From 0df7427dc43a725015354df080dc94f7b8846ad3 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Mon, 5 Jun 2017 14:52:06 -0500 Subject: [PATCH] Refactor start scripts, to support graceful termination This PS add Barbican support, and moves all potentially container specific logic into the service start script from the api manifests. Also fixes a permissions issue with the nova-api, which incorrectly had the NET_ADMIN capability. Change-Id: I18fc1ea5d7aa70ea7dabb829361a3da57e905100 --- .../templates/bin/_babican.sh.tpl | 15 ++++--- barbican/templates/configmap-bin.yaml | 4 +- barbican/templates/deployment-api.yaml | 14 ++++-- cinder/templates/bin/_cinder-api.sh.tpl | 16 +++++-- cinder/templates/bin/_cinder-scheduler.sh.tpl | 2 +- cinder/templates/bin/_cinder-volume.sh.tpl | 2 +- cinder/templates/bin/_db-sync.sh.tpl | 2 +- cinder/templates/deployment-api.yaml | 13 +++--- glance/templates/bin/_glance-api.sh.tpl | 16 +++++-- glance/templates/bin/_glance-registry.sh.tpl | 16 +++++-- glance/templates/deployment-api.yaml | 11 ++--- glance/templates/deployment-registry.yaml | 11 ++--- heat/templates/bin/_heat-api.sh.tpl | 16 +++++-- heat/templates/bin/_heat-cfn.sh.tpl | 16 +++++-- heat/templates/bin/_heat-cloudwatch.sh.tpl | 16 +++++-- heat/templates/deployment-api.yaml | 11 ++--- heat/templates/deployment-cfn.yaml | 11 ++--- heat/templates/deployment-cloudwatch.yaml | 11 ++--- horizon/templates/bin/_horizon.sh.tpl | 43 +++++++++++++++++++ horizon/templates/bin/_start.sh.tpl | 33 -------------- horizon/templates/configmap-bin.yaml | 4 +- horizon/templates/deployment.yaml | 17 ++++---- .../templates/bin/_keystone-api.sh.tpl | 18 +++++++- keystone/templates/configmap-bin.yaml | 4 +- keystone/templates/deployment.yaml | 21 ++++----- magnum/templates/bin/_magnum-api.sh.tpl | 16 +++++-- magnum/templates/bin/_magnum-conductor.sh.tpl | 2 +- magnum/templates/deployment-api.yaml | 17 ++++---- mistral/templates/bin/_mistral-api.sh.tpl | 18 ++++++-- mistral/templates/deployment-api.yaml | 13 +++--- neutron/templates/bin/_neutron-server.sh.tpl | 18 ++++++-- neutron/templates/deployment-server.yaml | 17 ++++---- nova/templates/bin/_nova-api-metadata.sh.tpl | 16 +++++-- nova/templates/bin/_nova-api.sh.tpl | 16 +++++-- nova/templates/deployment-api-metadata.yaml | 20 +++++---- nova/templates/deployment-api-osapi.yaml | 21 ++++----- senlin/templates/bin/_senlin-api.sh.tpl | 16 +++++-- senlin/templates/deployment-api.yaml | 21 ++++----- 38 files changed, 361 insertions(+), 193 deletions(-) rename keystone/templates/bin/_start.sh.tpl => barbican/templates/bin/_babican.sh.tpl (79%) create mode 100644 horizon/templates/bin/_horizon.sh.tpl delete mode 100644 horizon/templates/bin/_start.sh.tpl rename barbican/templates/bin/_start.sh.tpl => keystone/templates/bin/_keystone-api.sh.tpl (69%) diff --git a/keystone/templates/bin/_start.sh.tpl b/barbican/templates/bin/_babican.sh.tpl similarity index 79% rename from keystone/templates/bin/_start.sh.tpl rename to barbican/templates/bin/_babican.sh.tpl index d044458247..fb6eb55485 100644 --- a/keystone/templates/bin/_start.sh.tpl +++ b/barbican/templates/bin/_babican.sh.tpl @@ -15,11 +15,14 @@ # limitations under the License. set -ex +COMMAND="${@:-start}" -if [ -f /etc/apache2/envvars ]; then - # Loading Apache2 ENV variables - source /etc/apache2/envvars -fi +function start () { + exec uwsgi --die-on-term --master --emperor /etc/barbican/vassals +} -# Start Apache2 -exec apache2 -DFOREGROUND +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/barbican/templates/configmap-bin.yaml b/barbican/templates/configmap-bin.yaml index ae97b8d274..1772a4d256 100644 --- a/barbican/templates/configmap-bin.yaml +++ b/barbican/templates/configmap-bin.yaml @@ -19,8 +19,8 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - start.sh: | -{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + barbican.sh: | +{{ tuple "bin/_barbican.