Merge pull request #118 from wilkers-steve/glance_changes
Culmination of glance changes related to the template/configmap refactor
This commit is contained in:
commit
db44f022cd
17
glance/templates/bin/_init.sh.tpl
Normal file
17
glance/templates/bin/_init.sh.tpl
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -ex
|
||||||
|
export HOME=/tmp
|
||||||
|
|
||||||
|
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' \
|
||||||
|
login_port='{{ .Values.database.port }}' \
|
||||||
|
login_user='{{ .Values.database.root_user }}' \
|
||||||
|
login_password='{{ .Values.database.root_password }}' \
|
||||||
|
name='{{ .Values.database.glance_database_name }}'"
|
||||||
|
|
||||||
|
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' \
|
||||||
|
login_port='{{ .Values.database.port }}' \
|
||||||
|
login_user='{{ .Values.database.root_user }}' \
|
||||||
|
login_password='{{ .Values.database.root_password }}' \
|
||||||
|
name='{{ .Values.database.glance_user }}' \
|
||||||
|
password='{{ .Values.database.glance_password }}' \
|
||||||
|
host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'"
|
42
glance/templates/bin/_post.sh.tpl
Normal file
42
glance/templates/bin/_post.sh.tpl
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -ex
|
||||||
|
export HOME=/tmp
|
||||||
|
|
||||||
|
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||||
|
service_type=image \
|
||||||
|
description='Openstack Image' \
|
||||||
|
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||||
|
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||||
|
interface=admin \
|
||||||
|
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||||
|
auth='{{ include "keystone_auth" . }}'" \
|
||||||
|
-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}"
|
||||||
|
|
||||||
|
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||||
|
service_type=image \
|
||||||
|
description='Openstack Image' \
|
||||||
|
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||||
|
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||||
|
interface=internal \
|
||||||
|
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||||
|
auth='{{ include "keystone_auth" . }}'" \
|
||||||
|
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||||
|
|
||||||
|
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||||
|
service_type=image \
|
||||||
|
description='Openstack Image' \
|
||||||
|
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||||
|
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||||
|
interface=public \
|
||||||
|
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||||
|
auth='{{ include "keystone_auth" . }}'" \
|
||||||
|
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||||
|
|
||||||
|
ansible localhost -vvv -m kolla_keystone_user -a "project=service \
|
||||||
|
user={{ .Values.keystone.glance_user }} \
|
||||||
|
password={{ .Values.keystone.glance_password }} \
|
||||||
|
role=admin \
|
||||||
|
region_name={{ .Values.keystone.admin_region_name }} \
|
||||||
|
auth='{{ include "keystone_auth" . }}'" \
|
||||||
|
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||||
|
|
@ -1,13 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-cephclientglancekeyring
|
|
||||||
data:
|
|
||||||
ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+
|
|
||||||
[client.{{ .Values.ceph.glance_user }}]
|
|
||||||
{{- if .Values.ceph.glance_keyring }}
|
|
||||||
key = {{ .Values.ceph.glance_keyring }}
|
|
||||||
{{- else }}
|
|
||||||
key = {{- include "secrets/ceph-client-key" . -}}
|
|
||||||
{{- end }}
|
|
||||||
|
|
@ -1,23 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-cephconf
|
|
||||||
data:
|
|
||||||
ceph.conf: |+
|
|
||||||
[global]
|
|
||||||
rgw_thread_pool_size = 1024
