Add keystone ingress

Create a ingress with the host lists which are from the keystone CR spec

Change-Id: I18c7f3f529e0e44e412b647345fc176bbcea93dc

config/samples/identity_v1alpha1_keystone.yaml

@@ -5,3 +5,6 @@ metadata:
   name: sample
 spec:
   configDir: /etc/keystone
+  ingress:
+  - host: "keystone1.vexxhost.com"
+  - host: "keystone2.vexxhost.com"

openstack_operator/keystone.py

@@ -39,3 +39,18 @@ def create_or_resume(name, spec, **_):
                            name=name, spec=spec)
     utils.create_or_update('keystone/horizontalpodautoscaler.yml.j2',
                            name=name)
+    if "ingress" in spec:
+        utils.create_or_update('keystone/ingress.yml.j2',
+                               spec=spec)
+
+
+@kopf.on.update('identity.openstack.org', 'v1alpha1', 'keystones')
+def update(spec, **_):
+    """Update a keystone
+
+    This function updates the deployment for horizon if there are any
+    changes that happen within it.
+    """
+    if "ingress" in spec:
+        utils.create_or_update('keystone/ingress.yml.j2',
+                               spec=spec)

openstack_operator/templates/keystone/ingress.yml.j2

@@ -0,0 +1,55 @@
+---
+# Copyright 2020 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: keystone
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    certmanager.k8s.io/cluster-issuer: "letsencrypt-prod"
+spec:
+{% if spec.ingress.host is defined %}
+  rules:
+  - host: {{ spec.ingress.host }}
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: keystone
+          servicePort: 80
+  tls:
+  - hosts:
+    - {{ spec.ingress.host }}
+    secretName: keystone-tls
+{% else %}
+  rules:
+  {% for v in spec.ingress %}
+  - host: {{ v.host }}
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: keystone
+          servicePort: 80
+  {% endfor %}
+  tls:
+  - hosts:
+    {% for v in spec.ingress %}
+    - {{ v.host }}
+    {% endfor %}
+    secretName: keystone-tls
+{% endif %}

playbooks/functional/tests/memcached.yaml

@@ -38,7 +38,7 @@
   register: _metrics
   loop: "{{ _memcached_ips.stdout_lines }}"
   until: _metrics is success
-  retries: 10
+  retries: 60
   delay: 5
   failed_when: "'memcached_up 1' not in _metrics.content"
 
@@ -46,7 +46,7 @@
   command: kubectl get pods -l app.kubernetes.io/name=mcrouter,app.kubernetes.io/instance=memcached-devstack -o=jsonpath='{range .items[*]}{.status.podIP}{"\n"}{end}'
   register: _mcrouter_ips
   until: _mcrouter_ips is success
-  retries: 10
+  retries: 60
   delay: 5
   failed_when: |
     {{ _mcrouter_ips.stdout_lines | length == 0 }} or

playbooks/functional/tests/rabbitmq.yaml

@@ -25,7 +25,7 @@
   command: kubectl get pods -l app.kubernetes.io/name=rabbitmq,app.kubernetes.io/instance=sample -o=jsonpath='{range .items[*]}{.status.podIP}{"\n"}{end}'
   register: _rabbitmq_ips
   until: _rabbitmq_ips is success
-  retries: 10
+  retries: 60
   delay: 5
   failed_when: "{{ _rabbitmq_ips.stdout_lines | length == 0 }}"