diff --git a/openstack_operator/keystone.py b/openstack_operator/keystone.py index a348ca3d..6e6e8cf0 100644 --- a/openstack_operator/keystone.py +++ b/openstack_operator/keystone.py @@ -68,7 +68,7 @@ def create_or_rotate_fernet_repository(name): # Update secret utils.create_or_update('keystone/secret-fernet.yml.j2', name=name, - keys=keys, is_strategic=False, adopt=True) + keys=keys, adopt=True) @kopf.timer('apps', 'v1', 'deployments', diff --git a/openstack_operator/templates/heat/deployment.yml.j2 b/openstack_operator/templates/heat/deployment.yml.j2 index 71033f44..04f57f12 100644 --- a/openstack_operator/templates/heat/deployment.yml.j2 +++ b/openstack_operator/templates/heat/deployment.yml.j2 @@ -52,6 +52,7 @@ spec: {% if 'api' in component %} ports: - name: heat-{{ component }} + protocol: TCP containerPort: {% if component == 'api' %}8004{% else %}8000{% endif%} livenessProbe: tcpSocket: diff --git a/openstack_operator/templates/heat/service.yml.j2 b/openstack_operator/templates/heat/service.yml.j2 index 56f64605..ac3611f1 100644 --- a/openstack_operator/templates/heat/service.yml.j2 +++ b/openstack_operator/templates/heat/service.yml.j2 @@ -19,9 +19,9 @@ metadata: name: heat-{{ component }} namespace: openstack spec: - serviceType: ClusterIP ports: - name: heat-{{ component }} + protocol: TCP port: 80 targetPort: heat-{{ component }} selector: diff --git a/openstack_operator/templates/horizon/deployment.yml.j2 b/openstack_operator/templates/horizon/deployment.yml.j2 index 8441259f..a252ea8b 100644 --- a/openstack_operator/templates/horizon/deployment.yml.j2 +++ b/openstack_operator/templates/horizon/deployment.yml.j2 @@ -48,6 +48,7 @@ spec: name: horizon ports: - name: horizon + protocol: TCP containerPort: 8000 livenessProbe: tcpSocket: diff --git a/openstack_operator/templates/horizon/service.yml.j2 b/openstack_operator/templates/horizon/service.yml.j2 index 0afb7ba9..712f7694 100644 --- a/openstack_operator/templates/horizon/service.yml.j2 +++ b/openstack_operator/templates/horizon/service.yml.j2 @@ -19,7 +19,6 @@ metadata: name: horizon namespace: openstack spec: - type: ClusterIP ports: - name: horizon port: 80 diff --git a/openstack_operator/templates/keystone/deployment.yml.j2 b/openstack_operator/templates/keystone/deployment.yml.j2 index 98b77994..1c44dbe9 100644 --- a/openstack_operator/templates/keystone/deployment.yml.j2 +++ b/openstack_operator/templates/keystone/deployment.yml.j2 @@ -43,6 +43,7 @@ spec: {% endfor %} ports: - name: keystone + protocol: TCP containerPort: 5000 livenessProbe: httpGet: diff --git a/openstack_operator/templates/keystone/secret-fernet.yml.j2 b/openstack_operator/templates/keystone/secret-fernet.yml.j2 index 1794cc6d..f9516c14 100644 --- a/openstack_operator/templates/keystone/secret-fernet.yml.j2 +++ b/openstack_operator/templates/keystone/secret-fernet.yml.j2 @@ -19,7 +19,4 @@ metadata: name: keystone-{{ name }} namespace: openstack data: -{% if keys | length > 2 %} - $patch: replace -{% endif %} {{ keys | to_yaml | indent(2) }} diff --git a/openstack_operator/templates/keystone/service.yml.j2 b/openstack_operator/templates/keystone/service.yml.j2 index b7913479..85a37ef0 100644 --- a/openstack_operator/templates/keystone/service.yml.j2 +++ b/openstack_operator/templates/keystone/service.yml.j2 @@ -19,7 +19,6 @@ metadata: name: keystone namespace: openstack spec: - type: ClusterIP ports: - name: keystone port: 80 diff --git a/openstack_operator/templates/mcrouter/deployment.yml.j2 b/openstack_operator/templates/mcrouter/deployment.yml.j2 index 4772fdc6..44e4435f 100644 --- a/openstack_operator/templates/mcrouter/deployment.yml.j2 +++ b/openstack_operator/templates/mcrouter/deployment.yml.j2 @@ -36,6 +36,7 @@ spec: imagePullPolicy: Always ports: - name: mcrouter + protocol: TCP containerPort: 11211 livenessProbe: tcpSocket: @@ -64,6 +65,7 @@ spec: imagePullPolicy: Always ports: - name: metrics + protocol: TCP containerPort: 9442 livenessProbe: httpGet: diff --git a/openstack_operator/templates/mcrouter/service.yml.j2 b/openstack_operator/templates/mcrouter/service.yml.j2 index df07cff3..65dee335 100644 --- a/openstack_operator/templates/mcrouter/service.yml.j2 +++ b/openstack_operator/templates/mcrouter/service.yml.j2 @@ -18,7 +18,6 @@ kind: Service metadata: name: mcrouter-{{ name }} spec: - serviceType: ClusterIP ports: - name: mcrouter port: 11211 diff --git a/openstack_operator/templates/memcached/deployment.yml.j2 