Added cronjob for nova which will be cleaning the databases.

Script has been created with archve_deleted_rows which will run as cronjob to move the deleted rows from production table to shadow table. Change-Id: I1cd3e523301b1aaeb3366288d128e23aae5e0780
2021-06-16 23:15:17 +05:45 · 2021-06-16 23:15:17 +05:45 · f3d361d2f7
commit f3d361d2f7
parent 33efbaeb27
6 changed files with 165 additions and 1 deletions
--- a/nova/Chart.yaml
+++ b/nova/Chart.yaml
@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Nova
 name: nova
-version: 0.2.5
+version: 0.2.6
 home: https://docs.openstack.org/nova/latest/
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png
 sources:
--- a/nova/templates/bin/_db-archive-deleted-row.sh.tpl
+++ b/nova/templates/bin/_db-archive-deleted-row.sh.tpl
@ -0,0 +1,35 @@
+#!/bin/bash
+
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+exec nova-manage db archive_deleted_rows \
+{{- if .Values.conf.archive_deleted_rows.until_completion }}
+   --until-complete \
+{{- end}}
+{{- if .Values.conf.archive_deleted_rows.purge_delete_rows }}
+   --purge \
+{{- end }}
+{{- if .Values.conf.archive_deleted_rows.all_cells }}
+   --all-cells \
+{{- end}}
+{{- if .Values.conf.archive_deleted_rows.max_rows.enabled }}
+   --max_rows .Values.conf.archive_deleted_rows.max_rows.rows \
+{{- end }}
+{{- if .Values.conf.archive_deleted_rows.before.enabled }}
+   --before .Values.conf.archive_deleted_rows.before.date \
+{{- end }}
+   --verbose
--- a/nova/templates/configmap-bin.yaml
+++ b/nova/templates/configmap-bin.yaml
@ -56,6 +56,10 @@ data:
 {{ tuple "bin/_ceph-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
  ceph-admin-keyring.sh: |
 {{ tuple "bin/_ceph-admin-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+{{- end }}
+{{- if .Values.manifests.cron_job_archive_deleted_rows }}
+  archive-deleted-rows.sh: |
+{{ tuple "bin/_db-archive-deleted-row.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}
  health-probe.py: |
 {{ tuple "bin/_health-probe.py.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
--- a/nova/templates/cron-job-archive-deleted-rows.yaml
+++ b/nova/templates/cron-job-archive-deleted-rows.yaml
@ -0,0 +1,85 @@
+{{/*
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.cron_job_archive_deleted_rows }}
+{{- $envAll := . }}
+
+{{- $serviceAccountName := "nova-archive-deleted-rows-cron" }}
+{{ tuple $envAll "archive_deleted_rows" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: batch/v1beta1
+kind: CronJob
+metadata:
+  name: nova-archive-deleted-rows
+  annotations:
+    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+spec:
+  schedule: {{ .Values.jobs.archive_deleted_rows.cron | quote }}
+  successfulJobsHistoryLimit: {{ .Values.jobs.archive_deleted_rows.history.success }}
+  failedJobsHistoryLimit: {{ .Values.jobs.archive_deleted_rows.history.failed }}
+  {{- if .Values.jobs.archive_deleted_rows.starting_deadline }}
+  startingDeadlineSeconds: {{ .Values.jobs.archive_deleted_rows.starting_deadline }}
+  {{- end }}
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    metadata:
+      labels:
+{{ tuple $envAll "nova" "archive-deleted-rows" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+    spec:
+      template:
+        metadata:
+          labels:
+{{ tuple $envAll "nova" "archive-deleted-rows" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
+        spec:
+          serviceAccountName: {{ $serviceAccountName }}
+{{ dict "envAll" $envAll "application" "archive_deleted_rows" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
+          restartPolicy: OnFailure
+          nodeSelector:
+            {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+          initContainers:
+{{ tuple $envAll "archive-deleted-rows" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
+          containers:
+            - name: nova-archive-deleted-rows
+{{ tuple $envAll "nova_archive_deleted_rows" | include "helm-toolkit.snippets.image" | indent 14 }}
+{{ tuple $envAll $envAll.Values.pod.resources.jobs.archive_deleted_rows | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
+{{ dict "envAll" $envAll "application" "archive_deleted_rows" "container" "nova_archive_deleted_rows" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 14 }}
+              command:
+                - /tmp/archive-deleted-rows.sh
+              volumeMounts:
+                - name: pod-tmp
+                  mountPath: /tmp
+                - name: archive-deleted-rows-conf
+                  mountPath: /etc/nova/nova.conf
+                  subPath: nova.conf
+                  readOnly: true
+                - name: archive-deleted-rows-conf
+                  mountPath: /etc/nova/logging.conf
+                  subPath: logging.conf
+                  readOnly: true
+                - name: archive-deleted-rows
+                  mountPath: /tmp/archive-deleted-rows.sh
+                  readOnly: true
+                  subPath: archive-deleted-rows.sh
+{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
+          volumes:
+            - name: pod-tmp
+              emptyDir: {}
+            - name: archive-deleted-rows
+              configMap:
+                name: nova-bin
+                defaultMode: 0555
+            - name: archive-deleted-rows-conf
+              secret:
+                secretName: nova-etc
+{{- end }}
--- a/nova/values.yaml
+++ b/nova/values.yaml
@ -67,6 +67,7 @@ images:
    rabbit_init: docker.io/rabbitmq:3.7-management
    ks_user: docker.io/openstackhelm/heat:stein-ubuntu_bionic
    ks_service: docker.io/openstackhelm/heat:stein-ubuntu_bionic
+    nova_archive_deleted_rows: docker.io/openstackhelm/nova:stein-ubuntu_bionic
    ks_endpoints: docker.io/openstackhelm/heat:stein-ubuntu_bionic
    nova_api: docker.io/openstackhelm/nova:stein-ubuntu_bionic
    nova_cell_setup: docker.io/openstackhelm/nova:stein-ubuntu_bionic
@ -110,6 +111,12 @@ jobs:
    history:
      success: 3
      failed: 1
+  archive_deleted_rows:
+    cron: "0 */1 * * *"
+    starting_deadline: 600
+    history:
+      success: 3
+      failed: 1

