Update Heat PR to relect changes reqested in review
This commit addresses the concerns raised in: https://github.com/att-comdev/openstack-helm/pull/77#pullrequestreview-15758654
This commit is contained in:
portdirect
parent
4403ed40c7
commit
d8a07ee1cb
@ -1,3 +1,4 @@
|
|||||||
|
{{- define "common_keystone_domain_user" }}
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Copyright 2017 Pete Birley
|
# Copyright 2017 Pete Birley
|
||||||
@ -53,3 +54,4 @@ openstack role assignment list \
|
|||||||
--role="${SERVICE_OS_ROLE_ID}" \
|
--role="${SERVICE_OS_ROLE_ID}" \
|
||||||
--user-domain="${SERVICE_OS_DOMAIN_ID}" \
|
--user-domain="${SERVICE_OS_DOMAIN_ID}" \
|
||||||
--user="${SERVICE_OS_USERID}"
|
--user="${SERVICE_OS_USERID}"
|
||||||
|
{{- end }}
|
||||||
@ -12,4 +12,4 @@ data:
|
|||||||
ks-user.sh: |+
|
ks-user.sh: |+
|
||||||
{{- include "common_keystone_user" . | indent 4 }}
|
{{- include "common_keystone_user" . | indent 4 }}
|
||||||
ks-domain-user.sh: |+
|
ks-domain-user.sh: |+
|
||||||
{{ tuple "bin/_ks-domain-user.sh.tpl" . | include "template" | indent 4 }}
|
{{- include "common_keystone_domain_user" . | indent 4 }}
|
||||||
|
|||||||
@ -3,7 +3,7 @@ kind: Deployment
|
|||||||
metadata:
|
metadata:
|
||||||
name: heat-api
|
name: heat-api
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.replicas }}
|
replicas: {{ .Values.replicas.api }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@ -3,7 +3,7 @@ kind: Deployment
|
|||||||
metadata:
|
metadata:
|
||||||
name: heat-cfn
|
name: heat-cfn
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.replicas }}
|
replicas: {{ .Values.replicas.cfn }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@ -3,7 +3,7 @@ kind: Deployment
|
|||||||
metadata:
|
metadata:
|
||||||
name: heat-cloudwatch
|
name: heat-cloudwatch
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.replicas }}
|
replicas: {{ .Values.replicas.cloudwatch }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@ -33,8 +33,7 @@ max_retries = -1
|
|||||||
signing_dir = "/var/cache/heat"
|
signing_dir = "/var/cache/heat"
|
||||||
memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
|
memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
|
||||||
auth_version = v3
|
auth_version = v3
|
||||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
auth_url = {{ include "endpoint_keystone_internal" . }}
|
||||||
auth_url = {{ .Values.keystone.auth_url }}
|
|
||||||
auth_type = password
|
auth_type = password
|
||||||
region_name = {{ .Values.keystone.heat_region_name }}
|
region_name = {{ .Values.keystone.heat_region_name }}
|
||||||
project_domain_name = {{ .Values.keystone.heat_project_domain }}
|
project_domain_name = {{ .Values.keystone.heat_project_domain }}
|
||||||
@ -75,8 +74,7 @@ auth_section = "trustee_keystone"
|
|||||||
signing_dir = "/var/cache/heat"
|
signing_dir = "/var/cache/heat"
|
||||||
memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
|
memcached_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
|
||||||
auth_version = v3
|
auth_version = v3
|
||||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
auth_url = {{ include "endpoint_keystone_internal" . }}
|
||||||
auth_url = {{ .Values.keystone.auth_url }}
|
|
||||||
auth_type = password
|
auth_type = password
|
||||||
region_name = {{ .Values.keystone.heat_trustee_region_name }}
|
region_name = {{ .Values.keystone.heat_trustee_region_name }}
|
||||||
user_domain_name = {{ .Values.keystone.heat_trustee_user_domain }}
|
user_domain_name = {{ .Values.keystone.heat_trustee_user_domain }}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- $ksAdminSecret := $envAll.Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
|
{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
|
||||||
apiVersion: batch/v1
|
apiVersion: batch/v1
|
||||||
kind: Job
|
kind: Job
|
||||||
metadata:
|
metadata:
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
{{- $envAll := . }}
|
{{- $envAll := . }}
|
||||||
{{- $ksAdminSecret := .Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
|
{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
|
||||||
apiVersion: batch/v1
|
apiVersion: batch/v1
|
||||||
kind: Job
|
kind: Job
|
||||||
metadata:
|
metadata:
|
||||||
|
|||||||
@ -1,8 +1,8 @@
|
|||||||
{{- $ksAdminSecret := .Values.keystone.admin_secret | default "heat-env-keystone-admin" }}
|