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} ks-service.sh: | {{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }} ks-endpoints.sh: | diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml index 7ae6b77a97..9d5d3970e8 100644 --- a/barbican/templates/deployment-api.yaml +++ b/barbican/templates/deployment-api.yaml @@ -56,7 +56,15 @@ spec: {{- end }} command: - bash - - /tmp/start.sh + - /tmp/barbican.sh + - start + lifecycle: + preStop: + exec: + command: + - bash + - /tmp/barbican.sh + - stop ports: - containerPort: {{ .Values.conf.barbican.barbican_api.barbican.config.bind_port }} readinessProbe: @@ -86,8 +94,8 @@ spec: subPath: policy.json readOnly: true - name: barbican-bin - mountPath: /tmp/start.sh - subPath: start.sh + mountPath: /tmp/barbican.sh + subPath: barbican.sh readOnly: true {{ if $mounts_barbican_api.volumeMounts }}{{ toYaml $mounts_barbican_api.volumeMounts | indent 12 }}{{ end }} volumes: diff --git a/cinder/templates/bin/_cinder-api.sh.tpl b/cinder/templates/bin/_cinder-api.sh.tpl index f084cee020..ae4f43b7cb 100644 --- a/cinder/templates/bin/_cinder-api.sh.tpl +++ b/cinder/templates/bin/_cinder-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec cinder-api \ - --config-file /etc/cinder/cinder.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec cinder-api \ + --config-file /etc/cinder/cinder.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/cinder/templates/bin/_cinder-scheduler.sh.tpl b/cinder/templates/bin/_cinder-scheduler.sh.tpl index e0cd32a285..080fd97315 100644 --- a/cinder/templates/bin/_cinder-scheduler.sh.tpl +++ b/cinder/templates/bin/_cinder-scheduler.sh.tpl @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x +set -ex exec cinder-scheduler \ --config-file /etc/cinder/cinder.conf diff --git a/cinder/templates/bin/_cinder-volume.sh.tpl b/cinder/templates/bin/_cinder-volume.sh.tpl index c9734f200e..8f4973ec09 100644 --- a/cinder/templates/bin/_cinder-volume.sh.tpl +++ b/cinder/templates/bin/_cinder-volume.sh.tpl @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x +set -ex exec cinder-volume \ --config-file /etc/cinder/cinder.conf diff --git a/cinder/templates/bin/_db-sync.sh.tpl b/cinder/templates/bin/_db-sync.sh.tpl index 51b2adaeca..acd635ce07 100644 --- a/cinder/templates/bin/_db-sync.sh.tpl +++ b/cinder/templates/bin/_db-sync.sh.tpl @@ -16,4 +16,4 @@ set -ex -cinder-manage db sync +exec cinder-manage db sync diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 0c265800d3..b457edb5bd 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -60,16 +60,17 @@ spec: command: - bash - /tmp/cinder-api.sh - ports: - - name: c-api - containerPort: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/cinder-api.sh + - stop + ports: + - name: c-api + containerPort: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.cinder.default.cinder.osapi_volume_listen_port }} diff --git a/glance/templates/bin/_glance-api.sh.tpl b/glance/templates/bin/_glance-api.sh.tpl index ace7e45213..4335299942 100644 --- a/glance/templates/bin/_glance-api.sh.tpl +++ b/glance/templates/bin/_glance-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec glance-api \ - --config-file /etc/glance/glance-api.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec glance-api \ + --config-file /etc/glance/glance-api.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/glance/templates/bin/_glance-registry.sh.tpl b/glance/templates/bin/_glance-registry.sh.tpl index 88f6c56f6b..b811618363 100644 --- a/glance/templates/bin/_glance-registry.sh.tpl +++ b/glance/templates/bin/_glance-registry.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec glance-registry \ - --config-file /etc/glance/glance-registry.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec glance-registry \ + --config-file /etc/glance/glance-registry.