|
|
||||||
rgw_num_rados_handles = 100
|
|
||||||
{{- if .Values.ceph.monitors }}
|
|
||||||
[mon]
|
|
||||||
{{ range .Values.ceph.monitors }}
|
|
||||||
[mon.{{ . }}]
|
|
||||||
host = {{ . }}
|
|
||||||
mon_addr = {{ . }}
|
|
||||||
{{ end }}
|
|
||||||
{{- else }}
|
|
||||||
mon_host = ceph-mon.ceph
|
|
||||||
{{- end }}
|
|
||||||
[client]
|
|
||||||
rbd_cache_enabled = true
|
|
||||||
rbd_cache_writethrough_until_flush = true
|
|
||||||
|
|
9
glance/templates/configmap-bin.yaml
Normal file
9
glance/templates/configmap-bin.yaml
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: glance-bin
|
||||||
|
data:
|
||||||
|
init.sh: |+
|
||||||
|
{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
|
||||||
|
post.sh: |+
|
||||||
|
{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }}
|
17
glance/templates/configmap-etc.yaml
Normal file
17
glance/templates/configmap-etc.yaml
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: glance-etc
|
||||||
|
data:
|
||||||
|
ceph.conf: |+
|
||||||
|
{{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }}
|
||||||
|
ceph.client.glance.keyring.yaml: |+
|
||||||
|
{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }}
|
||||||
|
glance-api.conf: |+
|
||||||
|
{{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }}
|
||||||
|
glance-api-paste.ini: |+
|
||||||
|
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }}
|
||||||
|
glance-registry.conf: |+
|
||||||
|
{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }}
|
||||||
|
policy.json: |+
|
||||||
|
{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }}
|
@ -1,10 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-dbsyncsh
|
|
||||||
data:
|
|
||||||
db-sync.sh: |+
|
|
||||||
#!/bin/bash
|
|
||||||
set -ex
|
|
||||||
|
|
||||||
glance-manage db_sync
|
|
@ -5,7 +5,11 @@ kind: Deployment
|
|||||||
metadata:
|
metadata:
|
||||||
name: glance-api
|
name: glance-api
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.replicas }}
|
{{- if .Values.development.enabled }}
|
||||||
|
replicas: 1
|
||||||
|
{{- else }}
|
||||||
|
replicas: {{ .Values.replicas.api }}
|
||||||
|
{{- end }}
|
||||||
revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
|
revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
|
||||||
strategy:
|
strategy:
|
||||||
type: {{ .Values.upgrades.pod_replacement_strategy }}
|
type: {{ .Values.upgrades.pod_replacement_strategy }}
|
||||||
@ -30,8 +34,7 @@ spec:
|
|||||||
image: {{ .Values.images.api }}
|
image: {{ .Values.images.api }}
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
command:
|
command:
|
||||||
- bash
|
- glance-api --config-dir /etc/glance
|
||||||
- /tmp/start.sh
|
|
||||||
ports:
|
ports:
|
||||||
- containerPort: {{ .Values.network.port.api }}
|
- containerPort: {{ .Values.network.port.api }}
|
||||||
readinessProbe:
|
readinessProbe:
|
||||||
@ -41,29 +44,46 @@ spec:
|
|||||||
- name: glanceapiconf
|
- name: glanceapiconf
|
||||||
mountPath: /etc/glance/glance-api.conf
|
mountPath: /etc/glance/glance-api.conf
|
||||||
subPath: glance-api.conf
|
subPath: glance-api.conf
|
||||||
- name: startsh
|
- name: glanceapipaste
|
||||||
mountPath: /tmp/start.sh
|
mountPath: /etc/glance/glance-api-paste.ini
|
||||||
subPath: start.sh
|
subPath: glance-api-paste.ini
|
||||||
- name: etcglance
|
- name: etcglance
|
||||||
mountPath: /etc/glance
|
mountPath: /etc/glance
|
||||||
|
- name: glancepolicy
|
||||||
|
mountPath: /etc/glance/policy.json
|
||||||
|
subPath: policy.json
|
||||||
|
{{- if .Values.development.enabled }}
|
||||||
|
- name: glance-data
|
||||||
|
mountPath: /var/lib/glance/images
|
||||||
|
{{- else }}
|
||||||
- name: cephconf
|
- name: cephconf
|
||||||
mountPath: /etc/ceph/ceph.conf
|