{{- $ksAdminSecret := .Values.keystone_secrets.admin }}
|
||||||
{{- $ksUserSecret := .Values.keystone.user_secret | default "heat-env-keystone-user" }}
|
{{- $ksUserSecret := .Values.keystone_secrets.user }}
|
||||||
# The heat user management job is a bit different from other services as it also needs to create a stack domain and trusts user
|
# The heat user management job is a bit different from other services as it also needs to create a stack domain and trusts user
|
||||||
{{- $ksTrusteeUserSecret := .Values.keystone.trustee_user_secret | default "heat-env-keystone-trustee" }}
|
{{- $ksTrusteeUserSecret := .Values.keystone_secrets.trustee }}
|
||||||
{{- $ksStackUserSecret := .Values.keystone.trustee_user_secret | default "heat-env-keystone-stack-user" }}
|
{{- $ksStackUserSecret := .Values.keystone_secrets.stack }}
|
||||||
apiVersion: batch/v1
|
apiVersion: batch/v1
|
||||||
kind: Job
|
kind: Job
|
||||||
metadata:
|
metadata:
|
||||||
@ -78,7 +78,7 @@ spec:
|
|||||||
{{- include "env_ks_user_create_openrc_tpl" $env | indent 12 }}
|
{{- include "env_ks_user_create_openrc_tpl" $env | indent 12 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
- name: SERVICE_OS_ROLE
|
- name: SERVICE_OS_ROLE
|
||||||
value: {{ .Values.keystone.heat_trustee_user_role | quote }}
|
value: {{ .Values.keystone.heat_trustee_role | quote }}
|
||||||
- name: heat-ks-domain-user
|
- name: heat-ks-domain-user
|
||||||
image: {{ .Values.images.ks_user }}
|
image: {{ .Values.images.ks_user }}
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: heat-env-keystone-admin
|
name: {{ .Values.keystone_secrets.admin }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
OS_AUTH_URL: |
|
OS_AUTH_URL: |
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: heat-env-keystone-stack-user
|
name: {{ .Values.keystone_secrets.stack }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
OS_REGION_NAME: |
|
OS_REGION_NAME: |
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: heat-env-keystone-trustee
|
name: {{ .Values.keystone_secrets.trustee }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
OS_AUTH_URL: |
|
OS_AUTH_URL: |
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
name: heat-env-keystone-user
|
name: {{ .Values.keystone_secrets.user }}
|
||||||
type: Opaque
|
type: Opaque
|
||||||
data:
|
data:
|
||||||
OS_AUTH_URL: |
|
OS_AUTH_URL: |
|
||||||
|
|||||||
@ -4,7 +4,7 @@ metadata:
|
|||||||
name: heat-engine
|
name: heat-engine
|
||||||
spec:
|
spec:
|
||||||
serviceName: heat-engine
|
serviceName: heat-engine
|
||||||
replicas: {{ .Values.replicas }}
|
replicas: {{ .Values.replicas.engine }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
|
|||||||
@ -3,7 +3,12 @@
|
|||||||
# Declare name/value pairs to be passed into your templates.
|
# Declare name/value pairs to be passed into your templates.
|
||||||
# name: value
|
# name: value
|
||||||
|
|
||||||
replicas: 1
|
|
||||||
|
replicas:
|
||||||
|
api: 1
|
||||||
|
cfn: 1
|
||||||
|
cloudwatch: 1
|
||||||
|
engine: 1
|
||||||
|
|
||||||
labels:
|
labels:
|
||||||
node_selector_key: openstack-control-plane
|
node_selector_key: openstack-control-plane
|
||||||
@ -22,6 +27,12 @@ images:
|
|||||||
engine: docker.io/kolla/ubuntu-source-heat-engine:3.0.1
|
engine: docker.io/kolla/ubuntu-source-heat-engine:3.0.1
|
||||||
pull_policy: "IfNotPresent"
|
pull_policy: "IfNotPresent"
|
||||||
|
|
||||||
|
keystone_secrets:
|
||||||
|
admin: "heat-env-keystone-admin"
|
||||||
|
user: "heat-env-keystone-user"
|
||||||
|
trustee: "heat-env-keystone-trustee"
|
||||||
|
stack: "heat-env-keystone-stack-user"
|
||||||
|
|
||||||
keystone:
|
keystone:
|
||||||
auth_uri: "http://keystone-api:5000"
|
auth_uri: "http://keystone-api:5000"
|
||||||
auth_url: "http://keystone-api:35357"
|
auth_url: "http://keystone-api:35357"
|
||||||
@ -42,7 +53,7 @@ keystone:
|
|||||||
|
|
||||||
heat_trustee_user: "heat-trust"
|
heat_trustee_user: "heat-trust"
|
||||||
heat_trustee_user_domain: "default"
|
heat_trustee_user_domain: "default"
|
||||||
heat_trustee_user_role: "admin"
|
heat_trustee_role: "admin"
|
||||||
heat_trustee_password: "password"
|
heat_trustee_password: "password"
|
||||||
heat_trustee_project_name: "service"
|
heat_trustee_project_name: "service"
|
||||||
heat_trustee_project_domain: "default"
|
heat_trustee_project_domain: "default"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user