Remove nova-placement from nova chart

nova-placement has been removed as of train, since we
do not support openstack releases before train, it
is no longer needed. This change removes nova-placement
from the nova chart and all the overrides, as well as
changes the compute-kit scripts to always deploy
the placement chart.

Change-Id: Ic8649371fe9e954806cbe4bf11c589fb58c7a88d
This commit is contained in:
Gage Hugo 2022-03-30 14:17:36 -05:00
parent 1e49055cea
commit d1b72aa35e
32 changed files with 2 additions and 686 deletions

View File

@ -300,8 +300,6 @@ Continue with OSH multinode guide to install other Openstack charts.
nova-conductor-64457cf995-lbv65 1/1 Running 0 16m
nova-conductor-64457cf995-zts48 1/1 Running 0 16m
nova-novncproxy-54467b9c66-vp49j 1/1 Running 0 16m
nova-placement-api-655cd9fcf6-5p5sc 1/1 Running 0 16m
nova-placement-api-655cd9fcf6-r46dk 1/1 Running 0 16m
nova-scheduler-59647c6d9f-vm78p 1/1 Running 0 16m
openvswitch-db-cv47r 1/1 Running 0 41m
openvswitch-db-dq7rc 1/1 Running 0 41m
@ -519,8 +517,6 @@ pods are running. No interruption to OSH pods.
nova-conductor-64457cf995-lbv65 1/1 Running 0 52m
nova-conductor-64457cf995-zts48 1/1 Running 0 52m
nova-novncproxy-54467b9c66-vp49j 1/1 Running 0 52m
nova-placement-api-655cd9fcf6-5p5sc 1/1 Running 0 52m
nova-placement-api-655cd9fcf6-r46dk 1/1 Running 0 52m
nova-scheduler-59647c6d9f-vm78p 1/1 Running 0 52m
openvswitch-db-cv47r 1/1 Running 0 1h
openvswitch-db-dq7rc 1/1 Running 0 1h

View File

@ -14,7 +14,7 @@ apiVersion: v1
appVersion: v1.0.0
description: OpenStack-Helm Nova
name: nova
version: 0.2.36
version: 0.2.37
home: https://docs.openstack.org/nova/latest/
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png
sources:

View File

@ -1,55 +0,0 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
COMMAND="${@:-start}"
function start () {
cp -a $(type -p nova-placement-api) /var/www/cgi-bin/nova/
if [ -f /etc/apache2/envvars ]; then
# Loading Apache2 ENV variables
source /etc/apache2/envvars
# The directory below has to be created due to the fact that
# libapache2-mod-wsgi-py3 doesn't create it in contrary by libapache2-mod-wsgi
if [ ! -d ${APACHE_RUN_DIR} ]; then
mkdir -p ${APACHE_RUN_DIR}
fi
fi
# Start Apache2
{{- if .Values.conf.software.apache2.a2enmod }}
{{- range .Values.conf.software.apache2.a2enmod }}
a2enmod {{ . }}
{{- end }}
{{- end }}
{{- if .Values.conf.software.apache2.a2dismod }}
{{- range .Values.conf.software.apache2.a2dismod }}
a2dismod {{ . }}
{{- end }}
{{- end }}
exec {{ .Values.conf.software.apache2.binary }} {{ .Values.conf.software.apache2.start_parameters }}
}
function stop () {
if [ -f /etc/apache2/envvars ]; then
source /etc/apache2/envvars
fi
{{ .Values.conf.software.apache2.binary }} -k graceful-stop
}
$COMMAND

View File

@ -69,8 +69,6 @@ data:
{{ tuple "bin/_nova-api-metadata.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
nova-api-metadata-init.sh: |
{{ tuple "bin/_nova-api-metadata-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
nova-placement-api.sh: |
{{ tuple "bin/_nova-placement-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
nova-compute.sh: |
{{ tuple "bin/_nova-compute.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
nova-compute-init.sh: |

View File

@ -278,7 +278,6 @@ data:
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }}
nova-ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_ironic | b64enc }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_placement "key" "wsgi-nova-placement.conf" "format" "Secret" ) | indent 2 }}
{{- if .Values.manifests.certificates }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf" "format" "Secret" ) | indent 2 }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_nova_api "key" "wsgi-api.conf" "format" "Secret" ) | indent 2 }}