mountPath: /etc/ceph/ceph.conf
|
||||||
subPath: ceph.conf
|
subPath: ceph.conf
|
||||||
- name: cephclientglancekeyring
|
- name: cephclientglancekeyring
|
||||||
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
||||||
subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
||||||
|
{{- end }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: glanceapiconf
|
- name: glanceapiconf
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-glanceapiconf
|
name: glance-etc
|
||||||
- name: startsh
|
- name: glanceapipaste
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-startsh
|
name: glance-etc
|
||||||
|
{{- if .Values.development.enabled }}
|
||||||
|
- name: glance-data
|
||||||
|
hostPath:
|
||||||
|
path: {{ .Values.development.storage_path }}
|
||||||
|
{{- else }}
|
||||||
- name: cephconf
|
- name: cephconf
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-cephconf
|
name: glance-etc
|
||||||
- name: cephclientglancekeyring
|
- name: cephclientglancekeyring
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-cephclientglancekeyring
|
name: glance-etc
|
||||||
|
{{- end }}
|
||||||
- name: etcglance
|
- name: etcglance
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
|
- name: glancepolicy
|
||||||
|
configMap:
|
||||||
|
name: glance-etc
|
@ -5,7 +5,11 @@ kind: Deployment
|
|||||||
metadata:
|
metadata:
|
||||||
name: glance-registry
|
name: glance-registry
|
||||||
spec:
|
spec:
|
||||||
replicas: {{ .Values.replicas }}
|
{{- if .Values.development.enabled }}
|
||||||
|
replicas: 1
|
||||||
|
{{- else }}
|
||||||
|
replicas: {{ .Values.replicas.registry }}
|
||||||
|
{{- end }}
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
labels:
|
labels:
|
||||||
@ -35,4 +39,4 @@ spec:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: glanceregistryconf
|
- name: glanceregistryconf
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-glanceregistryconf
|
name: glance-etc
|
@ -0,0 +1,2 @@
|
|||||||
|
[client.{{ .Values.ceph.glance_user }}]
|
||||||
|
key = {{ .Values.ceph.glance_keyring }}
|
16
glance/templates/etc/_ceph.conf.tpl
Normal file
16
glance/templates/etc/_ceph.conf.tpl
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
[global]
|
||||||
|
rgw_thread_pool_size = 1024
|
||||||
|
rgw_num_rados_handles = 100
|
||||||
|
{{- if .Values.ceph.monitors }}
|
||||||
|
[mon]
|
||||||
|
{{ range .Values.ceph.monitors }}
|
||||||
|
[mon.{{ . }}]
|
||||||
|
host = {{ . }}
|
||||||
|
mon_addr = {{ . }}
|
||||||
|
{{ end }}
|
||||||
|
{{- else }}
|
||||||
|
mon_host = ceph-mon.ceph
|
||||||
|
{{- end }}
|
||||||
|
[client]
|
||||||
|
rbd_cache_enabled = true
|
||||||
|
rbd_cache_writethrough_until_flush = true
|
90
glance/templates/etc/_glance-api-paste.ini.tpl
Normal file
90
glance/templates/etc/_glance-api-paste.ini.tpl
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
# Use this pipeline for no auth or image caching - DEFAULT
|
||||||
|
[pipeline:glance-api]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for image caching and no auth
|
||||||
|
[pipeline:glance-api-caching]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for caching w/ management interface but no auth
|
||||||
|
[pipeline:glance-api-cachemanagement]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for keystone auth
|
||||||
|
[pipeline:glance-api-keystone]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for keystone auth with image caching
|
||||||
|
[pipeline:glance-api-keystone+caching]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for keystone auth with caching and cache management
|
||||||
|
[pipeline:glance-api-keystone+cachemanagement]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for authZ only. This means that the registry will treat a