 bootstrap:
  enabled: true
@ -434,6 +441,10 @@ dependencies:
      services:
        - endpoint: internal
          service: oslo_db
+    archive_deleted_rows:
+      jobs:
+        - nova-db-init
+        - nova-db-sync
    db_init:
      services:
        - endpoint: internal
@ -1831,6 +1842,16 @@ conf:
        apply-to: all
        pattern: '^(?!(amq\.|reply_)).*'
  enable_iscsi: false
+  archive_deleted_rows:
+    purge_deleted_rows: false
+    until_completion: true
+    all_cells: false
+    max_rows:
+      enabled: False
+      rows: 1000
+    before:
+      enabled: false
+      date: 'nil'

 # Names of secrets used by bootstrap and environmental checks
 secrets:
@ -2448,6 +2469,16 @@ pod:
        nova_cell_setup:
          readOnlyRootFilesystem: true
          allowPrivilegeEscalation: false
+    archive_deleted_rows:
+      pod:
+        runAsUser: 42424
+      container:
+        nova_archive_deleted_rows_init:
+          readOnlyRootFilesystem: true
+          allowPrivilegeEscalation: false
+        nova_archive_deleted_rows:
+          readOnlyRootFilesystem: true
+          allowPrivilegeEscalation: false
    cell_setup:
      pod:
        runAsUser: 42424
@ -2691,6 +2722,13 @@ pod:
        limits:
          memory: "1024Mi"
          cpu: "2000m"
+      archive_deleted_rows:
+        requests:
+          memory: "128Mi"
+          cpu: "100m"
+        limits:
+          memory: "1024Mi"
+          cpu: "2000m"
      db_drop:
        requests:
          memory: "128Mi"
@ -2768,6 +2806,7 @@ manifests:
  configmap_etc: true
  cron_job_cell_setup: true
  cron_job_service_cleaner: true
+  cron_job_archive_deleted_rows: false
  daemonset_compute: true
  deployment_api_metadata: true
  deployment_api_osapi: true
--- a/releasenotes/notes/nova.yaml
+++ b/releasenotes/notes/nova.yaml
@ -26,4 +26,5 @@ nova:
  - 0.2.3 Replace deprecated configuration ``[vnc]/vncserver_proxyclient_address``
  - 0.2.4 Mount rabbitmq TLS secret
  - 0.2.5 Set reasonable default probe timeouts
+  - 0.2.6 Added cronJob with script for archive deleted rows which cleanup databases
 ...