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index e1c656ebc1..49fd85a4fb 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -60,15 +60,16 @@ spec: command: - bash - /tmp/glance-api.sh - ports: - - containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/glance-api.sh + - stop + ports: + - containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.glance.default.glance.api.bind_port }} diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index 2c78b2d39e..9c79023646 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -52,15 +52,16 @@ spec: command: - bash - /tmp/glance-registry.sh - ports: - - containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/glance-registry.sh + - stop + ports: + - containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }} diff --git a/heat/templates/bin/_heat-api.sh.tpl b/heat/templates/bin/_heat-api.sh.tpl index d95f8180b5..a3ecdb2712 100644 --- a/heat/templates/bin/_heat-api.sh.tpl +++ b/heat/templates/bin/_heat-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec heat-api \ - --config-file /etc/heat/heat.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec heat-api \ + --config-file /etc/heat/heat.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/heat/templates/bin/_heat-cfn.sh.tpl b/heat/templates/bin/_heat-cfn.sh.tpl index d84d153104..f0121270f7 100644 --- a/heat/templates/bin/_heat-cfn.sh.tpl +++ b/heat/templates/bin/_heat-cfn.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec heat-api-cfn \ - --config-file /etc/heat/heat.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec heat-api-cfn \ + --config-file /etc/heat/heat.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/heat/templates/bin/_heat-cloudwatch.sh.tpl b/heat/templates/bin/_heat-cloudwatch.sh.tpl index 0201fa9f03..cb64eca457 100644 --- a/heat/templates/bin/_heat-cloudwatch.sh.tpl +++ b/heat/templates/bin/_heat-cloudwatch.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec heat-api-cloudwatch \ - --config-file /etc/heat/heat.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec heat-api-cloudwatch \ + --config-file /etc/heat/heat.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index 7501674b39..234a660513 100644 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -60,15 +60,16 @@ spec: command: - bash - /tmp/heat-api.sh - ports: - - containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/heat-api.sh + - stop + ports: + - containerPort: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.heat.heat_api.heat.common.wsgi.bind_port }} diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index e2b5a14713..e9e6ece885 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -60,15 +60,16 @@ spec: command: - bash - /tmp/heat-cfn.sh - ports: - - containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/heat-cfn.sh + - stop + ports: + - containerPort: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.heat.heat_api_cfn.heat.common.wsgi.bind_port }} diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index 2056773aff..749e726d65 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -60,15 +60,16 @@ spec: command: - bash - /tmp/heat-cloudwatch.sh - ports: - - containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/heat-cloudwatch.sh + - stop + ports: + - containerPort: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.heat.heat_api_cloudwatch.heat.common.wsgi.bind_port }} diff --git a/horizon/templates/bin/_horizon.sh.tpl b/horizon/templates/bin/_horizon.sh.tpl new file mode 100644 index 0000000000..2102d0b42d --- /dev/null +++ b/horizon/templates/bin/_horizon.sh.tpl @@ -0,0 +1,43 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex +COMMAND="${@:-start}" + +function start () { + if [ -f /etc/apache2/envvars ]; then + # Loading Apache2 ENV variables + source /etc/apache2/envvars + fi + rm -rf /var/run/apache2/* + APACHE_DIR="apache2" + + # Compress Horizon's assets. + /var/lib/kolla/venv/bin/manage.py collectstatic --noinput + /var/lib/kolla/venv/bin/manage.py compress --force + rm -rf /tmp/_tmp_.secret_key_store.lock /tmp/.secret_key_store + + # wsgi/horizon-http needs open files here, including secret_key_store + chown -R horizon /var/lib/kolla/venv/lib/python2.7/site-packages/openstack_dashboard/local/ + + exec apache2 -DFOREGROUND +} + +function stop () { + apachectl -k graceful-stop +} + +$COMMAND diff --git a/horizon/templates/bin/_start.sh.tpl b/horizon/templates/bin/_start.sh.tpl deleted file mode 100644 index 9cebe1a648..0000000000 --- a/horizon/templates/bin/_start.sh.tpl +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex - -# Loading Apache2 ENV variables -source /etc/apache2/envvars -rm -rf /var/run/apache2/* -APACHE_DIR="apache2" - -# Compress Horizon's assets. -/var/lib/kolla/venv/bin/manage.py collectstatic --noinput -/var/lib/kolla/venv/bin/manage.py compress --force -rm -rf /tmp/_tmp_.secret_key_store.lock /tmp/.secret_key_store - -# wsgi/horizon-http needs open files here, including secret_key_store -chown -R horizon /var/lib/kolla/venv/lib/python2.7/site-packages/openstack_dashboard/local/ - -apache2 -DFOREGROUND - diff --git a/horizon/templates/configmap-bin.yaml b/horizon/templates/configmap-bin.yaml index ab768ec1bf..3d6bf285ed 100644 --- a/horizon/templates/configmap-bin.yaml +++ b/horizon/templates/configmap-bin.yaml @@ -17,5 +17,5 @@ kind: ConfigMap metadata: name: horizon-bin data: - start.sh: | -{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + horizon.sh: | +{{ tuple "bin/_horizon.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 391439e951..4971dfe244 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -59,23 +59,24 @@ spec: {{- end }} command: - bash - - /tmp/start.sh - ports: - - containerPort: {{ .Values.network.port }} + - /tmp/horizon.sh + - start lifecycle: preStop: exec: command: - - apachectl - - -k - - graceful-stop + - bash + - /tmp/horizon.sh + - stop + ports: + - containerPort: {{ .Values.network.port }} readinessProbe: tcpSocket: port: {{ .Values.network.port }} volumeMounts: - name: startsh - mountPath: /tmp/start.sh - subPath: start.sh + mountPath: /tmp/horizon.sh + subPath: horizon.sh readOnly: true - name: horizon-etc mountPath: /etc/apache2/sites-enabled/000-default.conf diff --git a/barbican/templates/bin/_start.sh.tpl b/keystone/templates/bin/_keystone-api.sh.tpl similarity index 69% rename from barbican/templates/bin/_start.sh.tpl rename to keystone/templates/bin/_keystone-api.sh.tpl index bb1e6a34e7..e47df9a839 100644 --- a/barbican/templates/bin/_start.sh.tpl +++ b/keystone/templates/bin/_keystone-api.sh.tpl @@ -16,4 +16,20 @@ set -ex -exec uwsgi --master --emperor /etc/barbican/vassals +COMMAND="${@:-start}" + +function start () { + if [ -f /etc/apache2/envvars ]; then + # Loading Apache2 ENV variables + source /etc/apache2/envvars + fi + + # Start Apache2 + exec apache2 -DFOREGROUND +} + +function stop () { + apachectl -k graceful-stop +} + +$COMMAND diff --git a/keystone/templates/configmap-bin.yaml b/keystone/templates/configmap-bin.yaml index 443986c5d8..e773dea900 100644 --- a/keystone/templates/configmap-bin.yaml +++ b/keystone/templates/configmap-bin.yaml @@ -21,5 +21,5 @@ data: {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | {{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - start.sh: | -{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + keystone-api.sh: | +{{ tuple "bin/_keystone-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/keystone/templates/deployment.yaml b/keystone/templates/deployment.yaml index 31e9d9c877..e0c8474a48 100644 --- a/keystone/templates/deployment.yaml +++ b/keystone/templates/deployment.yaml @@ -59,19 +59,20 @@ spec: {{- end }} command: - bash - - /tmp/start.sh + - /tmp/keystone-api.sh + - start + lifecycle: + preStop: + exec: + command: + - bash + - /tmp/keystone-api.sh + - stop ports: - name: api-public containerPort: {{ .Values.network.api.port }} - name: api-admin containerPort: {{ .Values.network.admin.port }} - lifecycle: - preStop: - exec: - command: - - apachectl - - -k - - graceful-stop readinessProbe: tcpSocket: port: {{ .Values.network.api.port }} @@ -103,8 +104,8 @@ spec: subPath: mpm_event.conf readOnly: true - name: keystone-bin - mountPath: /tmp/start.sh - subPath: start.sh + mountPath: /tmp/keystone-api.sh + subPath: keystone-api.sh readOnly: true {{ if $mounts_keystone_api.volumeMounts }}{{ toYaml $mounts_keystone_api.volumeMounts | indent 10 }}{{ end }} volumes: diff --git a/magnum/templates/bin/_magnum-api.sh.tpl b/magnum/templates/bin/_magnum-api.sh.tpl index a6d66a820a..791a5829f5 100644 --- a/magnum/templates/bin/_magnum-api.sh.tpl +++ b/magnum/templates/bin/_magnum-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec magnum-api \ - --config-file /etc/magnum/magnum.