44d263b2bf
- braces - brackets - colons - commas - comments - hyphens - indentation - key-duplicates with corresponding code changes. Also disable enforcement for document-(start|end) rules and disables warnings to increase readability. * Unrestrict octal values rule since benefits of file modes readability exceed possible issues with yaml 1.2 adoption in future k8s versions. These issues will be addressed when/if they occur. Change-Id: Ic5e327cf40c4b09c90738baff56419a6cef132da Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
512 lines
22 KiB
YAML
512 lines
22 KiB
YAML
{{/*
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/}}
|
|
|
|
{{- define "novaComputeLivenessProbeTemplate" }}
|
|
exec:
|
|
command:
|
|
- python
|
|
- /tmp/health-probe.py
|
|
- --config-file
|
|
- /etc/nova/nova.conf
|
|
- --service-queue-name
|
|
- compute
|
|
- --liveness-probe
|
|
{{- if .Values.pod.use_fqdn.compute }}
|
|
- --use-fqdn
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- define "novaComputeReadinessProbeTemplate" }}
|
|
exec:
|
|
command:
|
|
- python
|
|
- /tmp/health-probe.py
|
|
- --config-file
|
|
- /etc/nova/nova.conf
|
|
- --service-queue-name
|
|
- compute
|
|
{{- if .Values.pod.use_fqdn.compute }}
|
|
- --use-fqdn
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- define "nova.compute.daemonset" }}
|
|
{{- $daemonset := index . 0 }}
|
|
{{- $configMapName := index . 1 }}
|
|
{{- $serviceAccountName := index . 2 }}
|
|
{{- $envAll := index . 3 }}
|
|
{{- with $envAll }}
|
|
|
|
{{- $mounts_nova_compute := .Values.pod.mounts.nova_compute.nova_compute }}
|
|
{{- $mounts_nova_compute_init := .Values.pod.mounts.nova_compute.init_container }}
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
name: nova-compute
|
|
annotations:
|
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
|
labels:
|
|
{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
|
{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
annotations:
|
|
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
|
{{ dict "envAll" $envAll "podName" "nova-compute-default" "containerNames" (list "nova-compute" "init" "nova-compute-init" "nova-compute-vnc-init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
|
|
spec:
|
|
serviceAccountName: {{ $serviceAccountName }}
|
|
{{ dict "envAll" $envAll "application" "nova" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
|
nodeSelector:
|
|
{{ .Values.labels.agent.compute.node_selector_key }}: {{ .Values.labels.agent.compute.node_selector_value }}
|
|
hostNetwork: true
|
|
hostPID: true
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
initContainers:
|
|
{{ tuple $envAll "pod_dependency" $mounts_nova_compute_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
- name: nova-compute-init
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
env:
|
|
- name: NOVA_USER_UID
|
|
value: "{{ .Values.pod.security_context.nova.pod.runAsUser }}"
|
|
command:
|
|
- /tmp/nova-compute-init.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: nova-bin
|
|
mountPath: /tmp/nova-compute-init.sh
|
|
subPath: nova-compute-init.sh
|
|
readOnly: true
|
|
- name: varlibnova
|
|
mountPath: /var/lib/nova
|
|
- name: pod-shared
|
|
mountPath: /tmp/pod-shared
|
|
{{- if .Values.conf.ceph.enabled }}
|
|
- name: ceph-perms
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "ceph_perms" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
command:
|
|
- chown
|
|
- -R
|
|
- "nova:"
|
|
- /etc/ceph
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: etcceph
|
|
mountPath: /etc/ceph
|
|
{{- if empty .Values.conf.ceph.cinder.keyring }}
|
|
- name: ceph-admin-keyring-placement
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "ceph_admin_keyring_placement" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
command:
|
|
- /tmp/ceph-admin-keyring.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: etcceph
|
|
mountPath: /etc/ceph
|
|
- name: nova-bin
|
|
mountPath: /tmp/ceph-admin-keyring.sh
|
|
subPath: ceph-admin-keyring.sh
|
|
readOnly: true
