Retire openstack-helm-addons repository
This change removes the context from the openstack-helm-addons repository as part of the effort to retire the repo. Change-Id: I25603f95f54d88293623206b4d56a109d3b3a5c3
This commit is contained in:
parent
cc264e59f6
commit
5ad8824fca
|
@ -1,70 +0,0 @@
|
|||
*.py[cod]
|
||||
|
||||
# C extensions
|
||||
*.so
|
||||
|
||||
# Packages
|
||||
*.egg*
|
||||
*.egg-info
|
||||
dist
|
||||
build
|
||||
eggs
|
||||
parts
|
||||
var
|
||||
sdist
|
||||
develop-eggs
|
||||
.installed.cfg
|
||||
lib
|
||||
lib64
|
||||
|
||||
# Installer logs
|
||||
pip-log.txt
|
||||
|
||||
# Unit test / coverage reports
|
||||
cover/
|
||||
.coverage*
|
||||
!.coveragerc
|
||||
.tox
|
||||
nosetests.xml
|
||||
.testrepository
|
||||
.venv
|
||||
|
||||
# Translations
|
||||
*.mo
|
||||
|
||||
# Mr Developer
|
||||
.mr.developer.cfg
|
||||
.project
|
||||
.pydevproject
|
||||
|
||||
# Complexity
|
||||
output/*.html
|
||||
output/*/index.html
|
||||
|
||||
# Sphinx
|
||||
doc/build
|
||||
|
||||
# pbr generates these
|
||||
AUTHORS
|
||||
ChangeLog
|
||||
|
||||
# Editors
|
||||
*~
|
||||
.*.swp
|
||||
.*sw?
|
||||
|
||||
# Files created by releasenotes build
|
||||
releasenotes/build
|
||||
|
||||
# Dev tools
|
||||
.idea/
|
||||
dev/.vagrant
|
||||
|
||||
# Helm internals
|
||||
*.lock
|
||||
*/*.lock
|
||||
*.tgz
|
||||
**/*.tgz
|
||||
**/_partials.tpl
|
||||
**/_globals.tpl
|
||||
dev/*.log
|
|
@ -1,19 +0,0 @@
|
|||
The source repository for this project can be found at:
|
||||
|
||||
https://opendev.org/openstack/openstack-helm-addons
|
||||
|
||||
Pull requests submitted through GitHub are not monitored.
|
||||
|
||||
To start contributing to OpenStack, follow the steps in the contribution guide
|
||||
to set up and use Gerrit:
|
||||
|
||||
https://docs.openstack.org/contributors/code-and-documentation/quick-start.html
|
||||
|
||||
Bugs should be filed on StoryBoard:
|
||||
|
||||
https://storyboard.openstack.org/#!/project/openstack/openstack-helm-addons
|
||||
|
||||
For more specific information about contributing to this repository, see the
|
||||
openstack-helm contributor guide:
|
||||
|
||||
https://docs.openstack.org/openstack-helm/latest/contributor/contributing.html
|
201
LICENSE
201
LICENSE
|
@ -1,201 +0,0 @@
|
|||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "{}"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright {yyyy} {name of copyright owner}
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
66
Makefile
66
Makefile
|
@ -1,66 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# It's necessary to set this because some environments don't link sh -> bash.
|
||||
SHELL := /bin/bash
|
||||
|
||||
HELM := helm
|
||||
TASK := build
|
||||
|
||||
EXCLUDES := helm-toolkit doc tests tools logs tmp influxdb kafka \
|
||||
keystone-init monasca-agent monasca-alarms monasca mysql-users-init storm \
|
||||
zookeeper zuul.d releasenotes
|
||||
CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
|
||||
|
||||
.PHONY: $(EXCLUDES) $(CHARTS)
|
||||
|
||||
all: $(CHARTS)
|
||||
|
||||
$(CHARTS):
|
||||
@echo
|
||||
@echo "===== Processing [$@] chart ====="
|
||||
@make $(TASK)-$@
|
||||
|
||||
init-%:
|
||||
if [ -f $*/Makefile ]; then make -C $*; fi
|
||||
if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
|
||||
|
||||
lint-%: init-%
|
||||
if [ -d $* ]; then $(HELM) lint $*; fi
|
||||
|
||||
build-%: lint-%
|
||||
if [ -d $* ]; then $(HELM) package $*; fi
|
||||
|
||||
# This is used exclusively with helm3 building in the gate to publish
|
||||
package-%: init-%
|
||||
if [ -d $* ]; then $(HELM) package $*; fi
|
||||
|
||||
clean:
|
||||
@echo "Removed .b64, _partials.tpl, and _globals.tpl files"
|
||||
rm -f helm-toolkit/secrets/*.b64
|
||||
rm -f */templates/_partials.tpl
|
||||
rm -f */templates/_globals.tpl
|
||||
rm -f *tgz */charts/*tgz
|
||||
rm -f */requirements.lock
|
||||
-rm -rf */charts */tmpcharts
|
||||
|
||||
pull-all-images:
|
||||
@./tools/pull-images.sh
|
||||
|
||||
pull-images:
|
||||
@./tools/pull-images.sh $(filter-out $@,$(MAKECMDGOALS))
|
||||
|
||||
dev-deploy:
|
||||
@./tools/gate/devel/start.sh $(filter-out $@,$(MAKECMDGOALS))
|
||||
|
||||
%:
|
||||
@:
|
34
README.rst
34
README.rst
|
@ -2,31 +2,13 @@
|
|||
Openstack-Helm-Addons
|
||||
=====================
|
||||
|
||||
Mission
|
||||
-------
|
||||
This project is no longer maintained.
|
||||
|
||||
The goal of OpenStack-Helm-Addons is to provide charts for services to enhance
|
||||
or provide additional features for the charts in OpenStack-Helm.
|
||||
The contents of this repository are still available in the Git
|
||||
source code management system. To see the contents of this
|
||||
repository before it reached its end of life, please check out the
|
||||
previous commit with "git checkout HEAD^1".
|
||||
|
||||
For more information, please refer to the OpenStack-Helm repository_.
|
||||
|
||||
.. _repository: https://github.com/openstack/openstack-helm
|
||||
|
||||
Communication
|
||||
-------------
|
||||
|
||||
* Join us on `IRC <irc://chat.oftc.net/openstack-helm>`_:
|
||||
#openstack-helm on oftc
|
||||
* Community `IRC Meetings
|
||||
<http://eavesdrop.openstack.org/#OpenStack-Helm_Team_Meeting>`_:
|
||||
[Every Tuesday @ 3PM UTC], #openstack-meeting-alt on oftc
|
||||
* Meeting Agenda Items: `Agenda
|
||||
<https://etherpad.openstack.org/p/openstack-helm-meeting-agenda>`_
|
||||
* Join us on `Slack <https://kubernetes.slack.com/messages/C3WERB7DE/>`_
|
||||
- #openstack-helm
|
||||
|
||||
Contributing
|
||||
------------
|
||||
|
||||
We welcome contributions. Check out `this <CONTRIBUTING.rst>`_ document if
|
||||
you would like to get involved.
|
||||
For any further questions, please email
|
||||
openstack-discuss@lists.openstack.org or join #openstack-dev on
|
||||
OFTC.