View File

@ -1,145 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "novaPlacementLivenessProbeTemplate" }}
tcpSocket:
port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
{{- define "novaPlacementReadinessProbeTemplate" }}
#NOTE(portdirect): use tcpSocket check as HTTP will return 401
tcpSocket:
port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
{{- if .Values.manifests.deployment_placement }}
{{- $envAll := . }}
{{- $mounts_nova_placement := .Values.pod.mounts.nova_placement.nova_placement }}
{{- $mounts_nova_placement_init := .Values.pod.mounts.nova_placement.init_container }}
{{- $serviceAccountName := "nova-placement-api" }}
{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nova-placement-api
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.placement }}
selector:
matchLabels:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "nova-placement" "containerNames" (list "nova-placement-api" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.placement.node_selector_key }}: {{ .Values.labels.placement.node_selector_value }}
{{ if $envAll.Values.pod.tolerations.nova.enabled }}
{{ tuple $envAll "nova" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
{{ end }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.placement.timeout | default "30" }}
initContainers:
{{ tuple $envAll "api" $mounts_nova_placement_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: nova-placement-api
{{ tuple $envAll "nova_placement" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.placement | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "nova" "container" "nova_placement_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/nova-placement-api.sh
- start
lifecycle:
preStop:
exec:
command:
- /tmp/nova-placement-api.sh
- stop
ports:
- name: p-api
containerPort: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ dict "envAll" $envAll "component" "placement" "container" "default" "type" "liveness" "probeTemplate" (include "novaPlacementLivenessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
{{ dict "envAll" $envAll "component" "placement" "container" "default" "type" "readiness" "probeTemplate" (include "novaPlacementReadinessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: wsgi-nova
mountPath: /var/www/cgi-bin/nova
- name: nova-bin
mountPath: /tmp/nova-placement-api.sh
subPath: nova-placement-api.sh
readOnly: true
- name: nova-etc
mountPath: /etc/nova/nova.conf
subPath: nova.conf
readOnly: true
{{- if .Values.conf.nova.DEFAULT.log_config_append }}
- name: nova-etc
mountPath: {{ .Values.conf.nova.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.nova.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: nova-etc
mountPath: /etc/nova/api-paste.ini
subPath: api-paste.ini
readOnly: true
- name: nova-etc
mountPath: /etc/nova/policy.yaml
subPath: policy.yaml
readOnly: true
- name: nova-etc
mountPath: {{ .Values.conf.software.apache2.conf_dir }}/wsgi-nova-placement.conf
subPath: wsgi-nova-placement.conf
readOnly: true
{{- if .Values.conf.security }}
- name: nova-etc
mountPath: {{ .Values.conf.software.apache2.conf_dir }}/security.conf
subPath: security.conf
readOnly: true
{{- end }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.placement.placement.internal "path" "/etc/nova/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_nova_placement.volumeMounts }}{{ toYaml $mounts_nova_placement.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: wsgi-nova
emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
defaultMode: 0555
- name: nova-etc
secret:
secretName: nova-etc
defaultMode: 0444
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.placement.placement.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_nova_placement.volumes }}{{ toYaml $mounts_nova_placement.volumes | indent 8 }}{{ end }}
{{- end }}

View File

@ -1,23 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress_placement .Values.network.placement.ingress.public }}
{{- $envAll := . -}}
{{- $ingressOpts := dict "envAll" $envAll "backendService" "placement" "backendServiceType" "placement" "backendPort" "p-api" -}}
{{- $secretName := $envAll.Values.secrets.tls.placement.placement.internal -}}
{{- if and .Values.manifests.certificates $secretName }}
{{- $_ := set $ingressOpts "certIssuer" .Values.endpoints.placement.host_fqdn_override.default.tls.issuerRef.name -}}
{{- end }}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

View File

@ -1,24 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_placement_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "placement" "configMapBin" "nova-bin" "serviceTypes" ( tuple "placement" ) -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.placement.placement.internal -}}
{{- end -}}
{{- if .Values.pod.tolerations.nova.enabled -}}
{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}

View File

@ -1,24 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_placement_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "placement" "configMapBin" "nova-bin" "serviceTypes" ( tuple "placement" ) -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.placement.placement.internal -}}
{{- end -}}
{{- if .Values.pod.tolerations.nova.enabled -}}
{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
{{- end }}