|
||||||
|
# user as authenticated without making requests to keystone to reauthenticate
|
||||||
|
# the user.
|
||||||
|
[pipeline:glance-api-trusted-auth]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp
|
||||||
|
|
||||||
|
# Use this pipeline for authZ only. This means that the registry will treat a
|
||||||
|
# user as authenticated without making requests to keystone to reauthenticate
|
||||||
|
# the user and uses cache management
|
||||||
|
[pipeline:glance-api-trusted-auth+cachemanagement]
|
||||||
|
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp
|
||||||
|
|
||||||
|
[composite:rootapp]
|
||||||
|
paste.composite_factory = glance.api:root_app_factory
|
||||||
|
/: apiversions
|
||||||
|
/v1: apiv1app
|
||||||
|
/v2: apiv2app
|
||||||
|
|
||||||
|
[app:apiversions]
|
||||||
|
paste.app_factory = glance.api.versions:create_resource
|
||||||
|
|
||||||
|
[app:apiv1app]
|
||||||
|
paste.app_factory = glance.api.v1.router:API.factory
|
||||||
|
|
||||||
|
[app:apiv2app]
|
||||||
|
paste.app_factory = glance.api.v2.router:API.factory
|
||||||
|
|
||||||
|
[filter:healthcheck]
|
||||||
|
paste.filter_factory = oslo_middleware:Healthcheck.factory
|
||||||
|
backends = disable_by_file
|
||||||
|
disable_by_file_path = /etc/glance/healthcheck_disable
|
||||||
|
|
||||||
|
[filter:versionnegotiation]
|
||||||
|
paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
|
||||||
|
|
||||||
|
[filter:cache]
|
||||||
|
paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory
|
||||||
|
|
||||||
|
[filter:cachemanage]
|
||||||
|
paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory
|
||||||
|
|
||||||
|
[filter:context]
|
||||||
|
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
|
||||||
|
|
||||||
|
[filter:unauthenticated-context]
|
||||||
|
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
||||||
|
|
||||||
|
[filter:authtoken]
|
||||||
|
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||||
|
delay_auth_decision = true
|
||||||
|
|
||||||
|
[filter:gzip]
|
||||||
|
paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory
|
||||||
|
|
||||||
|
[filter:osprofiler]
|
||||||
|
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
||||||
|
hmac_keys = SECRET_KEY #DEPRECATED
|
||||||
|
enabled = yes #DEPRECATED
|
||||||
|
|
||||||
|
[filter:cors]
|
||||||
|
paste.filter_factory = oslo_middleware.cors:filter_factory
|
||||||
|
oslo_config_project = glance
|
||||||
|
oslo_config_program = glance-api
|
||||||
|
|
||||||
|
[filter:http_proxy_to_wsgi]
|
||||||
|
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
44
glance/templates/etc/_glance-api.conf.tpl
Normal file
44
glance/templates/etc/_glance-api.conf.tpl
Normal file
@ -0,0 +1,44 @@
|
|||||||
|
[DEFAULT]
|
||||||
|
debug = {{ .Values.misc.debug }}
|
||||||
|
use_syslog = False
|
||||||
|
use_stderr = True
|
||||||
|
|
||||||
|
bind_port = {{ .Values.network.port.api }}
|
||||||
|
workers = {{ .Values.misc.workers }}
|
||||||
|
registry_host = glance-registry
|
||||||
|
# Enable Copy-on-Write
|
||||||
|
show_image_direct_url = True
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||||
|
max_retries = -1
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||||
|
auth_url = {{ .Values.keystone.auth_url }}
|
||||||
|
auth_type = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = {{ .Values.keystone.glance_user }}
|
||||||
|
password = {{ .Values.keystone.glance_password }}
|
||||||
|
|
||||||
|
[paste_deploy]
|
||||||
|
flavor = keystone
|
||||||
|
|
||||||
|
[oslo_messaging_notifications]
|
||||||
|
driver = noop
|
||||||
|
|
||||||
|