|
||||
|
|
|
@ -1,22 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
apiVersion: v1
|
||||
appVersion: 5.11.1
|
||||
description: OpenStack-Helm Artifactory
|
||||
home: https://opendev.org/openstack/openstack-helm-addons
|
||||
name: artifactory
|
||||
version: 0.1.3
|
||||
sources:
|
||||
- https://opendev.org/openstack/openstack-helm-addons
|
||||
maintainers:
|
||||
- name: OpenStack-Helm Authors
|
|
@ -1,16 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: http://localhost:8879/charts
|
||||
version: ">= 0.1.0"
|
|
@ -1,27 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_bin }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: artifactory-bin
|
||||
data:
|
||||
db-init.py: |
|
||||
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
|
||||
db-drop.py: |
|
||||
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
|
||||
{{- end }}
|
|
@ -1,25 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: artifactory-extra-etc
|
||||
data:
|
||||
db.properties: |
|
||||
{{ tuple "etc/_db.properties.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
|
@ -1,17 +0,0 @@
|
|||
# this is minimalist db.properties file for running artifactory via
|
||||
# helm talking to mysql
|
||||
#
|
||||
# it should be made available to the artifactory user and writable as
|
||||
# it will be updated with an encrypted password
|
||||
|
||||
type=mysql
|
||||
driver=com.mysql.jdbc.Driver
|
||||
{{ if .Values.endpoints.oslo_db.namespace }}
|
||||
# known namespace, using fqdn
|
||||
url=jdbc:mysql://{{- .Values.endpoints.oslo_db.hosts.default -}}.{{- .Values.endpoints.oslo_db.namespace -}}.svc.cluster.local:{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}{{- .Values.endpoints.oslo_db.path -}}?characterEncoding=UTF-8&elideSetAutoCommits=true
|
||||
{{ else }}
|
||||
# namespace not given, do not not use fqdn
|
||||
url=jdbc:mysql://{{- .Values.endpoints.oslo_db.hosts.default -}}:{{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}{{- .Values.endpoints.oslo_db.path -}}?characterEncoding=UTF-8&elideSetAutoCommits=true
|
||||
{{ end }}
|
||||
username={{ .Values.endpoints.oslo_db.auth.artifactory.username }}
|
||||
password={{ .Values.endpoints.oslo_db.auth.artifactory.password }}
|
|
@ -1,19 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.job_db_drop }}
|
||||
{{- $dbToDrop := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.artifactory -}}
|
||||
{{- $dbDropJob := dict "envAll" . "serviceName" "artifactory" "dbToDrop" $dbToDrop -}}
|
||||
{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
|
||||
{{- end }}
|
|
@ -1,19 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.job_db_init }}
|
||||
{{- $dbToInit := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.artifactory -}}
|
||||
{{- $dbInitJob := dict "envAll" . "serviceName" "artifactory" "dbToInit" $dbToInit -}}
|
||||
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
|
||||
{{- end }}
|
|
@ -1,18 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "artifactory" -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
|
@ -1,26 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_db_creds }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: artifactory-db-creds
|
||||
type: Opaque
|
||||
data:
|
||||
DB_USERNAME: {{ .Values.endpoints.oslo_db.auth.artifactory.username | b64enc }}
|
||||
DB_PASSWORD: {{ .Values.endpoints.oslo_db.auth.artifactory.password | b64enc }}
|
||||
{{- end }}
|
|
@ -1,28 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_db }}
|
||||
{{- $envAll := . }}
|
||||
{{- range $key1, $userClass := tuple "admin" "artifactory" }}
|
||||
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
type: Opaque
|
||||
data:
|
||||
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -1,54 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.service }}
|
||||
|
||||
{{- $envAll := . }}
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "cicd" "default" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
spec:
|
||||
ports:
|
||||
- name: artifactoryhttp
|
||||
{{ if and .Values.network.node_ports.enabled .Values.network.http.port }}
|
||||
nodePort: {{ .Values.network.http.node_port }}
|
||||
{{ end }}
|
||||
port: {{ .Values.network.http.port }}
|
||||
protocol: TCP
|
||||
targetPort: 8081
|
||||
- name: artifactorydocker
|
||||
{{ if and .Values.network.node_ports.enabled .Values.network.docker.port }}
|
||||
nodePort: {{ .Values.network.docker.node_port }}
|
||||
{{ end }}
|
||||
port: {{ .Values.network.docker.port }}
|
||||
protocol: TCP
|
||||
targetPort: 5050
|
||||
- name: artifactorysecure
|
||||
{{ if and .Values.network.node_ports.enabled .Values.network.docker.port }}
|
||||
nodePort: {{ .Values.network.secure.node_port }}
|
||||
{{ end }}
|
||||
port: {{ .Values.network.secure.port }}
|
||||
protocol: TCP
|
||||
targetPort: 5052
|
||||
selector:
|
||||
{{ tuple $envAll "artifactory" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
sessionAffinity: None
|
||||
{{ if .Values.network.node_ports.enabled }}
|
||||
type: NodePort
|
||||
{{ else }}
|
||||
type: ClusterIP
|
||||
{{ end }}
|
||||
|
||||
{{ end }}
|
|
@ -1,91 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.statefulset }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: StatefulSet
|
||||
metadata:
|
||||
name: artifactory
|
||||
spec:
|
||||
serviceName: artifactory
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ tuple $envAll "artifactory" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "artifactory" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
annotations:
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
spec:
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
|
||||
containers:
|
||||
- name: artifactory
|
||||
image: {{ .Values.images.tags.artifactory }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.artifactory | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
env:
|
||||
- name: DB_TYPE
|
||||
value: mysql
|
||||
- name: DB_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: artifactory-db-creds
|
||||
key: DB_USERNAME
|
||||
- name: DB_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: artifactory-db-creds
|
||||
key: DB_PASSWORD
|
||||
- name: DB_HOST
|
||||
value: {{ .Values.endpoints.oslo_db.hosts.default }}
|
||||
- name: EXTRA_JAVA_OPTIONS
|
||||
value: {{ .Values.conf.artifactory.env.java_opts }}
|
||||
{{ if .Values.bootstrap.master_key }}
|
||||
- name: ARTIFACTORY_MASTER_KEY
|
||||
value: {{ .Values.bootstrap.master_key }}
|
||||
{{ end }}
|
||||
ports:
|
||||
- containerPort: 8081
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: artifactory-extra-etc
|
||||
mountPath: /artifactory_extra_conf/db.properties
|
||||
subPath: db.properties
|
||||
- name: artifactory-data
|
||||
mountPath: /var/opt/jfrog/artifactory
|
||||
volumes:
|
||||
- name: artifactory-extra-etc
|
||||
configMap:
|
||||
name: artifactory-extra-etc
|
||||
- name: artifactory-bin
|
||||
configMap:
|
||||
name: artifactory-bin
|
||||
defaultMode: 0555
|
||||
volumeClaimTemplates:
|
||||
- metadata:
|
||||
name: artifactory-data
|
||||
spec:
|
||||
accessModes: ["ReadWriteOnce"]
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.storage.requests.storage }}
|
||||
storageClassName: {{ .Values.storage.storage_class }}
|
||||
{{- end }}
|
|
@ -1,172 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
---
|
||||
images:
|
||||
tags:
|
||||
artifactory: quay.io/attcomdev/artifactory-pro-mysql:5.11.1
|
||||
db_drop: docker.io/openstackhelm/heat:newton-ubuntu_xenial
|
||||
db_init: docker.io/openstackhelm/heat:newton-ubuntu_xenial
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
pull_policy: "IfNotPresent"
|
||||
local_registry:
|
||||
active: false
|
||||
exclude:
|
||||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
labels:
|
||||
job:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
server:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
common:
|
||||
local_image_registry:
|
||||
jobs:
|
||||
- artifactory-image-repo-sync
|
||||
services:
|
||||
- endpoint: node
|
||||
service: local_image_registry
|
||||
static:
|
||||
db_drop:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: oslo_db
|
||||
db_init:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: oslo_db
|
||||
server:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: oslo_cache
|
||||
- endpoint: internal
|
||||
service: oslo_db
|
||||
|
||||
pod:
|
||||
lifecycle:
|
||||
upgrades:
|
||||
deployments:
|
||||
revision_history: 1
|
||||
pod_replacement_strategy: RollingUpdate
|
||||
rolling_update:
|
||||
max_unavailable: 1
|
||||
max_surge: 1
|
||||
resources:
|
||||
enabled: false
|
||||
artifactory:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "2048Mi"
|
||||
cpu: "2000m"
|
||||
jobs:
|
||||
db_init:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
db_drop:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
image_repo_sync:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
secrets:
|
||||
oslo_db:
|
||||
admin: artifactory-db-admin
|
||||
artifactory: artifactory-db-user
|
||||
|
||||
# typically overridden by environmental values, but should include all
|
||||
# endpoints required by this chart
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
cicd:
|
||||
name: artifactory
|
||||
hosts:
|
||||
default: artifactory
|
||||
oslo_db:
|
||||
namespace: null
|
||||
auth:
|
||||
admin:
|
||||
username: root
|
||||
password: password
|
||||
artifactory:
|
||||
username: artifactory
|
||||
password: password
|
||||
hosts:
|
||||
default: mariadb
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path: /artifactory
|
||||
scheme: mysql+pymysql
|
||||
port:
|
||||
mysql:
|
||||
default: 3306
|
||||
|
||||
# bootstrap/seed artifactory configuration
|
||||
bootstrap:
|
||||
master_key: null
|
||||
|
||||
network:
|
||||
docker:
|
||||
node_port: 31777
|
||||
port: 5050
|
||||
http:
|
||||
node_port: 31672
|
||||
port: 8081
|
||||
node_ports:
|
||||
enabled: false
|
||||
secure:
|
||||
node_port: 31776
|
||||
port: 5052
|
||||
|
||||
storage:
|
||||
requests:
|
||||
storage: 100Gi
|
||||
storage_class: general
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_etc: true
|
||||
job_db_drop: false
|
||||
job_db_init: true
|
||||
job_image_repo_sync: true
|
||||
pvc_artifactory: true
|
||||
secret_db: true
|
||||
secret_db_creds: true
|
||||
service: true
|
||||
statefulset: true
|
||||
|
||||
conf:
|
||||
artifactory:
|
||||
env:
|
||||
java_opts: "-Xms512m -Xmx2g"
|
||||
...
|
|
@ -1,7 +0,0 @@
|
|||
# The order of packages is significant, because pip processes them in the order
|
||||
# of appearance. Changing the order has an impact on the overall integration
|
||||
# process, which may cause wedges in the gate later.
|
||||
sphinx>=2.0.0,!=2.1.0 # BSD
|
||||
sphinxcontrib-blockdiag>=1.1.0
|
||||
openstackdocstheme>=2.2.1 # Apache-2.0
|
||||
reno>=3.1.0 # Apache-2.0
|
|
@ -1,26 +0,0 @@
|
|||
# Copyright 2019, AT&T Intellectual Property
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: |
|
||||
A Helm chart to deploy mini-mirror, a custom repository mirroring service.