|
|
{{- if empty .Values.conf.ceph.admin_keyring }}
|
|
- name: ceph-keyring
|
|
mountPath: /tmp/client-keyring
|
|
subPath: key
|
|
readOnly: true
|
|
{{ end }}
|
|
{{ end }}
|
|
- name: ceph-keyring-placement
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "ceph_keyring_placement" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
env:
|
|
- name: CEPH_CINDER_USER
|
|
value: "{{ .Values.conf.ceph.cinder.user }}"
|
|
{{- if .Values.conf.ceph.cinder.keyring }}
|
|
- name: CEPH_CINDER_KEYRING
|
|
value: "{{ .Values.conf.ceph.cinder.keyring }}"
|
|
{{ end }}
|
|
- name: LIBVIRT_CEPH_SECRET_UUID
|
|
value: "{{ .Values.conf.ceph.secret_uuid }}"
|
|
command:
|
|
- /tmp/ceph-keyring.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: etcceph
|
|
mountPath: /etc/ceph
|
|
- name: nova-bin
|
|
mountPath: /tmp/ceph-keyring.sh
|
|
subPath: ceph-keyring.sh
|
|
- name: ceph-etc
|
|
mountPath: /etc/ceph/ceph.conf.template
|
|
subPath: ceph.conf
|
|
readOnly: true
|
|
{{ end }}
|
|
{{- if eq .Values.console.console_kind "novnc"}}
|
|
- name: nova-compute-vnc-init
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.compute | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_vnc_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
command:
|
|
- /tmp/nova-console-compute-init.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: nova-bin
|
|
mountPath: /tmp/nova-console-compute-init.sh
|
|
subPath: nova-console-compute-init.sh
|
|
readOnly: true
|
|
- name: pod-shared
|
|
mountPath: /tmp/pod-shared
|
|
{{ end }}
|
|
{{- if eq .Values.console.console_kind "spice"}}
|
|
- name: nova-compute-spice-init
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.compute | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_spice_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
command:
|
|
- /tmp/nova-console-compute-init.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: nova-bin
|
|
mountPath: /tmp/nova-console-compute-init.sh
|
|
subPath: nova-console-compute-init.sh
|
|
readOnly: true
|
|
- name: pod-shared
|
|
mountPath: /tmp/pod-shared
|
|
{{ end }}
|
|
{{- if ( has "tungstenfabric" .Values.network.backend ) }}
|
|
- name: tungstenfabric-compute-init
|
|
image: {{ .Values.images.tags.tf_compute_init }}
|
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.compute | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "tungstenfabric_compute_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
volumeMounts:
|
|
- name: tf-plugin-shared
|
|
mountPath: /opt/plugin
|
|
- name: tf-plugin-bin
|
|
mountPath: /opt/plugin/bin
|
|
{{- end }}
|
|
containers:
|
|
- name: nova-compute
|
|
{{ tuple $envAll "nova_compute" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.compute | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "nova_compute" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
securityContext:
|
|
privileged: true
|
|
env:
|
|
{{- if .Values.conf.ceph.enabled }}
|
|
- name: CEPH_CINDER_USER
|
|
value: "{{ .Values.conf.ceph.cinder.user }}"
|
|
{{- if .Values.conf.ceph.cinder.keyring }}
|
|
- name: CEPH_CINDER_KEYRING
|
|
value: "{{ .Values.conf.ceph.cinder.keyring }}"
|
|
{{ end }}
|
|
- name: LIBVIRT_CEPH_SECRET_UUID
|
|
value: "{{ .Values.conf.ceph.secret_uuid }}"
|
|
{{ end }}
|
|
- name: RPC_PROBE_TIMEOUT
|
|
value: "{{ .Values.pod.probes.rpc_timeout }}"
|
|
- name: RPC_PROBE_RETRIES
|
|
value: "{{ .Values.pod.probes.rpc_retries }}"
|
|
{{- if .Values.manifests.certificates }}
|
|
- name: REQUESTS_CA_BUNDLE
|
|
value: "/etc/nova/certs/ca.crt"
|
|
{{- end }}
|
|
{{ dict "envAll" $envAll "component" "compute" "container" "default" "type" "liveness" "probeTemplate" (include "novaComputeLivenessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
|
{{ dict "envAll" $envAll "component" "compute" "container" "default" "type" "readiness" "probeTemplate" (include "novaComputeReadinessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
|
command:
|
|
- /tmp/nova-compute.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: nova-bin