[glance_store]
|
||||||
|
filesystem_store_datadir = /var/lib/glance/images/
|
||||||
|
{{- if .Values.development.enabled }}
|
||||||
|
stores = file, http
|
||||||
|
default_store = file
|
||||||
|
{{- else }}
|
||||||
|
stores = file, http, rbd
|
||||||
|
default_store = rbd
|
||||||
|
rbd_store_pool = {{ .Values.ceph.glance_pool }}
|
||||||
|
rbd_store_user = {{ .Values.ceph.glance_user }}
|
||||||
|
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
||||||
|
rbd_store_chunk_size = 8
|
||||||
|
{{- end }}
|
26
glance/templates/etc/_glance-registry.conf.tpl
Normal file
26
glance/templates/etc/_glance-registry.conf.tpl
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
[DEFAULT]
|
||||||
|
debug = {{ .Values.misc.debug }}
|
||||||
|
use_syslog = False
|
||||||
|
use_stderr = True
|
||||||
|
bind_port = {{ .Values.network.port.registry }}
|
||||||
|
workers = {{ .Values.misc.workers }}
|
||||||
|
|
||||||
|
[database]
|
||||||
|
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||||
|
max_retries = -1
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||||
|
auth_url = {{ .Values.keystone.auth_url }}
|
||||||
|
auth_type = password
|
||||||
|
project_domain_id = default
|
||||||
|
user_domain_id = default
|
||||||
|
project_name = service
|
||||||
|
username = {{ .Values.keystone.glance_user }}
|
||||||
|
password = {{ .Values.keystone.glance_password }}
|
||||||
|
|
||||||
|
[paste_deploy]
|
||||||
|
flavor = keystone
|
||||||
|
|
||||||
|
[oslo_messaging_notifications]
|
||||||
|
driver = noop
|
61
glance/templates/etc/_policy.json.tpl
Normal file
61
glance/templates/etc/_policy.json.tpl
Normal file
@ -0,0 +1,61 @@
|
|||||||
|
{
|
||||||
|
"context_is_admin": "role:admin",
|
||||||
|
"default": "role:admin",
|
||||||
|
|
||||||
|
"add_image": "",
|
||||||
|
"delete_image": "",
|
||||||
|
"get_image": "",
|
||||||
|
"get_images": "",
|
||||||
|
"modify_image": "",
|
||||||
|
"publicize_image": "role:admin",
|
||||||
|
"copy_from": "",
|
||||||
|
|
||||||
|
"download_image": "",
|
||||||
|
"upload_image": "",
|
||||||
|
|
||||||
|
"delete_image_location": "",
|
||||||
|
"get_image_location": "",
|
||||||
|
"set_image_location": "",
|
||||||
|
|
||||||
|
"add_member": "",
|
||||||
|
"delete_member": "",
|
||||||
|
"get_member": "",
|
||||||
|
"get_members": "",
|
||||||
|
"modify_member": "",
|
||||||
|
|
||||||
|
"manage_image_cache": "role:admin",
|
||||||
|
|
||||||
|
"get_task": "role:admin",
|
||||||
|
"get_tasks": "role:admin",
|
||||||
|
"add_task": "role:admin",
|
||||||
|
"modify_task": "role:admin",
|
||||||
|
|
||||||
|
"deactivate": "",
|
||||||
|
"reactivate": "",
|
||||||
|
|
||||||
|
"get_metadef_namespace": "",
|
||||||
|
"get_metadef_namespaces":"",
|
||||||
|
"modify_metadef_namespace":"",
|
||||||
|
"add_metadef_namespace":"",
|
||||||
|
|
||||||
|
"get_metadef_object":"",
|
||||||
|
"get_metadef_objects":"",
|
||||||
|
"modify_metadef_object":"",
|
||||||
|
"add_metadef_object":"",
|
||||||
|
|
||||||
|
"list_metadef_resource_types":"",
|
||||||
|
"get_metadef_resource_type":"",
|
||||||
|
"add_metadef_resource_type_association":"",
|
||||||
|
|
||||||
|
"get_metadef_property":"",
|
||||||
|
"get_metadef_properties":"",
|
||||||
|
"modify_metadef_property":"",
|
||||||
|
"add_metadef_property":"",
|
||||||
|
|
||||||
|
"get_metadef_tag":"",
|
||||||
|
"get_metadef_tags":"",
|
||||||
|
"modify_metadef_tag":"",
|
||||||
|
"add_metadef_tag":"",
|
||||||
|
"add_metadef_tags":""
|
||||||
|
|
||||||
|
}
|
@ -1,48 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-glanceapiconf
|
|
||||||
data:
|
|
