vexxhost/openstack-operator
Code Issues Proposed changes
openstack-operator/openstack_operator/templates/keystone/daemonset.yml.j2
okozachenko 84fe30c224 change admin url in keystone 
Change-Id: If7dddf87d4089c0d0d0f3d515f85465a1ac376e2
2020-07-14 00:51:46 +03:00

157 lines
4.4 KiB
Django/Jinja
Raw Blame History

---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: keystone
namespace: openstack
labels:
{{ labels("keystone", name) | indent(4) }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
{{ labels("keystone", name) | indent(6) }}
template:
metadata:
labels:
{{ labels("keystone", name) | indent(8) }}
annotations:
checksum/config: "{{ config_hash }}"
spec:
initContainers:
- name: db-sync
image: vexxhost/keystone:latest
imagePullPolicy: Always
command:
- keystone-manage
- db_sync
volumeMounts:
- mountPath: /etc/keystone
name: config
- name: bootstrap
image: vexxhost/keystone:latest
imagePullPolicy: Always
env:
- name: OS_BOOTSTRAP_PASSWORD
valueFrom:
secretKeyRef:
key: password
name: keystone-init
- name: OS_BOOTSTRAP_REGION_ID
valueFrom:
secretKeyRef:
key: region_name
name: keystone-init
- name: OS_BOOTSTRAP_PUBLIC_URL
valueFrom:
secretKeyRef:
key: auth_url
name: keystone-init
- name: OS_BOOTSTRAP_USERNAME
valueFrom:
secretKeyRef:
key: username
name: keystone-init
- name: OS_BOOTSTRAP_PROJECT_NAME
valueFrom:
secretKeyRef:
key: project_name
name: keystone-init
- name: OS_BOOTSTRAP_SERVICE_NAME
value: keystone
- name: OS_BOOTSTRAP_ADMIN_URL
value: http://keystone.openstack.svc.cluster.local
- name: OS_BOOTSTRAP_INTERNAL_URL
value: http://keystone.openstack.svc.cluster.local
command:
- keystone-manage
- bootstrap
volumeMounts:
- mountPath: /etc/keystone
name: config
- name: fernet-keys
mountPath: /etc/keystone/fernet-keys
- name: credential-keys
mountPath: /etc/keystone/credential-keys
- name: uwsgi-config
mountPath: /etc/uwsgi
containers:
- name: keystone
image: vexxhost/keystone:latest
imagePullPolicy: Always
env:
{% for v in env %}
- name: "{{ v.name }}"
value: "{{ v.value }}"
{% endfor %}
ports:
- name: keystone
protocol: TCP
containerPort: 5000
livenessProbe:
httpGet:
path: /v3
port: keystone
readinessProbe:
httpGet:
path: /v3
port: keystone
lifecycle:
preStop:
exec:
command: ["/bin/sleep", "5"]
securityContext:
runAsUser: 65534
runAsGroup: 65534
volumeMounts:
- mountPath: /etc/keystone/
name: config
- name: fernet-keys
mountPath: /etc/keystone/fernet-keys
- name: credential-keys
mountPath: /etc/keystone/credential-keys
- name: uwsgi-config
mountPath: /etc/uwsgi
volumes:
- name: config
secret:
secretName: keystone-config
- name: fernet-keys
secret:
secretName: keystone-fernet
- name: credential-keys
secret:
secretName: keystone-credential
- name: uwsgi-config
configMap:
defaultMode: 420
name: uwsgi-default
{% if 'nodeSelector' in spec %}
nodeSelector:
{{ spec.nodeSelector | to_yaml | indent(8) }}
{% endif %}
{% if 'tolerations' in spec %}
tolerations:
{{ spec.tolerations | to_yaml | indent(8) }}
{% endif %}
{% if 'hostAliases' in spec %}
hostAliases:
{{ spec.hostAliases | to_yaml | indent(8) }}
{% endif %}
View Git Blame Copy Permalink