|
||||
home: https://git.openstack.org/openstack/openstack-helm-addons
|
||||
name: mini-mirror
|
||||
version: 0.1.1
|
||||
sources:
|
||||
- https://github.com/nginx/nginx
|
||||
- https://git.openstack.org/openstack/openstack-helm-addons
|
||||
maintainers:
|
||||
- name: OpenStack-Helm Authors
|
|
@ -1,18 +0,0 @@
|
|||
# Copyright 2019, AT&T Intellectual Property
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: http://localhost:8879/charts
|
||||
version: ">= 0.1.0"
|
|
@ -1,31 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- $envAll := . -}}
|
||||
|
||||
set -xe
|
||||
|
||||
rm /etc/apt/sources.list
|
||||
tee /etc/apt/sources.list << EOF
|
||||
{{- $components := include "helm-toolkit.utils.joinListWithSpace" .Values.conf.test.components -}}
|
||||
{{ range .Values.conf.test.dists }}
|
||||
deb [ allow-insecure=yes ] {{ tuple "api" "public" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }} {{ . }} {{ $components -}}
|
||||
{{ end }}
|
||||
EOF
|
||||
|
||||
apt-get update
|
|
@ -1,27 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_bin }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: mini-mirror-bin
|
||||
data:
|
||||
helm-test.sh: |
|
||||
{{ tuple "bin/_helm_test.sh.tpl" $envAll | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
|
@ -1,26 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: mini-mirror-etc
|
||||
data:
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf") | indent 2 }}
|
||||
{{- end }}
|
|
@ -1,69 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.deployment_mini_mirror }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: mini-mirror
|
||||
annotations:
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||
labels:
|
||||
{{ tuple $envAll "mini-mirror" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.pod.replicas.api }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ tuple $envAll "mini-mirror" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "mini-mirror" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
annotations:
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
|
||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
{{ dict "envAll" $envAll "podName" "mini-mirror" "containerNames" (list "mini-mirror-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
|
||||
spec:
|
||||
{{ dict "envAll" $envAll "application" "mini_mirror" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
|
||||
containers:
|
||||
- name: mini-mirror-api
|
||||
{{ tuple $envAll "mini-mirror" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ dict "envAll" $envAll "application" "mini_mirror" "container" "mini_mirror_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||
ports:
|
||||
- name: api
|
||||
containerPort: {{ tuple "api" "port" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{ if .Values.network.api.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.api.node_port.port }}
|
||||
{{ end }}
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
volumeMounts:
|
||||
- mountPath: /etc/nginx/conf.d
|
||||
name: nginx-config
|
||||
readOnly: true
|
||||
{{ end }}
|
||||
volumes:
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
- name: nginx-config
|
||||
configMap:
|
||||
name: mini-mirror-etc
|
||||
{{ end }}
|
||||
{{ end }}
|
|
@ -1,20 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.ingress .Values.network.api.ingress.public }}
|
||||
{{- $ingressOpts := dict "envAll" . "backendServiceType" "api" "backendPort" "api" -}}
|
||||
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
||||
{{- end }}
|
|
@ -1,20 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mini-mirror" -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
|
@ -1,53 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.helm_test }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: mini-mirror-test
|
||||
labels:
|
||||
{{ tuple $envAll "mini-mirror" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||
{{ dict "envAll" $envAll "podName" "mini-mirror-test" "containerNames" (list "mini-mirror-helm-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
|
||||
spec:
|
||||
nodeSelector:
|
||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
||||
restartPolicy: Never
|
||||
containers:
|
||||
- name: mini-mirror-helm-test
|
||||
{{ tuple $envAll "helm-test" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
|
||||
command:
|
||||
- /tmp/helm-test.sh
|
||||
env:
|
||||
- name: NO_PROXY
|
||||
value: 127.0.0.1,.svc.cluster.local
|
||||
volumeMounts:
|
||||
- name: mini-mirror-bin
|
||||
mountPath: /tmp/helm-test.sh
|
||||
subPath: helm-test.sh
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: mini-mirror-bin
|
||||
configMap:
|
||||
name: mini-mirror-bin
|
||||
defaultMode: 0555
|
||||
{{- end }}
|
|
@ -1,20 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_ingress_tls }}
|
||||
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "api" ) }}
|
||||
{{- end }}
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.service_ingress .Values.network.api.ingress.public }}
|
||||
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "api" -}}
|
||||
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
|
||||
{{- end }}
|
|
@ -1,41 +0,0 @@
|
|||
{{/*
|
||||
Copyright 2019, AT&T Intellectual Property
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.service_mini_mirror }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "api" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
spec:
|
||||
ports:
|
||||
- name: api
|
||||
{{ if .Values.network.api.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.api.node_port.port }}
|
||||
{{ end }}
|
||||
port: {{ tuple "api" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
protocol: TCP
|
||||
targetPort: 80
|
||||
selector:
|
||||
{{ tuple $envAll "mini-mirror" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
sessionAffinity: None
|
||||
{{ if .Values.network.api.node_port.enabled }}
|
||||
type: NodePort
|
||||
{{ else }}
|
||||
type: ClusterIP
|
||||
{{ end }}
|
||||
{{ end }}
|
|
@ -1,186 +0,0 @@
|
|||
# Copyright 2019, AT&T Intellectual Property
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
---
|
||||
images:
|
||||
tags:
|
||||
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
||||
helm-test: docker.io/ubuntu:18.04
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
mini-mirror: docker.io/openstackhelm/mini-mirror:latest-ubuntu_xenial
|
||||
pull_policy: "IfNotPresent"
|
||||
local_registry:
|
||||
active: false
|
||||
exclude:
|
||||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
labels:
|
||||
job:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
server:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
test:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
common:
|
||||
local_image_registry:
|
||||
jobs:
|
||||
- mini-mirror-image-repo-sync
|
||||
services:
|
||||
- endpoint: node
|
||||
service: local_image_registry
|
||||
static:
|
||||
image_repo_sync:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: local_image_registry
|
||||
|
||||
pod:
|
||||
affinity:
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
replicas:
|
||||
api: 2
|
||||
lifecycle:
|
||||
upgrades:
|
||||
deployments:
|
||||
revision_history: 3
|
||||
pod_replacement_strategy: RollingUpdate
|
||||
rolling_update:
|
||||
max_unavailable: 1
|
||||
max_surge: 3
|
||||
disruption_budget:
|
||||
api:
|
||||
min_available: 0
|
||||
security_context:
|
||||
mini_mirror:
|
||||
pod:
|
||||
runAsUser: 1000
|
||||
container:
|
||||
mini_mirror_api:
|
||||
readOnlyRootFilesystem: false
|
||||
runAsUser: 0
|
||||
resources:
|
||||
enabled: false
|
||||
api:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
jobs:
|
||||
image_repo_sync:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
name: docker-registry
|
||||
namespace: docker-registry
|
||||
hosts:
|
||||
default: localhost
|
||||
internal: docker-registry
|
||||
node: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
api:
|
||||
name: api
|
||||
hosts:
|
||||
default: mini-mirror-api
|
||||
public: mini-mirror
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
# NOTE(drewwalters96): this chart supports TLS for fqdn over-ridden
|
||||
# public endpoints using the following format:
|
||||
# public:
|
||||
# host: null
|
||||
# tls:
|
||||
# crt: null
|
||||
# key: null
|
||||
path:
|
||||
default: /
|
||||
scheme:
|
||||
default: http
|
||||
port:
|
||||
api:
|
||||
default: 8888
|
||||
public: 80
|
||||
|
||||
network:
|
||||
api:
|
||||
external_policy_local: false
|
||||
node_port:
|
||||
enabled: false
|
||||
port: 8888
|
||||
ingress:
|
||||
public: true
|
||||
classes:
|
||||
namespace: "nginx"
|
||||
cluster: "nginx-cluster"
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||
|
||||
secrets:
|
||||
tls:
|
||||
api:
|
||||
api:
|
||||
public: mini-mirror-tls-public
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_etc: true
|
||||
deployment_mini_mirror: true
|
||||
helm_test: true
|
||||
ingress: true
|
||||
job_image_repo_sync: true
|
||||
secret_ingress_tls: true
|
||||
service_ingress: true
|
||||
service_mini_mirror: true
|
||||
|
||||
conf:
|
||||
nginx: |
|
||||
server {
|
||||
root /srv;
|
||||
server_name nginx;
|
||||
|
||||
location / {
|
||||
autoindex on;
|
||||
}
|
||||
}
|
||||
test:
|
||||
# NOTE(drewwalters96): Used by the mini-mirror Helm test; should be valid
|
||||
# dists and components contained in the mini-mirror image.
|
||||
dists:
|
||||
- squeeze
|
||||
components:
|
||||
- main
|
||||
...
|
|
@ -1,9 +0,0 @@
|
|||
---
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
mini-mirror:
|
||||
mini-mirror-api: runtime/default
|
||||
mini-mirror-test:
|
||||
mini-mirror-helm-test: runtime/default
|
||||
...
|
|
@ -1,23 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: A helm chart to deploy prometheus-bot that sends prometheus alerts to telegram.