||||||
glance-api.conf: |+
|
|
||||||
[DEFAULT]
|
|
||||||
debug = {{ .Values.misc.debug }}
|
|
||||||
use_syslog = False
|
|
||||||
use_stderr = True
|
|
||||||
|
|
||||||
bind_port = {{ .Values.network.port.api }}
|
|
||||||
|
|
||||||
workers = {{ .Values.misc.workers }}
|
|
||||||
registry_host = {{ include "glance_registry_host" . }}
|
|
||||||
|
|
||||||
# Enable Copy-on-Write
|
|
||||||
show_image_direct_url = True
|
|
||||||
|
|
||||||
[database]
|
|
||||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
|
||||||
max_retries = -1
|
|
||||||
|
|
||||||
[keystone_authtoken]
|
|
||||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
|
||||||
auth_url = {{ .Values.keystone.auth_url }}
|
|
||||||
auth_type = password
|
|
||||||
project_domain_id = default
|
|
||||||
user_domain_id = default
|
|
||||||
project_name = service
|
|
||||||
username = {{ .Values.keystone.glance_user }}
|
|
||||||
password = {{ .Values.keystone.glance_password }}
|
|
||||||
|
|
||||||
[paste_deploy]
|
|
||||||
flavor = keystone
|
|
||||||
|
|
||||||
[oslo_messaging_notifications]
|
|
||||||
driver = noop
|
|
||||||
|
|
||||||
[glance_store]
|
|
||||||
filesystem_store_datadir = /var/lib/glance/images/
|
|
||||||
stores = file, http, rbd
|
|
||||||
default_store = rbd
|
|
||||||
rbd_store_pool = {{ .Values.ceph.glance_pool }}
|
|
||||||
rbd_store_user = {{ .Values.ceph.glance_user }}
|
|
||||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
|
||||||
rbd_store_chunk_size = 8
|
|
||||||
|
|
@ -1,34 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-glanceregistryconf
|
|
||||||
data:
|
|
||||||
glance-registry.conf: |+
|
|
||||||
[DEFAULT]
|
|
||||||
debug = {{ .Values.misc.debug }}
|
|
||||||
use_syslog = False
|
|
||||||
use_stderr = True
|
|
||||||
|
|
||||||
bind_port = {{ .Values.network.port.registry }}
|
|
||||||
|
|
||||||
workers = {{ .Values.misc.workers }}
|
|
||||||
|
|
||||||
[database]
|
|
||||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
|
||||||
max_retries = -1
|
|
||||||
|
|
||||||
[keystone_authtoken]
|
|
||||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
|
||||||
auth_url = {{ .Values.keystone.auth_url }}
|
|
||||||
auth_type = password
|
|
||||||
project_domain_id = default
|
|
||||||
user_domain_id = default
|
|
||||||
project_name = service
|
|
||||||
username = {{ .Values.keystone.glance_user }}
|
|
||||||
password = {{ .Values.keystone.glance_password }}
|
|
||||||
|
|
||||||
[paste_deploy]
|
|
||||||
flavor = keystone
|
|
||||||
|
|
||||||
[oslo_messaging_notifications]
|
|
||||||
driver = noop
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-initsh
|
|
||||||
data:
|
|
||||||
init.sh: |+
|
|
||||||
#!/bin/bash
|
|
||||||
set -ex
|
|
||||||
export HOME=/tmp
|
|
||||||
|
|
||||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_database_name }}'"
|
|
||||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_user }}' password='{{ .Values.database.glance_password }}' host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'"
|
|
@ -20,19 +20,13 @@ spec:
|
|||||||
image: {{ .Values.images.db_sync }}
|
image: {{ .Values.images.db_sync }}
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
command:
|
command:
|
||||||
- bash
|
- glance-manage
|
||||||
- /tmp/db-sync.sh
|
- db_sync
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: glanceapiconf
|
- name: glanceapiconf
|
||||||
mountPath: /etc/glance/glance-api.conf
|
mountPath: /etc/glance/glance-api.conf
|
||||||
subPath: glance-api.conf
|
subPath: glance-api.conf
|
||||||
- name: dbsyncsh
|
|
||||||
mountPath: /tmp/db-sync.sh
|
|