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec magnum-api \ + --config-file /etc/magnum/magnum.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/magnum/templates/bin/_magnum-conductor.sh.tpl b/magnum/templates/bin/_magnum-conductor.sh.tpl index 7631930c5d..19e0734c73 100644 --- a/magnum/templates/bin/_magnum-conductor.sh.tpl +++ b/magnum/templates/bin/_magnum-conductor.sh.tpl @@ -14,6 +14,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x +set -ex exec magnum-conductor \ --config-file /etc/magnum/magnum.conf diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml index aebef2ed7d..78815956ec 100644 --- a/magnum/templates/deployment-api.yaml +++ b/magnum/templates/deployment-api.yaml @@ -57,21 +57,22 @@ spec: memory: {{ .Values.resources.magnum_api.limits.memory | quote }} cpu: {{ .Values.resources.magnum_api.limits.cpu | quote }} {{- end }} - ports: - - containerPort: {{ .Values.conf.magnum.api.magnum.port }} + command: + - bash + - /tmp/magnum-api.sh + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/magnum-api.sh + - stop + ports: + - containerPort: {{ .Values.conf.magnum.api.magnum.port }} readinessProbe: tcpSocket: port: {{ .Values.conf.magnum.api.magnum.port }} - command: - - bash - - /tmp/magnum-api.sh volumeMounts: - name: magnum-bin mountPath: /tmp/magnum-api.sh diff --git a/mistral/templates/bin/_mistral-api.sh.tpl b/mistral/templates/bin/_mistral-api.sh.tpl index 8c2e4bbcf0..0b49cf7a11 100644 --- a/mistral/templates/bin/_mistral-api.sh.tpl +++ b/mistral/templates/bin/_mistral-api.sh.tpl @@ -14,7 +14,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec mistral-server \ - --server api \ - --config-file /etc/mistral/mistral.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec mistral-server \ + --server api \ + --config-file /etc/mistral/mistral.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml index 29787bdf1f..5d061bd409 100644 --- a/mistral/templates/deployment-api.yaml +++ b/mistral/templates/deployment-api.yaml @@ -60,16 +60,17 @@ spec: command: - bash - /tmp/mistral-api.sh - ports: - - name: {{ .Values.network.api.name }} - containerPort: {{ .Values.conf.mistral.api.mistral.config.port }} + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/mistral-api.sh + - stop + ports: + - name: {{ .Values.network.api.name }} + containerPort: {{ .Values.conf.mistral.api.mistral.config.port }} readinessProbe: tcpSocket: port: {{ .Values.conf.mistral.api.mistral.config.port }} diff --git a/neutron/templates/bin/_neutron-server.sh.tpl b/neutron/templates/bin/_neutron-server.sh.tpl index 0ab1ef5de3..21442be8b9 100644 --- a/neutron/templates/bin/_neutron-server.sh.tpl +++ b/neutron/templates/bin/_neutron-server.sh.tpl @@ -14,7 +14,17 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec neutron-server \ - --config-file /etc/neutron/neutron.conf \ - --config-file /etc/neutron/plugins/ml2/ml2_conf.ini +set -ex +COMMAND="${@:-start}" + +function start () { + exec neutron-server \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index 95320a109c..d91e652f64 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -57,21 +57,22 @@ spec: cpu: {{ .Values.resources.server.requests.cpu | quote }} memory: {{ .Values.resources.server.requests.memory | quote }} {{- end }} - ports: - - containerPort: {{ .Values.network.server.port }} + command: + - bash + - /tmp/neutron-server.sh + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/neutron-server.sh + - stop + ports: + - containerPort: {{ .Values.network.server.port }} readinessProbe: tcpSocket: port: {{ .Values.network.server.port }} - command: - - bash - - /tmp/neutron-server.sh volumeMounts: - name: neutron-bin mountPath: /tmp/neutron-server.sh diff --git a/nova/templates/bin/_nova-api-metadata.sh.tpl b/nova/templates/bin/_nova-api-metadata.sh.tpl index 0a2ce4cce5..fa3c3863bd 100644 --- a/nova/templates/bin/_nova-api-metadata.sh.tpl +++ b/nova/templates/bin/_nova-api-metadata.