|
|
mountPath: /tmp/nova-compute.sh
|
|
subPath: nova-compute.sh
|
|
readOnly: true
|
|
- name: nova-bin
|
|
mountPath: /tmp/health-probe.py
|
|
subPath: health-probe.py
|
|
readOnly: true
|
|
- name: nova-etc
|
|
mountPath: /etc/nova/nova.conf
|
|
subPath: nova-compute.conf
|
|
readOnly: true
|
|
{{- if .Values.conf.nova.DEFAULT.log_config_append }}
|
|
- name: nova-etc
|
|
mountPath: {{ .Values.conf.nova.DEFAULT.log_config_append }}
|
|
subPath: {{ base .Values.conf.nova.DEFAULT.log_config_append }}
|
|
readOnly: true
|
|
{{- end }}
|
|
- name: nova-etc
|
|
mountPath: /etc/nova/api-paste.ini
|
|
subPath: api-paste.ini
|
|
readOnly: true
|
|
- name: nova-etc
|
|
mountPath: /etc/nova/policy.yaml
|
|
subPath: policy.yaml
|
|
readOnly: true
|
|
- name: nova-etc
|
|
# NOTE (Portdirect): We mount here to override Kollas
|
|
# custom sudoers file when using Kolla images, this
|
|
# location will also work fine for other images.
|
|
mountPath: /etc/sudoers.d/kolla_nova_sudoers
|
|
subPath: nova_sudoers
|
|
readOnly: true
|
|
- name: nova-etc
|
|
mountPath: /etc/nova/rootwrap.conf
|
|
subPath: rootwrap.conf
|
|
readOnly: true
|
|
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
|
|
{{- if ( has "compute" $value.pods ) }}
|
|
{{- $filePrefix := replace "_" "-" $key }}
|
|
{{- $rootwrapFile := printf "/etc/nova/rootwrap.d/%s.filters" $filePrefix }}
|
|
- name: nova-etc
|
|
mountPath: {{ $rootwrapFile }}
|
|
subPath: {{ base $rootwrapFile }}
|
|
readOnly: true
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: nova-etc
|
|
mountPath: /root/.ssh/config
|
|
subPath: ssh-config
|
|
readOnly: true
|
|
- name: nova-ssh
|
|
mountPath: /root/.ssh/id_rsa
|
|
subPath: ssh-key-private
|
|
{{- if .Values.conf.ceph.enabled }}
|
|
- name: etcceph
|
|
mountPath: /etc/ceph
|
|
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
|
mountPropagation: Bidirectional
|
|
{{- end }}
|
|
{{- if and ( empty .Values.conf.ceph.cinder.keyring ) ( empty .Values.conf.ceph.admin_keyring )}}
|
|
- name: ceph-keyring
|
|
mountPath: /tmp/client-keyring
|
|
subPath: key
|
|
readOnly: true
|
|
{{ end }}
|
|
{{ end }}
|
|
- mountPath: /lib/modules
|
|
name: libmodules
|
|
readOnly: true
|
|
- name: varlibnova
|
|
mountPath: /var/lib/nova
|
|
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
|
mountPropagation: Bidirectional
|
|
{{- end }}
|
|
- name: varliblibvirt
|
|
mountPath: /var/lib/libvirt
|
|
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
|
mountPropagation: Bidirectional
|
|
{{- end }}
|
|
- name: run
|
|
mountPath: /run
|
|
- name: cgroup
|
|
mountPath: /sys/fs/cgroup
|
|
readOnly: true
|
|
- name: pod-shared
|
|
mountPath: /tmp/pod-shared
|
|
- name: machine-id
|
|
mountPath: /etc/machine-id
|
|
readOnly: true
|
|
{{- if .Values.conf.enable_iscsi }}
|
|
- name: host-rootfs
|
|
mountPath: /mnt/host-rootfs
|
|
- name: usrlocalsbin
|
|
mountPath: /usr/local/sbin
|
|
- name: etciscsi
|
|
mountPath: /etc/iscsi
|
|
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
|
mountPropagation: Bidirectional
|
|
{{- end }}
|
|
- name: dev
|
|
mountPath: /dev
|
|
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
|
|
mountPropagation: Bidirectional
|
|
{{- end }}
|
|
- name: nova-bin
|
|
mountPath: /usr/local/sbin/iscsiadm
|
|
subPath: iscsiadm
|
|
{{- end }}
|
|
{{- if ( has "tungstenfabric" .Values.network.backend ) }}
|
|
- name: tf-plugin-shared
|
|
mountPath: /opt/plugin
|
|
readOnly: true
|
|
- name: tf-plugin-bin
|
|
mountPath: /usr/sbin
|
|
readOnly: true
|
|
- name: nova-bin
|
|
mountPath: /usr/local/lib/python2.7/site-packages/tf-plugin.pth
|
|
subPath: tf-plugin.pth
|
|
readOnly: true
|
|
- name: nova-bin
|
|
mountPath: /var/lib/openstack/lib/python2.7/site-packages/tf-plugin.pth
|
|
subPath: tf-plugin.pth
|
|
readOnly: true
|
|
- name: nova-bin
|
|
mountPath: /var/lib/openstack/lib/python3.6/site-packages/tf-plugin.pth
|
|
subPath: tf-plugin.pth
|
|
readOnly: true
|
|
{{- end }}
|
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.compute.osapi.internal "path" "/etc/nova/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