|
||||
home: https://github.com/inCaller/prometheus_bot
|
||||
name: prometheus-bot
|
||||
version: 0.1.1
|
||||
sources:
|
||||
- https://github.com/inCaller/prometheus_bot
|
||||
- https://git.openstack.org/openstack/openstack-helm-addons
|
||||
maintainers:
|
||||
- name: Openstack-Helm Authors
|
|
@ -1,16 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: http://localhost:8879/charts
|
||||
version: ">= 0.1.0"
|
|
@ -1,73 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: prometheus-bot
|
||||
annotations:
|
||||
labels:
|
||||
{{ tuple $envAll "prometheus-bot" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.pod.replicas.server }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ tuple $envAll "prometheus-bot" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "prometheus-bot" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
spec:
|
||||
hostNetwork: true
|
||||
affinity:
|
||||
{{ tuple $envAll "prometheus-bot" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.prometheus_bot.timeout | default "30" }}
|
||||
containers:
|
||||
- name: prometheus-bot
|
||||
{{ tuple $envAll "prometheus_bot" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
runAsUser: 0
|
||||
command:
|
||||
- /prometheus_bot
|
||||
- -c
|
||||
- config.yaml
|
||||
ports:
|
||||
- name: web
|
||||
containerPort: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 15
|
||||
periodSeconds: 10
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 180
|
||||
periodSeconds: 60
|
||||
timeoutSeconds: 5
|
||||
volumeMounts:
|
||||
- name: secret-telegram-token
|
||||
mountPath: /config.yaml
|
||||
subPath: config.yaml
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: secret-telegram-token
|
||||
secret:
|
||||
secretName: telegram-token
|
||||
defaultMode: 0444
|
|
@ -1,22 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: telegram-token
|
||||
stringData:
|
||||
config.yaml: |
|
||||
telegram_token: {{ .Values.telegram_token }}
|
||||
type: Opaque
|
|
@ -1,42 +0,0 @@
|
|||
{{/*
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "server" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
spec:
|
||||
ports:
|
||||
{{ if .Values.network.node_port.enabled }}
|
||||
- name: web
|
||||
protocol: TCP
|
||||
nodePort: {{ .Values.network.node_port.port }}
|
||||
port: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
targetPort: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{ else }}
|
||||
- name: web
|
||||
protocol: TCP
|
||||
port: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
targetPort: {{ tuple "server" "internal" "webhook" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{ end }}
|
||||
selector:
|
||||
{{ tuple $envAll "prometheus-bot" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
{{ if .Values.network.node_port.enabled }}
|
||||
type: NodePort
|
||||
{{ if .Values.network.external_policy_local }}
|
||||
externalTrafficPolicy: Local
|
||||
{{ end }}
|
||||
{{ end }}
|
|
@ -1,90 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# Default values for horizon.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare name/value pairs to be passed into your templates.
|
||||
# name: value
|
||||
|
||||
---
|
||||
images:
|
||||
tags:
|
||||
prometheus_bot: docker.io/sktdev/prometheus-bot:latest
|
||||
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
pull_policy: "IfNotPresent"
|
||||
local_registry:
|
||||
active: false
|
||||
exclude:
|
||||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
labels:
|
||||
server:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
network:
|
||||
external_policy_local: false
|
||||
node_port:
|
||||
enabled: false
|
||||
port: 33000
|
||||
|
||||
pod:
|
||||
affinity:
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
mounts:
|
||||
replicas:
|
||||
server: 1
|
||||
lifecycle:
|
||||
upgrades:
|
||||
deployments:
|
||||
revision_history: 3
|
||||
pod_replacement_strategy: RollingUpdate
|
||||
rolling_update:
|
||||
max_unavailable: 1
|
||||
max_surge: 3
|
||||
disruption_budget:
|
||||
prometheus_bot:
|
||||
min_available: 0
|
||||
termination_grace_period:
|
||||
prometheus_bot:
|
||||
timeout: 30
|
||||
resources:
|
||||
enabled: false
|
||||
server:
|
||||
requests:
|
||||
memory: "256Mi"
|
||||
cpu: "200m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
# typically overridden by environmental
|
||||
# values, but should include all endpoints
|
||||
# required by this chart
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
server:
|
||||
name: prometheus-bot
|
||||
hosts:
|
||||
default: prometheus-bot
|
||||
port:
|
||||
webhook:
|
||||
default: 9087
|
||||
|
||||
telegram_token: ''
|
||||
...
|
|
@ -1,14 +0,0 @@
|
|||
---
|
||||
branch: master
|
||||
collapse_pre_releases: false
|
||||
stop_at_branch_base: true
|
||||
sections:
|
||||
- [artifactory, artifactory Chart]
|
||||
- [mini-mirror, mini-mirror Chart]
|
||||
- [prometheus-bot, prometheus-bot Chart]
|
||||
- [features, New Features]
|
||||
- [issues, Known Issues]
|
||||
- [upgrade, Upgrade Notes]
|
||||
- [api, API Changes]
|
||||
- [security, Security Issues]
|
||||
- [fixes, Bug Fixes]
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
artifactory:
|
||||
- 0.1.0 Initial Chart
|
||||
- 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0"
|
||||
- 0.1.2 Fix helm3 linting issue
|
||||
- 0.1.3 Fix problem of lack of matchlabels
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
mini-mirror:
|
||||
- 0.1.0 Initial Chart
|
||||
- 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0"
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
prometheus-bot:
|
||||
- 0.1.0 Initial Chart
|
||||
- 0.1.1 Change helm-toolkit dependency version to ">= 0.1.0"
|
|
@ -1,33 +0,0 @@
|
|||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
# implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
# -- General configuration ------------------------------------------------
|
||||
# If your documentation needs a minimal Sphinx version, state it here.
|
||||
# needs_sphinx = '1.0'
|
||||
# Add any Sphinx extension module names here, as strings. They can be
|
||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||
# ones.
|
||||
extensions = [
|
||||
'openstackdocstheme',
|
||||
'reno.sphinxext',
|
||||
]
|
||||
# Add any paths that contain templates here, relative to this directory.
|
||||
templates_path = ['_templates']
|
||||
# The suffix of source filenames.
|
||||
source_suffix = '.rst'
|
||||
# The encoding of source files.
|
||||
# source_encoding = 'utf-8-sig'
|
||||
# The master toctree document.
|
||||
master_doc = 'index'
|
||||
# -- Options for Internationalization output ------------------------------
|
||||
locale_dirs = ['locale/']
|
|
@ -1,5 +0,0 @@
|
|||
==============================
|
||||
Current Series Release Notes
|
||||
==============================
|
||||
|
||||
.. release-notes::
|
|
@ -1,8 +0,0 @@
|
|||
====================================
|
||||
OpenStack-Helm-Addons Release Notes
|
||||
====================================
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 1
|
||||
|
||||
current
|
|
@ -1,21 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
CURRENT_DIR="$(pwd)"
|
||||
: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
|
||||
cd ${OSH_INFRA_PATH}
|
||||
./tools/deployment/common/005-deploy-k8s.sh
|
||||
cd ${CURRENT_DIR}
|
|
@ -1,16 +0,0 @@
|
|||
#!/bin/bash
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
export API_ADDR=$(kubectl get endpoints kubernetes -o json | jq -r '.subsets[0].addresses[0].ip')
|
||||
export API_PORT=$(kubectl get endpoints kubernetes -o json | jq -r '.subsets[0].ports[0].port')
|
|
@ -1,78 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# This script will generate a matrix of values-override file args to apply to
|
||||
# charts, in the gate and development environments. It will 1st produce a
|
||||
# consistenly ordered list of all permuations of filenames to try, and then
|
||||
# if a file matching this name exists in the `values_overrides` directory within
|
||||
# each chart, apply it upon install/upgrade.
|
||||
|
||||
set -e
|
||||
HELM_CHART="$1"
|
||||
: "${HELM_CHART_ROOT_PATH:="../openstack-helm-addons"}"
|
||||
: "${OPENSTACK_RELEASE:="train"}"
|
||||
: "${CONTAINER_DISTRO_NAME:="ubuntu"}"
|
||||
: "${CONTAINER_DISTRO_VERSION:="bionic"}"
|
||||
: "${FEATURE_GATES:=""}"
|
||||
OSH_FEATURE_MIX="${FEATURE_GATES},${OPENSTACK_RELEASE},${CONTAINER_DISTRO_NAME}_${CONTAINER_DISTRO_VERSION},${CONTAINER_DISTRO_NAME}"
|
||||
|
||||
function echoerr () {
|
||||
echo "$@" 1>&2;
|
||||
}
|
||||
|
||||
function generate_awk_exp_from_mask () {
|
||||
local POSITION=1
|
||||
for VALUE in $@; do
|
||||
[ "${VALUE}" -eq 1 ] && echo -n "print \$${POSITION};"
|
||||
POSITION=$((POSITION+1))
|
||||
done
|
||||
echo -e "\n"
|
||||
}
|
||||
|
||||
function combination () {
|
||||
POWER=$((2**$#))
|
||||
BITS="$(awk "BEGIN { while (c++ < $#) printf \"0\" }")"
|
||||
while [ "${POWER}" -gt 1 ];do
|
||||
POWER=$((POWER-1))
|
||||
BIN="$(bc <<< "obase=2; ${POWER}")"
|
||||
MASK="$(echo "${BITS}" | sed -e "s/0\{${#BIN}\}$/$BIN/" | grep -o .)"
