Browse Source

Merge "Add support for docker registry"

changes/53/285853/5
Jenkins 6 years ago committed by Gerrit Code Review
parent
commit
ef399879b4
  1. 17
      magnum/conductor/template_definition.py
  2. 2
      magnum/opts.py
  3. 12
      magnum/templates/kubernetes/fragments/configure-docker-registry.sh
  4. 9
      magnum/templates/kubernetes/fragments/write-heat-params.yaml
  5. 45
      magnum/templates/kubernetes/kubecluster.yaml
  6. 41
      magnum/templates/kubernetes/kubeminion.yaml
  7. 62
      magnum/tests/unit/conductor/handlers/test_k8s_bay_conductor.py
  8. 2
      magnum/tests/unit/conductor/test_template_definition.py

17
magnum/conductor/template_definition.py

@ -64,8 +64,18 @@ template_def_opts = [
help=_('Enabled bay definition entry points.')),
]
docker_registry_opts = [
cfg.StrOpt('swift_region',
help=_('Region name of Swift')),
cfg.StrOpt('swift_registry_container',
default='docker_registry',
help=_('Name of the container in Swift which docker registry '
'stores images in'))
]
CONF = cfg.CONF
CONF.register_opts(template_def_opts, group='bay')
CONF.register_opts(docker_registry_opts, group='docker_registry')
CONF.import_opt('trustee_domain_id', 'magnum.common.keystone', group='trust')
@ -447,6 +457,8 @@ class K8sTemplateDefinition(BaseTemplateDefinition):
self.add_parameter('tls_disabled',
baymodel_attr='tls_disabled',
required=True)
self.add_parameter('registry_enabled',
baymodel_attr='registry_enabled')
self.add_output('api_address',
bay_attr='api_address',
@ -475,6 +487,11 @@ class K8sTemplateDefinition(BaseTemplateDefinition):
for label in label_list:
extra_params[label] = baymodel.labels.get(label)
if baymodel.registry_enabled:
extra_params['swift_region'] = CONF.docker_registry.swift_region
extra_params['registry_container'] = (
CONF.docker_registry.swift_registry_container)
return super(K8sTemplateDefinition,
self).get_params(context, baymodel, bay,
extra_params=extra_params,

2
magnum/opts.py

@ -60,4 +60,6 @@ def list_opts():
)),
('baymodel', magnum.api.validation.baymodel_opts),
('keystone_auth', magnum.common.keystone.keystone_auth_opts),
('docker_registry',
magnum.conductor.template_definition.docker_registry_opts)
]

12
magnum/templates/kubernetes/fragments/configure-docker-registry.sh

@ -15,12 +15,12 @@ storage:
cache:
layerinfo: inmemory
swift:
authurl: "$REGISTRY_AUTH_URL"
region: "$REGISTRY_REGION"
username: "$REGISTRY_USERNAME"
password: "$REGISTRY_PASSWORD"
domain: "$REGISTRY_DOMAIN"
trustid: "$REGISTRY_TRUST_ID"
authurl: "$AUTH_URL"
region: "$SWIFT_REGION"
username: "$TRUSTEE_USERNAME"
password: "$TRUSTEE_PASSWORD"
domainid: "$TRUSTEE_DOMAIN_ID"
trustid: "$TRUST_ID"
container: "$REGISTRY_CONTAINER"
insecureskipverify: $REGISTRY_INSECURE
chunksize: $REGISTRY_CHUNKSIZE

9
magnum/templates/kubernetes/fragments/write-heat-params.yaml

@ -14,12 +14,7 @@ write_files:
NETWORK_DRIVER="$NETWORK_DRIVER"
REGISTRY_ENABLED="$REGISTRY_ENABLED"
REGISTRY_PORT="$REGISTRY_PORT"
REGISTRY_AUTH_URL="$REGISTRY_AUTH_URL"
REGISTRY_REGION="$REGISTRY_REGION"
REGISTRY_USERNAME="$REGISTRY_USERNAME"
REGISTRY_PASSWORD="$REGISTRY_PASSWORD"
REGISTRY_DOMAIN="$REGISTRY_DOMAIN"
REGISTRY_TRUST_ID="$REGISTRY_TRUST_ID"
SWIFT_REGION="$SWIFT_REGION"
REGISTRY_CONTAINER="$REGISTRY_CONTAINER"
REGISTRY_INSECURE="$REGISTRY_INSECURE"
REGISTRY_CHUNKSIZE="$REGISTRY_CHUNKSIZE"
@ -38,6 +33,8 @@ write_files:
WAIT_CURL="$WAIT_CURL"
KUBE_VERSION="$KUBE_VERSION"
TRUSTEE_USER_ID="$TRUSTEE_USER_ID"
TRUSTEE_USERNAME="$TRUSTEE_USERNAME"
TRUSTEE_PASSWORD="$TRUSTEE_PASSWORD"
TRUSTEE_DOMAIN_ID="$TRUSTEE_DOMAIN_ID"
TRUST_ID="$TRUST_ID"
AUTH_URL="$AUTH_URL"

