values.network.osapi.port }} port: {{ .Values.network.osapi.port }}
{{ if .Values.network.osapi.node_port.enabled }} {{ if .Values.network.osapi.node_port.enabled }}
nodePort: {{ .Values.network.osapi.node_port.port }} nodePort: {{ .Values.network.osapi.node_port.port }}

View File

@ -106,20 +106,20 @@ network:
kubernetes_domain: "cluster.local" kubernetes_domain: "cluster.local"
other_domains: "" other_domains: ""
osapi: osapi:
name: "nova-osapi"
port: 8774 port: 8774
ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30774 port: 30774
metadata: metadata:
name: "nova-metadata" ip: 10.97.120.234
port: 8775 port: 8775
ingress:
public: true
node_port: node_port:
enabled: false enabled: false
port: 30775 port: 30775
novncproxy:
name: "nova-novncproxy"
port: 6080
keystone: keystone:
admin_user: "admin" admin_user: "admin"
@ -326,6 +326,10 @@ conf:
oslo: oslo:
concurrency: concurrency:
lock_path: /var/lib/nova/tmp lock_path: /var/lib/nova/tmp
oslo_middleware:
oslo:
middleware:
enable_proxy_headers_parsing: true
glance: glance:
nova: nova:
conf: conf:
@ -410,7 +414,8 @@ endpoints:
path: /nova path: /nova
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_db_api: oslo_db_api:
auth: auth:
admin: admin:
@ -424,7 +429,8 @@ endpoints:
path: /nova_api path: /nova_api
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -438,48 +444,82 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
compute: default: 11211
name: nova
hosts:
default: nova-api
path: "/v2/%(tenant_id)s"
scheme: 'http'
port:
api: 8774
metadata: 8775
novncproxy: 6080
identity: identity:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
api: 5000 admin:
admin: 35357 default: 35357
api:
default: 80
image: image:
name: glance name: glance
hosts: hosts:
default: glance-api default: glance-api
path: null public: glance
scheme: 'http' path:
default: null
scheme:
default: http
port: port:
api: 9292 api:
registry: 9191 default: 9292
public: 80
compute:
name: nova
hosts:
default: nova-api
public: nova
path:
default: "/v2/%(tenant_id)s"
scheme:
default: 'http'
port:
api:
default: 8774
public: 80
novncproxy:
default: 6080
compute_metadata:
name: nova
hosts:
default: nova-metadata
public: metadata
path:
default: /
scheme:
default: 'http'
port:
metadata:
default: 8775
public: 80
network: network:
name: neutron name: neutron
hosts: hosts:
default: neutron-server default: neutron-server
path: null public: neutron
scheme: 'http' path:
default: null
scheme:
default: 'http'
port: port:
api: 9696 api:
default: 9696
public: 80
resources: resources:

View File

@ -24,7 +24,7 @@
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}} {{- if empty .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.hostname_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}} {{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.senlin.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}} {{- end -}}
{{- if empty .Values.conf.senlin.database.oslo.db.connection -}} {{- if empty .Values.conf.senlin.database.oslo.db.connection -}}

View File

@ -0,0 +1,39 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:
- host: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: s-api
- host: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
http:
paths:
- path: /
backend:
serviceName: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
servicePort: s-api
{{- end }}

View File

@ -15,10 +15,11 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: senlin-api name: {{ tuple "clustering" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec: spec:
ports: ports:
- port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }} - name: s-api
port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }}
{{ if .Values.network.api.node_port.enabled }} {{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }} nodePort: {{ .Values.network.api.node_port.port }}
{{ end }} {{ end }}

View File

@ -0,0 +1,26 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.network.api.ingress.public }}
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "clustering" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: http
port: 80
selector:
app: ingress-api
{{- end }}