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec nova-api-metadata \ - --config-file /etc/nova/nova.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec nova-api-metadata \ + --config-file /etc/nova/nova.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/nova/templates/bin/_nova-api.sh.tpl b/nova/templates/bin/_nova-api.sh.tpl index 2170d1e426..4c334f7c5b 100644 --- a/nova/templates/bin/_nova-api.sh.tpl +++ b/nova/templates/bin/_nova-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec nova-api \ - --config-file /etc/nova/nova.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec nova-api-os-compute \ + --config-file /etc/nova/nova.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 13a0a9f7b2..1a73c96919 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -48,7 +48,6 @@ spec: - name: nova-api image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} - # https://bugs.launchpad.net/kolla-mesos/+bug/1546007 {{- if .Values.resources.enabled }} resources: requests: @@ -58,25 +57,28 @@ spec: memory: {{ .Values.resources.nova_api_metadata.limits.memory | quote }} cpu: {{ .Values.resources.nova_api_metadata.limits.cpu | quote }} {{- end }} + # NOTE(portdirect): NET_ADMIN is needed as the api-metadata service + # expects to run some iptables commands, even when neutron is used. securityContext: capabilities: add: - NET_ADMIN - ports: - - containerPort: {{ .Values.network.metadata.port }} + command: + - bash + - /tmp/nova-api-metadata.sh + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/nova-api-metadata.sh + - stop + ports: + - containerPort: {{ .Values.network.metadata.port }} readinessProbe: tcpSocket: port: {{ .Values.network.metadata.port }} - command: - - bash - - /tmp/nova-api-metadata.sh volumeMounts: - name: nova-bin mountPath: /tmp/nova-api-metadata.sh diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index d53c4568e3..0320ab9930 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -48,10 +48,6 @@ spec: - name: nova-osapi image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} - securityContext: - capabilities: - add: - - NET_ADMIN {{- if .Values.resources.enabled }} resources: requests: @@ -61,21 +57,22 @@ spec: memory: {{ .Values.resources.nova_osapi.limits.memory | quote }} cpu: {{ .Values.resources.nova_osapi.limits.cpu | quote }} {{- end }} - ports: - - containerPort: {{ .Values.network.osapi.port }} + command: + - bash + - /tmp/nova-api.sh + - start lifecycle: preStop: exec: command: - - kill - - -TERM - - "1" + - bash + - /tmp/nova-api.sh + - stop + ports: + - containerPort: {{ .Values.network.osapi.port }} readinessProbe: tcpSocket: port: {{ .Values.network.osapi.port }} - command: - - bash - - /tmp/nova-api.sh volumeMounts: - name: nova-bin mountPath: /tmp/nova-api.sh diff --git a/senlin/templates/bin/_senlin-api.sh.tpl b/senlin/templates/bin/_senlin-api.sh.tpl index cd61cc0148..859108c999 100644 --- a/senlin/templates/bin/_senlin-api.sh.tpl +++ b/senlin/templates/bin/_senlin-api.sh.tpl @@ -14,6 +14,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -x -exec senlin-api \ - --config-file /etc/senlin/senlin.conf +set -ex +COMMAND="${@:-start}" + +function start () { + exec senlin-api \ + --config-file /etc/senlin/senlin.conf +} + +function stop () { + kill -TERM 1 +} + +$COMMAND diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml index b6e51ecbba..a81d79bb00 100644 --- a/senlin/templates/deployment-api.yaml +++ b/senlin/templates/deployment-api.yaml @@ -57,21 +57,22 @@ spec: memory: {{ .Values.resources.senlin_api.limits.memory | quote }} cpu: {{ .Values.resources.senlin_api.limits.cpu | quote }} {{- end }} + command: + - bash + - /tmp/senlin-api.sh + - start + lifecycle: + preStop: + exec: + command: + - bash + - /tmp/senlin-api.sh + - stop ports: - containerPort: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }} readinessProbe: tcpSocket: port: {{ .Values.conf.senlin.senlin_api.senlin.config.bind_port }} - command: - - bash - - /tmp/senlin-api.sh - lifecycle: - preStop: - exec: - command: - - kill - - -TERM - - "1" volumeMounts: - name: senlin-bin mountPath: /tmp/senlin-api.sh