|
||||
#NOTE: This line is odd, but written to support both BSD and GNU utils
|
||||
awk -v ORS="-" "{$(generate_awk_exp_from_mask "$MASK")}" <<< "$@" | awk 1 | sed 's/-$//'
|
||||
done
|
||||
}
|
||||
|
||||
function replace_variables() {
|
||||
for key in $(env); do
|
||||
local arr=( $(echo $key | awk -F'=' '{ print $1, $2 }') )
|
||||
sed -i "s#%%%REPLACE_${arr[0]}%%%#${arr[1]}#g" $@
|
||||
done
|
||||
}
|
||||
|
||||
function override_file_args () {
|
||||
OVERRIDE_ARGS=""
|
||||
echoerr "We will attempt to use values-override files with the following paths:"
|
||||
for FILE in $(combination ${1//,/ } | uniq | tac); do
|
||||
FILE_PATH="${HELM_CHART_ROOT_PATH}/${HELM_CHART}/values_overrides/${FILE}.yaml"
|
||||
if [ -f "${FILE_PATH}" ]; then
|
||||
replace_variables ${FILE_PATH}
|
||||
OVERRIDE_ARGS+=" --values=${FILE_PATH} "
|
||||
fi
|
||||
echoerr "${FILE_PATH}"
|
||||
done
|
||||
echo "${OVERRIDE_ARGS}"
|
||||
}
|
||||
|
||||
echoerr "We are going to deploy the service ${HELM_CHART} for the OpenStack ${OPENSTACK_RELEASE} release, using ${CONTAINER_DISTRO_NAME} (${CONTAINER_DISTRO_VERSION}) distribution containers."
|
||||
source ${HELM_CHART_ROOT_PATH}/tools/deployment/common/env-variables.sh
|
||||
override_file_args "${OSH_FEATURE_MIX}"
|
|
@ -1,23 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
sudo apt-get update
|
||||
sudo apt-get install --no-install-recommends -y \
|
||||
ca-certificates \
|
||||
git \
|
||||
make \
|
||||
jq \
|
||||
nmap \
|
||||
curl \
|
||||
uuid-runtime \
|
||||
bc \
|
||||
python3-pip
|
|
@ -1,59 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
|
||||
set -xe
|
||||
|
||||
# NOTE: Needs this version at least to fix a dependency on rust
|
||||
sudo -H -E pip3 install --upgrade pip==21.0.1
|
||||
|
||||
sudo -H -E pip3 install \
|
||||
-c${UPPER_CONSTRAINTS_FILE:=https://releases.openstack.org/constraints/upper/master} \
|
||||
cmd2 python-openstackclient python-heatclient --ignore-installed
|
||||
|
||||
sudo -H mkdir -p /etc/openstack
|
||||
sudo -H chown -R $(id -un): /etc/openstack
|
||||
FEATURE_GATE="tls"; if [[ ${FEATURE_GATES//,/ } =~ (^|[[:space:]])${FEATURE_GATE}($|[[:space:]]) ]]; then
|
||||
tee /etc/openstack/clouds.yaml << EOF
|
||||
clouds:
|
||||
openstack_helm:
|
||||
region_name: RegionOne
|
||||
identity_api_version: 3
|
||||
cacert: /etc/openstack-helm/certs/ca/ca.pem
|
||||
auth:
|
||||
username: 'admin'
|
||||
password: 'password'
|
||||
project_name: 'admin'
|
||||
project_domain_name: 'default'
|
||||
user_domain_name: 'default'
|
||||
auth_url: 'https://keystone.openstack.svc.cluster.local/v3'
|
||||
EOF
|
||||
else
|
||||
tee /etc/openstack/clouds.yaml << EOF
|
||||
clouds:
|
||||
openstack_helm:
|
||||
region_name: RegionOne
|
||||
identity_api_version: 3
|
||||
auth:
|
||||
username: 'admin'
|
||||
password: 'password'
|
||||
project_name: 'admin'
|
||||
project_domain_name: 'default'
|
||||
user_domain_name: 'default'
|
||||
auth_url: 'http://keystone.openstack.svc.cluster.local/v3'
|
||||
EOF
|
||||
fi
|
||||
|
||||
#NOTE: Build charts
|
||||
make all
|
|
@ -1,49 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
set -e
|
||||
|
||||
# From Kolla-Kubernetes, orginal authors Kevin Fox & Serguei Bezverkhi
|
||||
# Default wait timeout is 900 seconds
|
||||
end=$(date +%s)
|
||||
timeout=${2:-900}
|
||||
end=$((end + timeout))
|
||||
while true; do
|
||||
kubectl get pods --namespace=$1 -o json | jq -r \
|
||||
'.items[].status.phase' | grep Pending > /dev/null && \
|
||||
PENDING="True" || PENDING="False"
|
||||
query='.items[]|select(.status.phase=="Running")'
|
||||
query="$query|.status.containerStatuses[].ready"
|
||||
kubectl get pods --namespace=$1 -o json | jq -r "$query" | \
|
||||
grep false > /dev/null && READY="False" || READY="True"
|
||||
kubectl get jobs --namespace=$1 -o json | jq -r \
|
||||
'.items[] | .spec.completions == .status.succeeded' | \
|
||||
grep false > /dev/null && JOBR="False" || JOBR="True"
|
||||
[ $PENDING == "False" -a $READY == "True" -a $JOBR == "True" ] && \
|
||||
break || true
|
||||
sleep 5
|
||||
now=$(date +%s)
|
||||
if [ $now -gt $end ] ; then
|
||||
echo "Containers failed to start after $timeout seconds"
|
||||
echo
|
||||
kubectl get pods --namespace $1 -o wide
|
||||
echo
|
||||
if [ $PENDING == "True" ] ; then
|
||||
echo "Some pods are in pending state:"
|
||||
kubectl get pods --field-selector=status.phase=Pending -n $1 -o wide
|
||||
fi
|
||||
[ $READY == "False" ] && echo "Some pods are not ready"
|
||||
[ $JOBR == "False" ] && echo "Some jobs have not succeeded"
|
||||
exit -1
|
||||
fi
|
||||
done
|
|
@ -1,61 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_CEPH_NS_ACTIVATE:="$(./tools/deployment/common/get-values-overrides.sh ceph-provisioners)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} ceph-provisioners
|
||||
|
||||
#NOTE: Deploy command
|
||||
tee /tmp/ceph-openstack-config.yaml <<EOF
|
||||
endpoints:
|
||||
identity:
|
||||
namespace: openstack
|
||||
object_store:
|
||||
namespace: ceph
|
||||
ceph_mon:
|
||||
namespace: ceph
|
||||
network:
|
||||
public: 172.17.0.1/16
|
||||
cluster: 172.17.0.1/16
|
||||
deployment:
|
||||
storage_secrets: false
|
||||
ceph: false
|
||||
rbd_provisioner: false
|
||||
cephfs_provisioner: false
|
||||
client_secrets: true
|
||||
rgw_keystone_user_and_endpoints: false
|
||||
bootstrap:
|
||||
enabled: false
|
||||
conf:
|
||||
rgw_ks:
|
||||
enabled: true
|
||||
EOF
|
||||
helm upgrade --install ceph-openstack-config ${HELM_CHART_ROOT_PATH}/ceph-provisioners \
|
||||
--namespace=openstack \
|
||||
--values=/tmp/ceph-openstack-config.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_CEPH_NS_ACTIVATE}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