View File

@ -95,8 +95,8 @@ conf:
network: network:
api: api:
name: "senlin-api" ingress:
proto: "http" public: true
node_port: node_port:
enabled: false enabled: false
port: 30778 port: 30778
@ -155,19 +155,29 @@ endpoints:
name: keystone name: keystone
hosts: hosts:
default: keystone-api default: keystone-api
path: /v3 public: keystone
scheme: 'http' path:
default: /v3
scheme:
default: http
port: port:
admin: 35357 admin:
api: 5000 default: 35357
api:
default: 80
clustering: clustering:
name: senlin name: senlin
hosts: hosts:
default: senlin-api default: senlin-api
path: null public: senlin
scheme: 'http' path:
default: null
scheme:
default: http
port: port:
api: 8778 api:
default: 8778
public: 80
oslo_db: oslo_db:
auth: auth:
admin: admin:
@ -181,12 +191,14 @@ endpoints:
path: /senlin path: /senlin
scheme: mysql+pymysql scheme: mysql+pymysql
port: port:
mysql: 3306 mysql:
default: 3306
oslo_cache: oslo_cache:
hosts: hosts:
default: memcached default: memcached
port: port:
memcache: 11211 memcache:
default: 11211
oslo_messaging: oslo_messaging:
auth: auth:
admin: admin:
@ -200,7 +212,8 @@ endpoints:
path: / path: /
scheme: rabbit scheme: rabbit
port: port:
amqp: 5672 amqp:
default: 5672
resources: resources:
enabled: false enabled: false

View File

@ -64,6 +64,7 @@ EOF"
kubectl exec -n ceph ceph-mon-0 -- ceph osd pool create vms 8 kubectl exec -n ceph ceph-mon-0 -- ceph osd pool create vms 8
fi fi
helm install --namespace=openstack local/ingress --name=ingress
helm install --namespace=openstack local/mariadb --name=mariadb helm install --namespace=openstack local/mariadb --name=mariadb
helm install --namespace=openstack local/memcached --name=memcached helm install --namespace=openstack local/memcached --name=memcached
helm install --namespace=openstack local/etcd --name=etcd-rabbitmq helm install --namespace=openstack local/etcd --name=etcd-rabbitmq
@ -101,3 +102,11 @@ helm_test_deployment keystone 600
helm_test_deployment glance 600 helm_test_deployment glance 600
helm_test_deployment neutron 600 helm_test_deployment neutron 600
helm_test_deployment nova 600 helm_test_deployment nova 600
if [ "x$LAUNCH_ALL_OSH_SERVICES" == "xtrue" ]; then
helm install --namespace=openstack local/barbican --name=barbican
helm install --namespace=openstack local/magnum --name=magnum
helm install --namespace=openstack local/mistral --name=mistral
helm install --namespace=openstack local/senlin --name=senlin
kube_wait_for_pods openstack 600
fi

View File

@ -18,7 +18,7 @@ set -xe
: ${KS_PASSWORD:="password"} : ${KS_PASSWORD:="password"}
: ${KS_USER_DOMAIN:="default"} : ${KS_USER_DOMAIN:="default"}
: ${KS_PROJECT_DOMAIN:="default"} : ${KS_PROJECT_DOMAIN:="default"}
: ${KS_URL:="http://keystone-api.openstack:5000/v3"} : ${KS_URL:="http://keystone.openstack/v3"}
: ${OSH_BR_EX_ADDR:="172.24.4.1/24"} : ${OSH_BR_EX_ADDR:="172.24.4.1/24"}
: ${OSH_EXT_SUBNET:="172.24.4.0/24"} : ${OSH_EXT_SUBNET:="172.24.4.0/24"}

View File

@ -30,6 +30,7 @@ export PVC_BACKEND=ceph
# Setup the logging location: by default use the working dir as the root. # Setup the logging location: by default use the working dir as the root.
export LOGS_DIR=${LOGS_DIR:-"${WORK_DIR}/logs"} export LOGS_DIR=${LOGS_DIR:-"${WORK_DIR}/logs"}
rm -rf ${LOGS_DIR} || true
mkdir -p ${LOGS_DIR} mkdir -p ${LOGS_DIR}
function dump_logs () { function dump_logs () {