openstack-helm/cinder/templates/configmap-etc.yaml
Michael Polenchuk 73b9629ea2 [cinder] Support service tokens
Bring in option to be able to create and send service
tokens to prevent long-running job failures (default is OFF).

Change-Id: I5e5707001687e464386696b9c8d80ad8b2977e97
2020-09-25 15:05:35 +04:00

168 lines
9.9 KiB
YAML

{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- if empty .Values.conf.cinder.keystone_authtoken.auth_uri -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.keystone_authtoken "auth_uri" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.keystone_authtoken "auth_url" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.region_name -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "region_name" .Values.endpoints.identity.auth.cinder.region_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.project_name -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "project_name" .Values.endpoints.identity.auth.cinder.project_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.project_domain_name -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.cinder.project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.user_domain_name -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.cinder.user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.username -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "username" .Values.endpoints.identity.auth.cinder.username -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.password -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "password" .Values.endpoints.identity.auth.cinder.password -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.memcached_servers -}}
{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.cinder.keystone_authtoken "memcached_servers" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.cinder.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}}
{{- end -}}
{{- if empty .Values.conf.cinder.database.connection -}}
{{- $connection := tuple "oslo_db" "internal" "cinder" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" -}}
{{- if .Values.manifests.certificates -}}
{{- $_ := (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | set .Values.conf.cinder.database "connection" -}}
{{- else -}}
{{- $_ := set .Values.conf.cinder.database "connection" $connection -}}
{{- end -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.transport_url -}}
{{- $_ := tuple "oslo_messaging" "internal" "cinder" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | set .Values.conf.cinder.DEFAULT "transport_url" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.glance_api_servers -}}
{{- $_ := tuple "image" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "glance_api_servers" -}}
{{- end -}}
{{- if (contains "cinder.backup.drivers.swift" .Values.conf.cinder.DEFAULT.backup_driver) }}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_auth_version -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_auth_version" "3" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "backup_swift_auth_url" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user_domain -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_user_domain" .Values.endpoints.identity.auth.cinder.user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_user -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_user" .Values.endpoints.identity.auth.cinder.username -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_key -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_key" .Values.endpoints.identity.auth.cinder.password -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project_domain -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_project_domain" .Values.endpoints.identity.auth.cinder.project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.backup_swift_project -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_project" .Values.endpoints.identity.auth.cinder.project_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.swift_catalog_info -}}
{{- $_ := set .Values.conf.cinder.DEFAULT "swift_catalog_info" "object-store:swift:internalURL" -}}
{{- end -}}
{{- end -}}
{{- if empty .Values.conf.cinder.DEFAULT.osapi_volume_listen_port -}}
{{- $_ := tuple "volume" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.cinder.DEFAULT "osapi_volume_listen_port" -}}
{{- end -}}
{{- if .Values.conf.cinder.service_user.send_service_user_token -}}
{{- if empty .Values.conf.cinder.service_user.auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.cinder.service_user "auth_url" -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.region_name -}}
{{- $_ := set .Values.conf.cinder.service_user "region_name" .Values.endpoints.identity.auth.cinder.region_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.project_name -}}
{{- $_ := set .Values.conf.cinder.service_user "project_name" .Values.endpoints.identity.auth.cinder.project_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.project_domain_name -}}
{{- $_ := set .Values.conf.cinder.service_user "project_domain_name" .Values.endpoints.identity.auth.cinder.project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.user_domain_name -}}
{{- $_ := set .Values.conf.cinder.service_user "user_domain_name" .Values.endpoints.identity.auth.cinder.user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.username -}}
{{- $_ := set .Values.conf.cinder.service_user "username" .Values.endpoints.identity.auth.cinder.username -}}
{{- end -}}
{{- if empty .Values.conf.cinder.service_user.password -}}
{{- $_ := set .Values.conf.cinder.service_user "password" .Values.endpoints.identity.auth.cinder.password -}}
{{- end -}}
{{- end -}}
{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .Release.Name $fluentd_host $fluentd_port }}
{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
{{- end -}}
{{- if and (empty .Values.conf.logging.formatter_fluent) (has "fluent" .Values.conf.logging.formatters.keys) -}}
{{- $formatter_fluent := dict "class" "oslo_log.formatters.FluentFormatter" -}}
{{- $_ := set .Values.conf.logging "formatter_fluent" $formatter_fluent -}}
{{- end -}}
---
apiVersion: v1
kind: Secret
metadata:
name: cinder-etc
type: Opaque
data:
rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }}
cinder.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.cinder | b64enc }}
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
backends.conf: {{ include "helm-toolkit.utils.to_ini" .Values.conf.backends | b64enc }}
api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
policy.yaml: {{ toYaml .Values.conf.policy | b64enc }}
{{- if .Values.manifests.certificates }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf" "format" "Secret" ) | indent 2 }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_cinder "key" "wsgi-cinder.conf" "format" "Secret" ) | indent 2 }}
{{- end }}
api_audit_map.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.api_audit_map | b64enc }}
cinder_sudoers: {{ $envAll.Values.conf.cinder_sudoers | b64enc }}
rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
resource_filters.json: {{ toJson .Values.conf.resource_filters | b64enc }}
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
{{- $filePrefix := replace "_" "-" $key }}
{{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}
{{- end }}
{{- if .Values.backup.external_ceph_rbd.enabled }}
external-backup-ceph.conf: {{ include "helm-toolkit.utils.to_ini" .Values.backup.external_ceph_rbd.conf | b64enc }}
{{- end }}
{{- if .Values.ceph_client.enable_external_ceph_backend }}
external-ceph.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.ceph_client.external_ceph.conf | b64enc }}
{{- end }}
{{- end }}