kubectl get -n openstack jobs
|
||||
kubectl get -n openstack secrets
|
||||
kubectl get -n openstack configmaps
|
|
@ -1,205 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
# Create loop back devices for ceph osds.
|
||||
sudo df -lh
|
||||
sudo lsblk
|
||||
sudo mkdir -p /var/lib/openstack-helm/ceph
|
||||
sudo truncate -s 10G /var/lib/openstack-helm/ceph/ceph-osd-data-loopbackfile.img
|
||||
sudo truncate -s 8G /var/lib/openstack-helm/ceph/ceph-osd-db-wal-loopbackfile.img
|
||||
sudo losetup /dev/loop0 /var/lib/openstack-helm/ceph/ceph-osd-data-loopbackfile.img
|
||||
sudo losetup /dev/loop1 /var/lib/openstack-helm/ceph/ceph-osd-db-wal-loopbackfile.img
|
||||
# lets check the devices
|
||||
sudo df -lh
|
||||
sudo lsblk
|
||||
#NOTE: Lint and package chart
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do
|
||||
make -C ${HELM_CHART_ROOT_PATH} "${CHART}"
|
||||
done
|
||||
|
||||
#NOTE: Deploy command
|
||||
[ -s /tmp/ceph-fs-uuid.txt ] || uuidgen > /tmp/ceph-fs-uuid.txt
|
||||
CEPH_FS_ID="$(cat /tmp/ceph-fs-uuid.txt)"
|
||||
#NOTE(portdirect): to use RBD devices with Ubuntu kernels < 4.5 this
|
||||
# should be set to 'hammer'
|
||||
. /etc/os-release
|
||||
if [ "x${ID}" == "xubuntu" ] && [ "$(uname -r | awk -F "." '{ print $2 }')" -lt "5" ]; then
|
||||
CRUSH_TUNABLES=hammer
|
||||
else
|
||||
CRUSH_TUNABLES=null
|
||||
fi
|
||||
tee /tmp/ceph.yaml <<EOF
|
||||
endpoints:
|
||||
identity:
|
||||
namespace: openstack
|
||||
object_store:
|
||||
namespace: ceph
|
||||
ceph_mon:
|
||||
namespace: ceph
|
||||
port:
|
||||
mon:
|
||||
default: 6789
|
||||
ceph_mgr:
|
||||
namespace: ceph
|
||||
port:
|
||||
mgr:
|
||||
default: 7000
|
||||
metrics:
|
||||
default: 9283
|
||||
network:
|
||||
public: 172.17.0.1/16
|
||||
cluster: 172.17.0.1/16
|
||||
deployment:
|
||||
storage_secrets: true
|
||||
ceph: true
|
||||
rbd_provisioner: true
|
||||
cephfs_provisioner: true
|
||||
client_secrets: false
|
||||
rgw_keystone_user_and_endpoints: false
|
||||
bootstrap:
|
||||
enabled: true
|
||||
conf:
|
||||
rgw_ks:
|
||||
enabled: true
|
||||
ceph:
|
||||
global:
|
||||
fsid: ${CEPH_FS_ID}
|
||||
mon_addr: :6789
|
||||
osd_pool_default_size: 1
|
||||
osd:
|
||||
osd_crush_chooseleaf_type: 0
|
||||
pool:
|
||||
crush:
|
||||
tunables: ${CRUSH_TUNABLES}
|
||||
target:
|
||||
osd: 1
|
||||
pg_per_osd: 100
|
||||
default:
|
||||
crush_rule: same_host
|
||||
spec:
|
||||
# RBD pool
|
||||
- name: rbd
|
||||
application: rbd
|
||||
replication: 1
|
||||
percent_total_data: 40
|
||||
# CephFS pools
|
||||
- name: cephfs_metadata
|
||||
application: cephfs
|
||||
replication: 1
|
||||
percent_total_data: 5
|
||||
- name: cephfs_data
|
||||
application: cephfs
|
||||
replication: 1
|
||||
percent_total_data: 10
|
||||
# RadosGW pools
|
||||
- name: .rgw.root
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.control
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.data.root
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.gc
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.log
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.intent-log
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.meta
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.usage
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.users.keys
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.users.email
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.users.swift
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.users.uid
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.buckets.extra
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 0.1
|
||||
- name: default.rgw.buckets.index
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 3
|
||||
- name: default.rgw.buckets.data
|
||||
application: rgw
|
||||
replication: 1
|
||||
percent_total_data: 34.8
|
||||
storage:
|
||||
osd:
|
||||
- data:
|
||||
type: bluestore
|
||||
location: /dev/loop0
|
||||
block_db:
|
||||
location: /dev/loop1
|
||||
size: "5GB"
|
||||
block_wal:
|
||||
location: /dev/loop1
|
||||
size: "2GB"
|
||||
pod:
|
||||
replicas:
|
||||
mds: 1
|
||||
mgr: 1
|
||||
rgw: 1
|
||||
EOF
|
||||
|
||||
for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do
|
||||
|
||||
helm upgrade --install ${CHART} ${HELM_CHART_ROOT_PATH}/${CHART} \
|
||||
--namespace=ceph \
|
||||
--values=/tmp/ceph.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_CEPH:-$(./tools/deployment/common/get-values-overrides.sh ${CHART})}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh ceph
|
||||
|
||||
#NOTE: Validate deploy
|
||||
MON_POD=$(kubectl get pods \
|
||||
--namespace=ceph \
|
||||
--selector="application=ceph" \
|
||||
--selector="component=mon" \
|
||||
--no-headers | awk '{ print $1; exit }')
|
||||
kubectl exec -n ceph ${MON_POD} -- ceph -s
|
||||
done
|
|
@ -1,62 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
|
||||
make -C ${OSH_INFRA_PATH} ceph-rgw
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
tee /tmp/radosgw-openstack.yaml <<EOF
|
||||
endpoints:
|
||||
identity:
|
||||
namespace: openstack
|
||||
object_store:
|
||||
namespace: openstack
|
||||
ceph_mon:
|
||||
namespace: ceph
|
||||
network:
|
||||
public: 172.17.0.1/16
|
||||
cluster: 172.17.0.1/16
|
||||
deployment:
|
||||
ceph: true
|
||||
rgw_keystone_user_and_endpoints: true
|
||||
storage_secrets: false
|
||||
rbd_provisioner: false
|
||||
client_secrets: false
|
||||
bootstrap:
|
||||
enabled: false
|
||||
conf:
|
||||
rgw_ks:
|
||||
enabled: true
|
||||
pod:
|
||||
replicas:
|
||||
rgw: 1
|
||||
EOF
|
||||
helm upgrade --install radosgw-openstack ${OSH_INFRA_PATH}/ceph-rgw \
|
||||
--namespace=openstack \
|
||||
--values=/tmp/radosgw-openstack.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_CEPH_RGW}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status radosgw-openstack
|
||||
sleep 30
|
||||
export OS_CLOUD=openstack_helm
|
||||
openstack service list
|
|
@ -1,89 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_INGRESS:="$(./tools/deployment/common/get-values-overrides.sh ingress)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} ingress
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
tee /tmp/ingress-kube-system.yaml << EOF
|
||||
deployment:
|
||||
mode: cluster
|
||||
type: DaemonSet
|
||||
network:
|
||||
host_namespace: true
|
||||
EOF
|
||||
|
||||
touch /tmp/ingress-component.yaml
|
||||
|
||||
if [ -n "${OSH_DEPLOY_MULTINODE}" ]; then
|
||||
tee --append /tmp/ingress-kube-system.yaml << EOF
|
||||
pod:
|
||||
replicas:
|
||||
error_page: 2
|
||||
EOF
|
||||
|
||||
tee /tmp/ingress-component.yaml << EOF
|
||||
pod:
|
||||
replicas:
|
||||
ingress: 2
|
||||
error_page: 2
|
||||
EOF
|
||||
fi
|
||||
|
||||
helm upgrade --install ingress-kube-system ${HELM_CHART_ROOT_PATH}/ingress \
|
||||
--namespace=kube-system \
|
||||
--values=/tmp/ingress-kube-system.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS_KUBE_SYSTEM}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh kube-system
|
||||
|
||||
#NOTE: Display info
|
||||
helm status ingress-kube-system
|
||||
|
||||
#NOTE: Deploy namespace ingress
|
||||
helm upgrade --install ingress-openstack ${HELM_CHART_ROOT_PATH}/ingress \
|
||||
--namespace=openstack \
|
||||
--values=/tmp/ingress-component.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS_OPENSTACK}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Display info
|
||||
helm status ingress-openstack
|
||||
|
||||
helm upgrade --install ingress-ceph ${HELM_CHART_ROOT_PATH}/ingress \
|
||||
--namespace=ceph \
|
||||
--values=/tmp/ingress-component.yaml \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS} \
|
||||
${OSH_EXTRA_HELM_ARGS_INGRESS_CEPH}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh ceph
|
||||
|
||||
#NOTE: Display info
|
||||
helm status ingress-ceph
|
|
@ -1,37 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_MARIADB:="$(./tools/deployment/common/get-values-overrides.sh mariadb)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} mariadb
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
helm upgrade --install mariadb ${HELM_CHART_ROOT_PATH}/mariadb \
|
||||
--namespace=openstack \
|
||||
--set volume.use_local_path_for_single_pod_cluster.enabled=true \
|
||||
--set volume.enabled=false \
|
||||
--set pod.replicas.server=1 \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_MARIADB}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status mariadb
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_MEMCACHED:="$(./tools/deployment/common/get-values-overrides.sh memcached)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} memcached
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
helm upgrade --install memcached ${HELM_CHART_ROOT_PATH}/memcached \
|
||||
--namespace=openstack \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_MEMCACHED}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status memcached
|
|
@ -1,34 +0,0 @@
|
|||
#!/bin/bash
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
set -xe
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_RABBITMQ:="$(./tools/deployment/common/get-values-overrides.sh rabbitmq)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} rabbitmq