45
magnum/templates/kubernetes/kubecluster.yaml

@ -125,37 +125,10 @@ parameters:
description: port of registry service
default: 5000
registry_username:
type: string
description: username used by docker registry
default: "username"
registry_password:
type: string
description: password used by docker registry
default: "password"
hidden: true
registry_domain:
type: string
description: domain used by docker registry
default: "domain"
registry_trust_id:
type: string
description: trust_id used by docker registry
default: "trust_id"
hidden: true
registry_auth_url:
type: string
description: auth_url for keystone
default: "auth_url"
registry_region:
swift_region:
type: string
description: region of swift service
default: "region"
default: ""
registry_container:
type: string
@ -250,28 +223,23 @@ parameters:
trustee_domain_id:
type: string
description: domain id of the trustee
default: ""
trustee_user_id:
type: string
description: user id of the trustee
default: ""
trustee_username:
type: string
description: username of the trustee
default: ""
trustee_password:
type: string
description: password of the trustee
default: ""
hidden: true
trust_id:
type: string
description: id of the trust which is used by the trustee
default: ""
hidden: true
auth_url:
@ -496,12 +464,7 @@ resources:
wait_condition_timeout: {get_param: wait_condition_timeout}
registry_enabled: {get_param: registry_enabled}
registry_port: {get_param: registry_port}
registry_username: {get_param: registry_username}
registry_password: {get_param: registry_password}
registry_domain: {get_param: registry_domain}
registry_trust_id: {get_param: registry_trust_id}
registry_auth_url: {get_param: registry_auth_url}
registry_region: {get_param: registry_region}
swift_region: {get_param: swift_region}
registry_container: {get_param: registry_container}
registry_insecure: {get_param: registry_insecure}
registry_chunksize: {get_param: registry_chunksize}
@ -521,7 +484,9 @@ resources:
no_proxy: {get_param: no_proxy}
kube_version: {get_param: kube_version}
trustee_user_id: {get_param: trustee_user_id}
trustee_username: {get_param: trustee_username}
trustee_password: {get_param: trustee_password}
trustee_domain_id: {get_param: trustee_domain_id}
trust_id: {get_param: trust_id}
auth_url: {get_param: auth_url}

41
magnum/templates/kubernetes/kubeminion.yaml

@ -92,29 +92,7 @@ parameters:
type: number
description: port of registry service
registry_username:
type: string
description: username used by docker registry
registry_password:
type: string
description: password used by docker registry
hidden: true
registry_domain:
type: string
description: domain used by docker registry
registry_trust_id:
type: string
description: trust_id used by docker registry
hidden: true
registry_auth_url:
type: string
description: auth_url for keystone
registry_region:
swift_region:
type: string
description: region of swift service
@ -183,10 +161,18 @@ parameters:
type: string
description: version of kubernetes used for kubernetes cluster
trustee_domain_id:
type: string
description: domain id of the trustee
trustee_user_id:
type: string
description: user id of the trustee
trustee_username:
type: string
description: username of the trustee
trustee_password:
type: string
description: password of the trustee
@ -236,12 +222,7 @@ resources:
$NETWORK_DRIVER: {get_param: network_driver}
$REGISTRY_ENABLED: {get_param: registry_enabled}
$REGISTRY_PORT: {get_param: registry_port}
$REGISTRY_AUTH_URL: {get_param: registry_auth_url}
$REGISTRY_REGION: {get_param: registry_region}
$REGISTRY_USERNAME: {get_param: registry_username}
$REGISTRY_PASSWORD: {get_param: registry_password}
$REGISTRY_DOMAIN: {get_param: registry_domain}
$REGISTRY_TRUST_ID: {get_param: registry_trust_id}
$SWIFT_REGION: {get_param: swift_region}
$REGISTRY_CONTAINER: {get_param: registry_container}
$REGISTRY_INSECURE: {get_param: registry_insecure}
$REGISTRY_CHUNKSIZE: {get_param: registry_chunksize}
@ -259,7 +240,9 @@ resources:
$NO_PROXY: {get_param: no_proxy}
$KUBE_VERSION: {get_param: kube_version}
$WAIT_CURL: {get_attr: [minion_wait_handle, curl_cli]}
$TRUSTEE_DOMAIN_ID: {get_param: trustee_domain_id}
$TRUSTEE_USER_ID: {get_param: trustee_user_id}
$TRUSTEE_USERNAME: {get_param: trustee_username}
$TRUSTEE_PASSWORD: {get_param: trustee_password}
$TRUST_ID: {get_param: trust_id}
$AUTH_URL: {get_param: auth_url}