View File

@ -1,24 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_placement_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "placement" "serviceUser" "placement" "configMapBin" "nova-bin" -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.placement.placement.internal -}}
{{- end -}}
{{- if .Values.pod.tolerations.nova.enabled -}}
{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}

View File

@ -1,20 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.network_policy -}}
{{- if .Values.manifests.deployment_placement -}}
{{- $netpol_opts := dict "envAll" . "name" "application" "label" "placement" }}
{{ $netpol_opts | include "helm-toolkit.manifests.kubernetes_network_policy" }}
{{- end -}}
{{- end -}}

View File

@ -1,27 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pdb_placement }}
{{- $envAll := . }}
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: nova-placement-api
spec:
minAvailable: {{ .Values.pod.lifecycle.disruption_budget.placement.min_available }}
selector:
matchLabels:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{- end }}

View File

@ -1,28 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_keystone_placement }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "placement" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

View File

@ -1,18 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress_placement .Values.network.placement.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "placement" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

View File

@ -1,34 +0,0 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service_placement }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "placement" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: p-api
port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.placement.node_port.enabled }}
nodePort: {{ .Values.network.placement.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "nova" "placement" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.placement.node_port.enabled }}
type: NodePort
{{ end }}
{{- end }}

View File

@ -41,9 +41,6 @@ labels:
osapi:
node_selector_key: openstack-control-plane
node_selector_value: enabled
placement:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled
@ -76,7 +73,6 @@ images:
nova_db_sync: docker.io/openstackhelm/nova:ussuri-ubuntu_bionic
nova_novncproxy: docker.io/openstackhelm/nova:ussuri-ubuntu_bionic
nova_novncproxy_assets: 'docker.io/kolla/ubuntu-source-nova-novncproxy:ocata'
nova_placement: docker.io/openstackhelm/nova:ussuri-ubuntu_bionic
nova_scheduler: docker.io/openstackhelm/nova:ussuri-ubuntu_bionic
# NOTE(portdirect): we simply use the ceph config helper here,
# as it has both oscli and jq.
@ -236,18 +232,6 @@ network:
node_port:
enabled: false
port: 30775
placement:
port: 8778
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
node_port:
enabled: false
port: 30778
novncproxy:
ingress:
public: true
@ -379,7 +363,6 @@ dependencies:
jobs:
- nova-db-sync
- nova-rabbit-init
- placement-ks-endpoints
services:
- endpoint: internal
service: oslo_messaging
@ -410,7 +393,6 @@ dependencies:
jobs:
- nova-db-sync
- nova-rabbit-init
- placement-ks-endpoints
services:
- endpoint: internal
service: oslo_messaging
@ -472,7 +454,6 @@ dependencies:
jobs:
- nova-db-sync
- nova-rabbit-init
- placement-ks-endpoints
services:
- endpoint: internal
service: oslo_messaging
@ -974,41 +955,6 @@ conf:
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR
wsgi_placement: |
Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
<VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess placement-api processes=4 threads=1 user=nova group=nova display-name=%{GROUP}
WSGIProcessGroup placement-api
WSGIScriptAlias / /var/www/cgi-bin/nova/nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
</VirtualHost>
Alias /placement /var/www/cgi-bin/nova/nova-placement-api
<Location /placement>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
rootwrap_filters:
api_metadata:
pods:
@ -1588,7 +1534,6 @@ secrets:
identity:
admin: nova-keystone-admin
nova: nova-keystone-user
placement: nova-keystone-placement
test: nova-keystone-test
oslo_db:
admin: nova-db-admin
@ -1611,10 +1556,6 @@ secrets:
novncproxy:
public: nova-novncproxy-tls-public
internal: nova-novncproxy-tls-proxy
placement:
placement:
public: placement-tls-public
internal: placement-tls-api
compute_metadata:
metadata:
public: metadata-tls-public
@ -2053,20 +1994,6 @@ pod:
initialDelaySeconds: 30
periodSeconds: 60
timeoutSeconds: 15
placement:
default:
liveness:
enabled: True
params:
initialDelaySeconds: 50
periodSeconds: 30
timeoutSeconds: 10
readiness:
enabled: True
params:
initialDelaySeconds: 15
periodSeconds: 30
timeoutSeconds: 10
scheduler:
default:
liveness:
@ -2109,11 +2036,6 @@ pod:
ceph_perms:
readOnlyRootFilesystem: true
runAsUser: 0
ceph_admin_keyring_placement:
readOnlyRootFilesystem: true
ceph_keyring_placement:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
nova_compute_vnc_init:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
@ -2149,9 +2071,6 @@ pod:
nova_novncproxy:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
nova_placement_api:
readOnlyRootFilesystem: false
allowPrivilegeEscalation: false
nova_scheduler:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
@ -2250,11 +2169,6 @@ pod:
nova_api_metadata:
volumeMounts:
volumes:
nova_placement:
init_container: null
nova_placement:
volumeMounts:
volumes:
nova_api_osapi:
init_container: null
nova_api_osapi:
@ -2299,7 +2213,6 @@ pod:
replicas:
api_metadata: 1
compute_ironic: 1
placement: 1
osapi: 1
conductor: 1
scheduler: 1
@ -2322,15 +2235,11 @@ pod:
disruption_budget:
metadata:
min_available: 0
placement:
min_available: 0
osapi:
min_available: 0
termination_grace_period:
metadata:
timeout: 30
placement:
timeout: 30
osapi:
timeout: 30
resources:
@ -2356,13 +2265,6 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
placement:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
api:
requests:
memory: "128Mi"
@ -2505,12 +2407,6 @@ network_policy:
- {}
egress:
- {}
placement:
# TODO(lamt): Need to tighten this ingress for security.
ingress:
- {}
egress:
- {}
# NOTE(helm_hook): helm_hook might break for helm2 binary.
# set helm3_hook: false when using the helm2 binary.
@ -2535,18 +2431,15 @@ manifests:
daemonset_compute: true
deployment_api_metadata: true
deployment_api_osapi: true
deployment_placement: true
deployment_conductor: true
deployment_novncproxy: true
deployment_spiceproxy: true
deployment_scheduler: true
ingress_metadata: true
ingress_novncproxy: true
ingress_placement: true
ingress_osapi: true
job_bootstrap: true
job_db_init: true
job_db_init_placement: true
job_db_sync: true
job_db_drop: false
job_image_repo_sync: true
@ -2554,12 +2447,8 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_ks_placement_endpoints: true
job_ks_placement_service: true
job_ks_placement_user: true
job_cell_setup: true
pdb_metadata: true
pdb_placement: true
pdb_osapi: true
pod_rally_test: true
network_policy: false
@ -2568,14 +2457,11 @@ manifests:
secret_db: true
secret_ingress_tls: true
secret_keystone: true
secret_keystone_placement: true
secret_rabbitmq: true
service_ingress_metadata: true
service_ingress_novncproxy: true
service_ingress_placement: true
service_ingress_osapi: true
service_metadata: true
service_placement: true
service_novncproxy: true
service_spiceproxy: true
service_osapi: true