|
||||
|
||||
#NOTE: Deploy command
|
||||
helm upgrade --install rabbitmq ${HELM_CHART_ROOT_PATH}/rabbitmq \
|
||||
--namespace=openstack \
|
||||
--set volume.enabled=false \
|
||||
--set pod.replicas.server=1 \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_RABBITMQ}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status rabbitmq
|
|
@ -1,45 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
# NOTE: Get the overrides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_PATH:="../openstack-helm"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_HEAT:="$(./tools/deployment/common/get-values-overrides.sh heat)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} heat
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
helm upgrade --install heat ${HELM_CHART_ROOT_PATH}/heat \
|
||||
--namespace=openstack \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_HEAT}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status heat
|
||||
export OS_CLOUD=openstack_helm
|
||||
openstack service list
|
||||
openstack endpoint list
|
||||
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||
openstack --os-interface internal orchestration service list
|
||||
|
||||
FEATURE_GATE="tls"; if [[ ${FEATURE_GATES//,/ } =~ (^|[[:space:]])${FEATURE_GATE}($|[[:space:]]) ]]; then
|
||||
curl --cacert /etc/openstack-helm/certs/ca/ca.pem -L https://heat.openstack.svc.cluster.local
|
||||
curl --cacert /etc/openstack-helm/certs/ca/ca.pem -L https://heat-api.openstack.svc.cluster.local:8004
|
||||
fi
|
|
@ -1,43 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
# NOTE: Get the over-rides to use
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_PATH:="../openstack-helm"}"}"
|
||||
: ${OSH_EXTRA_HELM_ARGS_KEYSTONE:="$(./tools/deployment/common/get-values-overrides.sh keystone)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} keystone
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
helm upgrade --install keystone ${HELM_CHART_ROOT_PATH}/keystone \
|
||||
--namespace=openstack \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_KEYSTONE}
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh openstack
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
helm status keystone
|
||||
export OS_CLOUD=openstack_helm
|
||||
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||
openstack endpoint list
|
||||
|
||||
FEATURE_GATE="tls"; if [[ ${FEATURE_GATES//,/ } =~ (^|[[:space:]])${FEATURE_GATE}($|[[:space:]]) ]]; then
|
||||
curl --cacert /etc/openstack-helm/certs/ca/ca.pem -L https://keystone.openstack.svc.cluster.local
|
||||
curl --cacert /etc/openstack-helm/certs/ca/ca.pem -L https://keystone-api.openstack.svc.cluster.local:5000
|
||||
fi
|
|
@ -1,29 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make mini-mirror
|
||||
|
||||
#NOTE: Get the over-rides to use
|
||||
: ${OSH_EXTRA_HELM_ARGS_MINI_MIRROR:="$(./tools/deployment/common/get-values-overrides.sh mini-mirror)"}
|
||||
|
||||
#NOTE: Deploy command
|
||||
: ${OSH_EXTRA_HELM_ARGS:=""}
|
||||
|
||||
helm upgrade --install mini-mirror ./mini-mirror \
|
||||
--namespace=osh-addons \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
${OSH_EXTRA_HELM_ARGS_MINI_MIRROR}
|
|
@ -1,40 +0,0 @@
|
|||
---
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# TODO(gagehugo): Put this in osh-infra and run it from there
|
||||
|
||||
- hosts: all
|
||||
tasks:
|
||||
- name: install helm3
|
||||
become_user: root
|
||||
shell: |
|
||||
TMP_DIR=$(mktemp -d)
|
||||
curl -sSL https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR}
|
||||
sudo mv ${TMP_DIR}/helm /usr/bin/helm
|
||||
rm -rf ${TMP_DIR}
|
||||
environment:
|
||||
HELM_VERSION: "v3.3.4"
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
||||
- name: updates the requirements due to the lack of helm serve in helm 3
|
||||
shell: |
|
||||
find "{{ zuul.project.src_dir }}" -type f -name "requirements.yaml" -exec sed -i "s#http://localhost:8879/charts#https://tarballs.opendev.org/openstack/openstack-helm-infra#g" {} \;
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
||||
- name: make all
|
||||
make:
|
||||
chdir: "{{ zuul.project.src_dir }}"
|
||||
target: all
|
||||
...
|
|
@ -1,60 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Build Charts
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/gate/scripts/010-setup-client.sh
|
||||
args:
|
||||
chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
|
||||
- name: Deploy MariaDB
|
||||
environment:
|
||||
OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
|
||||
OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/gate/scripts/020-deploy-mariadb.sh
|
||||
args:
|
||||
chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
|
||||
- name: Deploy RabbitMQ
|
||||
environment:
|
||||
OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
|
||||
OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/gate/scripts/030-deploy-rabbitmq.sh
|
||||
args:
|
||||
chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
|
||||
- name: Deploy Memcached
|
||||
environment:
|
||||
OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
|
||||
OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/gate/scripts/040-deploy-memcached.sh
|
||||
args:
|
||||
chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
|
||||
- name: Deploy Keystone
|
||||
environment:
|
||||
OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
|
||||
OSH_PATH: "{{ zuul_osh_relative_path | default('') }}"
|
||||
zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
|
||||
shell: |
|
||||
set -xe;
|
||||
./tools/gate/scripts/050-deploy-keystone.sh
|
||||
args:
|
||||
chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
|
|
@ -1,23 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Ensure pip
|
||||
include_role:
|
||||
name: ensure-pip
|
||||
- name: Run gate scripts
|
||||
include_role:
|
||||
name: osh-run-script
|
||||
vars:
|
||||
gate_script_path: "{{ item }}"
|
||||
with_items: "{{ gate_scripts }}"
|
|
@ -1,34 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: True
|
||||
roles:
|
||||
- build-helm-packages
|
||||
tags:
|
||||
- build-helm-packages
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: False
|
||||
become: yes
|
||||
roles:
|
||||
- build-images
|
||||
tags:
|
||||
- build-images
|
|
@ -1,56 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: all
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
logs_dir: "/tmp/logs"
|
||||
roles:
|
||||
- gather-host-logs
|
||||
tags:
|
||||
- gather-host-logs
|
||||
|
||||
- hosts: primary
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
logs_dir: "/tmp/logs"
|
||||
roles:
|
||||
- helm-release-status
|
||||
tags:
|
||||
- helm-release-status
|
||||
|
||||
- hosts: primary
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
logs_dir: "/tmp/logs"
|
||||
roles:
|
||||
- describe-kubernetes-objects
|
||||
tags:
|
||||
- describe-kubernetes-objects
|
||||
|
||||
- hosts: primary
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
logs_dir: "/tmp/logs"
|
||||
roles:
|
||||
- gather-pod-logs
|
||||
tags:
|
||||
- gather-pod-logs
|
||||
|
||||
- hosts: primary
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
logs_dir: "/tmp/logs"
|
||||
roles:
|
||||
- gather-prom-metrics
|
||||
tags:
|
||||
- gather-prom-metrics
|
|
@ -1,41 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: False
|
||||
become: yes
|
||||
roles:
|
||||
- deploy-python
|
||||
tags:
|
||||
- deploy-python
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: True
|
||||
become: yes
|
||||
roles:
|
||||
- setup-firewall
|
||||
- deploy-python-pip
|
||||
- deploy-docker
|
||||
- deploy-jq
|
||||
tags:
|
||||
- setup-firewall
|
||||
- deploy-python-pip
|
||||
- deploy-docker
|
||||
- deploy-jq
|
|
@ -1,34 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: True
|
||||
roles:
|
||||
- build-helm-packages
|
||||
- deploy-kubeadm-aio-master
|
||||
tags:
|
||||
- build-helm-packages
|
||||
- deploy-kubeadm-aio-master
|
||||
|
||||
- hosts: nodes
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
roles:
|
||||
- deploy-kubeadm-aio-node
|
||||
tags:
|
||||
- deploy-kubeadm-aio-node
|
|
@ -1,23 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: True
|
||||
become: yes
|
||||
roles:
|
||||
- setup-firewall
|
||||
tags:
|
||||
- setup-firewall
|
|
@ -1,51 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: False
|
||||
become: yes
|
||||
roles:
|
||||
- deploy-python
|
||||
tags:
|
||||
- deploy-python
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: True
|
||||
become: yes
|
||||
roles:
|
||||
- upgrade-host
|
||||
- start-zuul-console
|
||||
- disable-local-nameserver
|
||||
tags:
|
||||
- upgrade-host
|
||||
- start-zuul-console
|
||||
- disable-local-nameserver
|
||||
|
||||
- hosts: all
|
||||
vars_files:
|
||||
- vars.yaml
|
||||
vars:
|
||||
work_dir: "{{ zuul.project.src_dir }}/{{ zuul_osh_infra_relative_path | default('') }}"
|
||||
gather_facts: False
|
||||
become: yes
|
||||
roles:
|
||||
- deploy-apparmor
|
||||
tags:
|
||||
- deploy-apparmor
|
|
@ -1,15 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# NOTE(portdirect): for use in the dev-deploy scripts, a valid vars.yaml is