62
magnum/tests/unit/conductor/handlers/test_k8s_bay_conductor.py

@ -44,7 +44,8 @@ class TestBayConductorWithK8s(base.TestCase):
'flannel_network_subnetlen': '26',
'flannel_backend': 'vxlan'},
'tls_disabled': False,
'server_type': 'vm'
'server_type': 'vm',
'registry_enabled': False
}
self.bay_dict = {
'uuid': '5d12f6fd-a196-4bf0-ae4c-1f639a523a52',
@ -148,6 +149,7 @@ class TestBayConductorWithK8s(base.TestCase):
'magnum_url': self.mock_osc.magnum_url.return_value,
'region_name': self.mock_osc.cinder_region_name.return_value,
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': '3527620c-b220-4f37-9ebc-6e63a81a9b2f',
'trustee_username': 'fake_trustee',
'trustee_password': 'fake_trustee_password',
@ -160,6 +162,61 @@ class TestBayConductorWithK8s(base.TestCase):
self.assertEqual(expected, definition)
@patch('magnum.objects.BayModel.get_by_uuid')
def test_extract_template_definition_with_registry(
self,
mock_objects_baymodel_get_by_uuid):
self.baymodel_dict['registry_enabled'] = True
baymodel = objects.BayModel(self.context, **self.baymodel_dict)
mock_objects_baymodel_get_by_uuid.return_value = baymodel
bay = objects.Bay(self.context, **self.bay_dict)
cfg.CONF.set_override('swift_region',
'RegionOne',
group='docker_registry')
(template_path,
definition) = bay_conductor._extract_template_definition(self.context,
bay)
expected = {
'auth_url': 'http://192.168.10.10:5000/v3',
'bay_uuid': '5d12f6fd-a196-4bf0-ae4c-1f639a523a52',
'discovery_url': 'https://discovery.etcd.io/test',
'dns_nameserver': 'dns_nameserver',
'docker_volume_size': 20,
'external_network': 'external_network_id',
'flannel_backend': 'vxlan',
'flannel_network_cidr': '10.101.0.0/16',
'flannel_network_subnetlen': '26',
'http_proxy': 'http_proxy',
'https_proxy': 'https_proxy',
'magnum_url': 'http://127.0.0.1:9511/v1',
'master_flavor': 'master_flavor_id',
'minion_flavor': 'flavor_id',
'network_driver': 'network_driver',
'no_proxy': 'no_proxy',
'number_of_masters': 1,
'number_of_minions': 1,
'region_name': 'RegionOne',
'registry_container': 'docker_registry',
'registry_enabled': True,
'server_image': 'image_id',
'ssh_key_name': 'keypair_id',
'swift_region': 'RegionOne',
'tenant_name': 'fake_tenant',
'tls_disabled': False,
'trust_id': 'bd11efc5-d4e2-4dac-bbce-25e348ddf7de',
'trustee_domain_id': '3527620c-b220-4f37-9ebc-6e63a81a9b2f',
'trustee_password': 'fake_trustee_password',
'trustee_user_id': '7b489f04-b458-4541-8179-6a48a553e656',
'trustee_username': 'fake_trustee',
'username': 'fake_user',
'volume_driver': 'volume_driver'
}
self.assertEqual(expected, definition)
@patch('magnum.objects.BayModel.get_by_uuid')
def test_extract_template_definition_coreos_with_disovery(
self,
@ -192,6 +249,7 @@ class TestBayConductorWithK8s(base.TestCase):
'flannel_network_subnetlen': '26',
'flannel_backend': 'vxlan',
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': '3527620c-b220-4f37-9ebc-6e63a81a9b2f',
'trustee_username': 'fake_trustee',
'trustee_password': 'fake_trustee_password',
@ -238,6 +296,7 @@ class TestBayConductorWithK8s(base.TestCase):
'flannel_network_subnetlen': '26',
'flannel_backend': 'vxlan',
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': '3527620c-b220-4f37-9ebc-6e63a81a9b2f',
'trustee_username': 'fake_trustee',
'trustee_password': 'fake_trustee_password',
@ -358,6 +417,7 @@ class TestBayConductorWithK8s(base.TestCase):
'magnum_url': self.mock_osc.magnum_url.return_value,
'region_name': self.mock_osc.cinder_region_name.return_value,
'tls_disabled': False,
'registry_enabled': False,
'trustee_domain_id': '3527620c-b220-4f37-9ebc-6e63a81a9b2f',
'trustee_username': 'fake_trustee',
'trustee_password': 'fake_trustee_password',

2
magnum/tests/unit/conductor/test_template_definition.py

@ -175,6 +175,7 @@ class AtomicK8sTemplateDefinitionTestCase(base.TestCase):
mock_context.auth_token = 'AUTH_TOKEN'
mock_baymodel = mock.MagicMock()
mock_baymodel.tls_disabled = False
mock_baymodel.registry_enabled = False
mock_bay = mock.MagicMock()
mock_bay.uuid = '5d12f6fd-a196-4bf0-ae4c-1f639a523a52'
del mock_bay.stack_id
@ -227,6 +228,7 @@ class AtomicK8sTemplateDefinitionTestCase(base.TestCase):
mock_context.auth_token = 'AUTH_TOKEN'
mock_baymodel = mock.MagicMock()
mock_baymodel.tls_disabled = True
mock_baymodel.registry_enabled = False
mock_bay = mock.MagicMock()
mock_bay.uuid = '5d12f6fd-a196-4bf0-ae4c-1f639a523a52'
del mock_bay.stack_id

Loading…
Cancel
Save