View File

@ -7,9 +7,6 @@ pod:
init: runtime/default
nova-compute-init: runtime/default
nova-compute-vnc-init: runtime/default
nova-placement:
nova-placement-api: runtime/default
init: runtime/default
nova-api-metadata:
nova-api-metadata-init: runtime/default
nova-api: runtime/default

View File

@ -14,7 +14,4 @@ network_policy:
ports:
- protocol: TCP
port: %%%REPLACE_API_PORT%%%
placement:
egress:
- {}
...

View File

@ -29,9 +29,6 @@ conf:
osapi:
node_selector_key: openstack-control-plane
node_selector_value: enabled
placement:
node_selector_key: openstack-control-plane
node_selector_value: enabled
scheduler:
node_selector_key: openstack-control-plane
node_selector_value: enabled

View File

@ -8,10 +8,6 @@ network:
ingress:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "https"
placement:
ingress:
annotations:
nginx.ingress.kubernetes.io/backend-protocol: "https"
novncproxy:
ingress:
annotations:
@ -83,48 +79,6 @@ conf:
apache2:
a2enmod:
- ssl
wsgi_placement: |
Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
<VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess placement-api processes=4 threads=1 user=nova group=nova display-name=%{GROUP}
WSGIProcessGroup placement-api
WSGIScriptAlias / /var/www/cgi-bin/nova/nova-placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /dev/stdout
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
SSLEngine on
SSLCertificateFile /etc/nova/certs/tls.crt
SSLCertificateKeyFile /etc/nova/certs/tls.key
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSLHonorCipherOrder on
</VirtualHost>
Alias /placement /var/www/cgi-bin/nova/nova-placement-api
<Location /placement>
SetHandler wsgi-script
Options +ExecCGI
WSGIProcessGroup placement-api
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
</Location>
nova:
console:
ssl_minimum_version: tlsv1_2

View File

@ -1,16 +0,0 @@
---
manifests:
cron_job_cell_setup: false
cron_job_service_cleaner: false
statefulset_compute_ironic: false
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
...