|
{{ if $mounts_nova_compute.volumeMounts }}{{ toYaml $mounts_nova_compute.volumeMounts | indent 12 }}{{ end }}
|
|
{{- if .Values.network.sshd.enabled }}
|
|
- name: nova-compute-ssh
|
|
{{ tuple $envAll "nova_compute_ssh" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
{{ tuple $envAll $envAll.Values.pod.resources.ssh | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
{{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_ssh" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
securityContext:
|
|
privileged: true
|
|
env:
|
|
- name: KEY_TYPES
|
|
value: {{ include "helm-toolkit.utils.joinListWithComma" .Values.ssh.key_types | quote }}
|
|
- name: SSH_PORT
|
|
value: {{ .Values.network.ssh.port | quote }}
|
|
{{- if .Values.manifests.certificates }}
|
|
- name: REQUESTS_CA_BUNDLE
|
|
value: "/etc/nova/certs/ca.crt"
|
|
{{- end }}
|
|
ports:
|
|
- containerPort: {{ .Values.network.ssh.port }}
|
|
command:
|
|
- /tmp/ssh-start.sh
|
|
terminationMessagePath: /var/log/termination-log
|
|
volumeMounts:
|
|
- name: pod-tmp
|
|
mountPath: /tmp
|
|
- name: varlibnova
|
|
mountPath: /var/lib/nova
|
|
- name: varliblibvirt
|
|
mountPath: /var/lib/libvirt
|
|
- name: nova-ssh
|
|
mountPath: /root/.ssh/id_rsa.pub
|
|
subPath: ssh-key-public
|
|
- name: nova-ssh
|
|
mountPath: /root/.ssh/authorized_keys
|
|
subPath: ssh-key-public
|
|
- name: nova-bin
|
|
mountPath: /tmp/ssh-start.sh
|
|
subPath: ssh-start.sh
|
|
readOnly: true
|
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.compute.osapi.internal "path" "/etc/nova/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
|
{{ end }}
|
|
volumes:
|
|
- name: pod-tmp
|
|
emptyDir: {}
|
|
- name: nova-bin
|
|
configMap:
|
|
name: nova-bin
|
|
defaultMode: 0555
|
|
- name: nova-etc
|
|
secret:
|
|
secretName: {{ $configMapName }}
|
|
defaultMode: 0444
|
|
- name: nova-ssh
|
|
secret:
|
|
secretName: nova-ssh
|
|
defaultMode: 0400
|
|
{{- if .Values.conf.ceph.enabled }}
|
|
- name: etcceph
|
|
hostPath:
|
|
path: /var/lib/openstack-helm/compute/nova
|
|
- name: ceph-etc
|
|
configMap:
|
|
name: {{ .Values.ceph_client.configmap }}
|
|
defaultMode: 0444
|
|
{{- if and ( empty .Values.conf.ceph.cinder.keyring ) ( empty .Values.conf.ceph.admin_keyring ) }}
|
|
- name: ceph-keyring
|
|
secret:
|
|
secretName: {{ .Values.ceph_client.user_secret_name }}
|
|
{{ end }}
|
|
{{ end }}
|
|
- name: libmodules
|
|
hostPath:
|
|
path: /lib/modules
|
|
- name: varlibnova
|
|
hostPath:
|
|
path: /var/lib/nova
|
|
- name: varliblibvirt
|
|
hostPath:
|
|
path: /var/lib/libvirt
|
|
- name: run
|
|
hostPath:
|
|
path: /run
|
|
- name: cgroup
|
|
hostPath:
|
|
path: /sys/fs/cgroup
|
|
- name: pod-shared
|
|
emptyDir: {}
|
|
- name: machine-id
|
|
hostPath:
|
|
path: /etc/machine-id
|
|
{{- if .Values.conf.enable_iscsi }}
|
|
- name: host-rootfs
|
|
hostPath:
|
|
path: /
|
|
- name: etciscsi
|
|
hostPath:
|
|
path: /etc/iscsi
|
|
- name: dev
|
|
hostPath:
|
|
path: /dev
|
|
- name: usrlocalsbin
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- if ( has "tungstenfabric" .Values.network.backend ) }}
|
|
- name: tf-plugin-shared
|
|
emptyDir: {}
|
|
- name: tf-plugin-bin
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.compute.osapi.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
|
{{ if $mounts_nova_compute.volumes }}{{ toYaml $mounts_nova_compute.volumes | indent 8 }}{{ end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{- if .Values.manifests.daemonset_compute }}
|
|
{{- $envAll := . }}
|
|
{{- $daemonset := "compute" }}
|
|
{{- $configMapName := "nova-etc" }}
|
|
{{- $serviceAccountName := "nova-compute" }}
|
|
|
|
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "compute" -}}
|
|
{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
|
|
|
|
{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "nova.compute.daemonset" | toString | fromYaml }}
|
|
{{- $configmap_yaml := "nova.configmap.etc" }}
|
|
{{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }}
|
|
{{- end }}
|