||||||
subPath: db-sync.sh
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: glanceapiconf
|
- name: glanceapiconf
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-glanceapiconf
|
name: glance-etc
|
||||||
- name: dbsyncsh
|
|
||||||
configMap:
|
|
||||||
name: glance-dbsyncsh
|
|
@ -32,4 +32,4 @@ spec:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: initsh
|
- name: initsh
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-initsh
|
name: glance-bin
|
@ -32,5 +32,4 @@ spec:
|
|||||||
volumes:
|
volumes:
|
||||||
- name: postsh
|
- name: postsh
|
||||||
configMap:
|
configMap:
|
||||||
name: glance-postsh
|
name: glance-bin
|
||||||
|
|
@ -1,48 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-postsh
|
|
||||||
data:
|
|
||||||
post.sh: |+
|
|
||||||
#!/bin/bash
|
|
||||||
set -ex
|
|
||||||
export HOME=/tmp
|
|
||||||
|
|
||||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
|
||||||
service_type=image \
|
|
||||||
description='Openstack Image' \
|
|
||||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
|
||||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
|
||||||
interface=admin \
|
|
||||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
|
||||||
auth='{{ include "keystone_auth" . }}'" \
|
|
||||||
-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}"
|
|
||||||
|
|
||||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
|
||||||
service_type=image \
|
|
||||||
description='Openstack Image' \
|
|
||||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
|
||||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
|
||||||
interface=internal \
|
|
||||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
|
||||||
auth='{{ include "keystone_auth" . }}'" \
|
|
||||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
|
||||||
|
|
||||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
|
||||||
service_type=image \
|
|
||||||
description='Openstack Image' \
|
|
||||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
|
||||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
|
||||||
interface=public \
|
|
||||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
|
||||||
auth='{{ include "keystone_auth" . }}'" \
|
|
||||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
|
||||||
|
|
||||||
ansible localhost -vvv -m kolla_keystone_user -a "project=service \
|
|
||||||
user={{ .Values.keystone.glance_user }} \
|
|
||||||
password={{ .Values.keystone.glance_password }} \
|
|
||||||
role=admin \
|
|
||||||
region_name={{ .Values.keystone.admin_region_name }} \
|
|
||||||
auth='{{ include "keystone_auth" . }}'" \
|
|
||||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
|
||||||
|
|
@ -1,12 +0,0 @@
|
|||||||
apiVersion: v1
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: glance-startsh
|
|
||||||
data:
|
|
||||||
start.sh: |+
|
|
||||||
#!/bin/bash
|
|
||||||
set -ex
|
|
||||||
|
|
||||||
cp `find / -not -path "/etc/*" -name glance-api-paste.ini` /etc/glance/
|
|
||||||
|
|
||||||
glance-api
|
|
@ -3,7 +3,13 @@
|
|||||||
# Declare name/value pairs to be passed into your templates.
|
# Declare name/value pairs to be passed into your templates.
|
||||||
# name: value
|
# name: value
|
||||||
|
|
||||||
replicas: 1
|
replicas:
|
||||||
|
api: 1
|
||||||
|
registry: 1
|
||||||
|
|
||||||
|
development:
|
||||||
|
enabled: false
|
||||||
|
storage_path: /data/openstack-helm/glance/images
|
||||||
|
|
||||||
labels:
|
labels:
|
||||||
node_selector_key: openstack-control-plane
|
node_selector_key: openstack-control-plane
|
||||||
|
Loading…
x
Reference in New Issue
Block a user