b/openstack_operator/templates/memcached/deployment.yml.j2 index 52c43a18..656aac14 100644 --- a/openstack_operator/templates/memcached/deployment.yml.j2 +++ b/openstack_operator/templates/memcached/deployment.yml.j2 @@ -36,6 +36,7 @@ spec: imagePullPolicy: Always ports: - name: memcached + protocol: TCP containerPort: 11211 livenessProbe: tcpSocket: @@ -59,6 +60,7 @@ spec: imagePullPolicy: Always ports: - name: metrics + protocol: TCP containerPort: 9150 livenessProbe: httpGet: diff --git a/openstack_operator/templates/memcached/service.yml.j2 b/openstack_operator/templates/memcached/service.yml.j2 index bb13c9c9..e641c2c4 100644 --- a/openstack_operator/templates/memcached/service.yml.j2 +++ b/openstack_operator/templates/memcached/service.yml.j2 @@ -21,6 +21,7 @@ spec: clusterIP: None ports: - name: memcached + protocol: TCP port: 11211 targetPort: memcached selector: diff --git a/openstack_operator/templates/memcached/statefulset.yml.j2 b/openstack_operator/templates/memcached/statefulset.yml.j2 index 5ed70d64..32c0a431 100644 --- a/openstack_operator/templates/memcached/statefulset.yml.j2 +++ b/openstack_operator/templates/memcached/statefulset.yml.j2 @@ -37,6 +37,7 @@ spec: imagePullPolicy: Always ports: - name: memcached + protocol: TCP containerPort: 11211 livenessProbe: tcpSocket: @@ -60,6 +61,7 @@ spec: imagePullPolicy: Always ports: - name: metrics + protocol: TCP containerPort: 9150 livenessProbe: httpGet: diff --git a/openstack_operator/templates/rabbitmq/deployment.yml.j2 b/openstack_operator/templates/rabbitmq/deployment.yml.j2 index cccaa6f2..3e2c6e76 100644 --- a/openstack_operator/templates/rabbitmq/deployment.yml.j2 +++ b/openstack_operator/templates/rabbitmq/deployment.yml.j2 @@ -46,8 +46,10 @@ spec: imagePullPolicy: Always ports: - name: rabbitmq + protocol: TCP containerPort: 5672 - name: metrics + protocol: TCP containerPort: 15692 livenessProbe: tcpSocket: @@ -82,4 +84,4 @@ spec: {% if 'tolerations' in spec %} tolerations: {{ spec.tolerations | to_yaml | indent(8) }} -{% endif %} \ No newline at end of file +{% endif %} diff --git a/openstack_operator/templates/rabbitmq/service.yml.j2 b/openstack_operator/templates/rabbitmq/service.yml.j2 index b9dbde3a..bd3aa462 100644 --- a/openstack_operator/templates/rabbitmq/service.yml.j2 +++ b/openstack_operator/templates/rabbitmq/service.yml.j2 @@ -18,7 +18,6 @@ kind: Service metadata: name: rabbitmq-{{ name }} spec: - serviceType: ClusterIP ports: - name: rabbitmq port: 5672 diff --git a/openstack_operator/utils.py b/openstack_operator/utils.py index d34ac105..22478d0c 100644 --- a/openstack_operator/utils.py +++ b/openstack_operator/utils.py @@ -18,7 +18,6 @@ The module contains a few useful utilities which we refactor out in order to be able to use them across all different operators. """ import base64 -import copy import operator import json import os @@ -29,7 +28,6 @@ import jinja2 import kopf from pbr import version import pykube -from pykube.utils import obj_merge import yaml import openstack @@ -87,7 +85,7 @@ ENV.filters['to_yaml'] = to_yaml ENV.globals['labels'] = labels -def create_or_update(template, is_strategic=True, **kwargs): +def create_or_update(template, **kwargs): """Create or update a Kubernetes resource. This function is called with a template and the args to pass to that @@ -97,31 +95,23 @@ def create_or_update(template, is_strategic=True, **kwargs): """ resource = generate_object(template, **kwargs) - obj = copy.deepcopy(resource.obj) - # Try to get the remote record - try: - resource.reload() - resource.obj = obj - - # NOTE(mnaser): Workaround until the following lands - # https://github.com/hjacobs/pykube/pull/68 - # pylint: disable=W0212 - patch = obj_merge(resource.obj, resource._original_obj, is_strategic) - resp = resource.api.patch( - **resource.api_kwargs( - headers={ - "Content-Type": "application/strategic-merge-patch+json" - }, - data=json.dumps(patch), - ) + # NOTE(mnaser): The following relies on server-side apply and requires + # at least Kuberentes v1.16+ + resp = resource.api.patch( + **resource.api_kwargs( + headers={ + "Content-Type": "application/apply-patch+yaml" + }, + params={ + 'fieldManager': 'openstack-operator', + 'force': True, + }, + data=to_yaml(resource.obj), ) - resource.api.raise_for_status(resp) - resource.set_obj(resp.json()) - except pykube.exceptions.HTTPError as exc: - if exc.code != 404: - raise - resource.create() + ) + resource.api.raise_for_status(resp) + resource.set_obj(resp.json()) return resource