View File

@ -16,7 +16,6 @@ images:
nova_db_sync: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
nova_novncproxy: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
nova_novncproxy_assets: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
nova_placement: "docker.io/openstackhelm/placement:master-ubuntu_bionic-20200207"
nova_scheduler: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
nova_spiceproxy: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:train-ubuntu_bionic"

View File

@ -1,16 +0,0 @@
---
manifests:
# NOTE(lamt): Placement code was extracted from nova post Stein.
# A placement chart will need to be deployed to replace.
# See: https://docs.openstack.org/releasenotes/nova/train.html
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
...

View File

@ -16,7 +16,6 @@ images:
nova_db_sync: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
nova_novncproxy: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
nova_novncproxy_assets: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
nova_placement: "docker.io/openstackhelm/placement:master-ubuntu_bionic-20200207"
nova_scheduler: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
nova_spiceproxy: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"

View File

@ -1,16 +0,0 @@
---
manifests:
# NOTE(lamt): Placement code was extracted from nova post Stein.
# A placement chart will need to be deployed to replace.
# See: https://docs.openstack.org/releasenotes/nova/train.html
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
...

View File

@ -16,7 +16,6 @@ images:
nova_db_sync: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
nova_novncproxy: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
nova_novncproxy_assets: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
nova_placement: "docker.io/openstackhelm/placement:master-ubuntu_bionic-20200207"
nova_scheduler: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
nova_spiceproxy: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"

View File

@ -1,16 +0,0 @@
---
manifests:
# NOTE(lamt): Placement code was extracted from nova post Stein.
# A placement chart will need to be deployed to replace.
# See: https://docs.openstack.org/releasenotes/nova/train.html
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
...

View File

@ -16,7 +16,6 @@ images:
nova_db_sync: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
nova_novncproxy: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
nova_novncproxy_assets: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
nova_placement: "docker.io/openstackhelm/placement:master-ubuntu_bionic-20200207"
nova_scheduler: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
nova_spiceproxy: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"

View File

@ -1,19 +1,4 @@
---
manifests:
# NOTE(lamt): Placement code was extracted from nova post Stein.
# A placement chart will need to be deployed to replace.
# See: https://docs.openstack.org/releasenotes/nova/train.html
deployment_placement: false
ingress_placement: false
job_db_init_placement: false
job_ks_placement_endpoints: false
job_ks_placement_service: false
job_ks_placement_user: false
pdb_placement: false
secret_keystone_placement: false
service_ingress_placement: false
service_placement: false
conf:
rally_tests:
tests:

View File

@ -57,4 +57,5 @@ nova:
- 0.2.34 Remove consoleauth in nova
- 0.2.35 Enable taint toleration for Openstack services
- 0.2.36 Support TLS endpoints
- 0.2.37 Remove nova-placement
...

View File

@ -25,8 +25,6 @@ fi
#NOTE: Get the over-rides to use
: ${OSH_EXTRA_HELM_ARGS_NOVA:="$(./tools/deployment/common/get-values-overrides.sh nova)"}
OSH_EXTRA_HELM_ARGS_NOVA="${OSH_EXTRA_HELM_ARGS_NOVA} --values=./nova/values_overrides/train-disable-nova-placement.yaml"
#NOTE: Lint and package chart
make nova

View File

@ -25,8 +25,6 @@ fi
#NOTE: Get the over-rides to use
: ${OSH_EXTRA_HELM_ARGS_NOVA:="$(./tools/deployment/common/get-values-overrides.sh nova)"}
OSH_EXTRA_HELM_ARGS_NOVA="${OSH_EXTRA_HELM_ARGS_NOVA} --values=./nova/values_overrides/train-disable-nova-placement.yaml"
#NOTE: Lint and package chart
make nova