|
||||
# required, so provide some nonsense, yet harmless input.
|
||||
dummy_value: "Lorem Ipsum"
|
|
@ -1,18 +0,0 @@
|
|||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- hosts: primary
|
||||
tasks:
|
||||
- name: Execute a Whitespace Linter check
|
||||
command: find . -not -path "*/\.*" -not -path "*/doc/build/*" -not -name "*.tgz" -type f -exec egrep -l " +$" {} \;
|
||||
register: result
|
||||
failed_when: result.stdout != ""
|
|
@ -1,173 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
|
||||
: ${CERT_MANAGER_VERSION:="v0.15.0"}
|
||||
|
||||
cert_path="/etc/openstack-helm"
|
||||
ca_cert_root="$cert_path/certs/ca"
|
||||
|
||||
function check_cert {
|
||||
# $1: the certificate file, e.g. ca.pem
|
||||
# $2: the key file, e.g. ca-key.pem
|
||||
local cert="$(openssl x509 -noout -modulus -in $1)"
|
||||
local key="$(openssl rsa -noout -modulus -in $2)"
|
||||
if ! [ "$cert" = "$key" ]; then
|
||||
echo "Failure: tls private key does not match cert"
|
||||
exit 1
|
||||
else
|
||||
echo "Pass: $cert is valid with $key"
|
||||
fi
|
||||
}
|
||||
|
||||
# Download cfssl and cfssljson if they are not available on the system
|
||||
if type cfssl && type cfssljson; then
|
||||
echo "cfssl and cfssljson found - skipping installation"
|
||||
else
|
||||
echo "installing cfssl and cfssljson"
|
||||
temp_bin=$(mktemp --directory)
|
||||
cd $temp_bin
|
||||
CFSSLURL=https://pkg.cfssl.org/R1.2
|
||||
curl -sSL -o cfssl $CFSSLURL/cfssl_linux-amd64
|
||||
curl -sSL -o cfssljson $CFSSLURL/cfssljson_linux-amd64
|
||||
chmod +x {cfssl,cfssljson}
|
||||
export PATH=$PATH:$temp_bin
|
||||
fi
|
||||
|
||||
# Sets up a directory for the certs
|
||||
sudo rm -rf $cert_path
|
||||
sudo mkdir -p $ca_cert_root
|
||||
sudo chmod -R go+w $cert_path
|
||||
|
||||
cd $ca_cert_root
|
||||
|
||||
cat > ca-csr.json <<EOF
|
||||
{
|
||||
"CN": "ACME Company",
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 4096
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"C": "US",
|
||||
"L": "SomeState",
|
||||
"ST": "SomeCity",
|
||||
"O": "SomeOrg",
|
||||
"OU": "SomeUnit"
|
||||
}
|
||||
]
|
||||
}
|
||||
EOF
|
||||
|
||||
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -
|
||||
check_cert ca.pem ca-key.pem
|
||||
|
||||
|
||||
cat > cfssl.json <<EOF
|
||||
{
|
||||
"signing": {
|
||||
"default": {
|
||||
"expiry": "8760h"
|
||||
},
|
||||
"profiles": {
|
||||
"intermediate_ca": {
|
||||
"expiry": "8760h",
|
||||
"usages": [
|
||||
"signing",
|
||||
"digital signature",
|
||||
"cert sign",
|
||||
"crl sign",
|
||||
"key encipherment",
|
||||
"server auth",
|
||||
"client auth"
|
||||
],
|
||||
"ca_constraint": {
|
||||
"is_ca": true
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
cat > intermediate-ca.json <<EOF
|
||||
{
|
||||
"CN": "OpenStack Helm CA",
|
||||
"key": {
|
||||
"algo": "rsa",
|
||||
"size": 4096
|
||||
},
|
||||
"names": [
|
||||
{
|
||||
"C": "GB",
|
||||
"L": "Space",
|
||||
"ST": "Earth",
|
||||
"O": "OSH",
|
||||
"OU": "OSH"
|
||||
}
|
||||
],
|
||||
"ca": {
|
||||
"expiry": "8760h"
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
cfssl gencert -initca intermediate-ca.json | cfssljson -bare intermediate-ca -
|
||||
cfssl sign -ca ca.pem -ca-key ca-key.pem -config cfssl.json -profile intermediate_ca \
|
||||
intermediate-ca.csr | cfssljson -bare intermediate-ca
|
||||
check_cert intermediate-ca.pem intermediate-ca-key.pem
|
||||
|
||||
kubectl create ns cert-manager
|
||||
helm repo add jetstack https://charts.jetstack.io
|
||||
helm repo update
|
||||
|
||||
# helm 2 command
|
||||
helm install --name cert-manager --namespace cert-manager \
|
||||
--version ${CERT_MANAGER_VERSION} jetstack/cert-manager \
|
||||
--set installCRDs=true \
|
||||
--set featureGates=ExperimentalCertificateControllers=true \
|
||||
--set extraArgs[0]="--enable-certificate-owner-ref=true"
|
||||
|
||||
# helm 3 command
|
||||
# helm install cert-manager jetstack/cert-manager --namespace cert-manager \
|
||||
# --version ${CERT_MANAGER_VERSION} \
|
||||
# --set installCRDs=true \
|
||||
#. --set featureGates=ExperimentalCertificateControllers=true \
|
||||
# --set extraArgs[0]="--enable-certificate-owner-ref=true"
|
||||
|
||||
helm repo remove jetstack
|
||||
|
||||
key=$(cat /etc/openstack-helm/certs/ca/ca-key.pem | base64 | tr -d "\n")
|
||||
crt=$(cat /etc/openstack-helm/certs/ca/ca.pem | base64 | tr -d "\n")
|
||||
|
||||
cat > /tmp/ca-issuers.yaml <<EOF
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: ca-key-pair
|
||||
namespace: openstack
|
||||
data:
|
||||
tls.crt: $crt
|
||||
tls.key: $key
|
||||
---
|
||||
apiVersion: cert-manager.io/v1alpha3
|
||||
kind: Issuer
|
||||
metadata:
|
||||
name: ca-issuer
|
||||
namespace: openstack
|
||||
spec:
|
||||
ca:
|
||||
secretName: ca-key-pair
|
||||
EOF
|
||||
|
||||
|
||||
kubectl wait --for=condition=Ready pods --all -n cert-manager --timeout=180s
|
||||
|
||||
# Per [0], put a sleep here to guard against the error - failed calling webhook "webhook.cert-manager.io"
|
||||
# [0] https://github.com/jetstack/cert-manager/issues/2602
|
||||
sleep 45
|
||||
|
||||
kubectl create ns openstack
|
||||
kubectl apply -f /tmp/ca-issuers.yaml
|
31
tox.ini
31
tox.ini
|
@ -1,31 +0,0 @@
|
|||
[tox]
|
||||
minversion = 3.1
|
||||
envlist = docs
|
||||
skipsdist = True
|
||||
ignore_basepython_conflict = True
|
||||
|
||||
[testenv]
|
||||
basepython = python3
|
||||
setenv = VIRTUAL_ENV={envdir}
|
||||
deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
|
||||
passenv = *_proxy *_PROXY
|
||||
|
||||
[testenv:venv]
|
||||
commands = {posargs}
|
||||
|
||||
[testenv:lint]
|
||||
deps =
|
||||
yq
|
||||
yamllint
|
||||
commands =
|
||||
rm -rf .yamllint
|
||||
bash -c 'if [ ! -d ../openstack-helm-infra ]; then\
|
||||
git clone https://opendev.org/openstack/openstack-helm-infra ../openstack-helm-infra;\
|
||||
fi'
|
||||
bash ../openstack-helm-infra/tools/gate/lint.sh
|
||||
whitelist_externals =
|
||||
rm
|
||||
bash
|
||||
|
||||
[testenv:releasenotes]
|
||||
commands = sphinx-build -a -W -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|
|
@ -1,32 +0,0 @@
|
|||
---
|
||||
|
||||
yaml-files:
|
||||
- '*.yaml'
|
||||
- '*.yml'
|
||||
- '.yamllint'
|
||||
|
||||
rules:
|
||||
braces: enable
|
||||
brackets: enable
|
||||
colons: enable
|
||||
commas: enable
|
||||
comments: enable
|
||||
comments-indentation: disable
|
||||
document-end: disable
|
||||
document-start: disable
|
||||
empty-lines: disable
|
||||
empty-values: disable
|
||||
hyphens: enable
|
||||
indentation:
|
||||
spaces: 2
|
||||
indent-sequences: whatever
|
||||
key-duplicates: enable
|
||||
key-ordering: disable
|
||||
line-length: disable
|
||||
new-line-at-end-of-file: disable
|
||||
new-lines: disable
|
||||
octal-values: disable
|
||||
quoted-strings: disable
|
||||
trailing-spaces: disable
|
||||
truthy: disable
|
||||
...
|
|
@ -1,32 +0,0 @@
|
|||
---
|
||||
|
||||
yaml-files:
|
||||
- '*.yaml'
|
||||
- '*.yml'
|
||||
- '.yamllint'
|
||||
|
||||
rules:
|
||||
braces: enable
|
||||
brackets: enable
|
||||
colons: enable
|
||||
commas: enable
|
||||
comments: enable
|
||||
comments-indentation: enable
|
||||
document-end: disable
|
||||
document-start: disable
|
||||
empty-lines: enable
|
||||
empty-values: disable
|
||||
hyphens: enable
|
||||
indentation:
|
||||
spaces: 2
|
||||
indent-sequences: whatever
|
||||
key-duplicates: enable
|
||||
key-ordering: disable
|
||||
line-length: disable
|
||||
new-line-at-end-of-file: enable
|
||||
new-lines: enable
|
||||
octal-values: disable
|
||||
quoted-strings: disable
|
||||
trailing-spaces: enable
|
||||
truthy: disable
|
||||
...
|
|
@ -1,82 +0,0 @@
|
|||
---
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- job:
|
||||
name: osh-addons-parent
|
||||
irrelevant-files:
|
||||
- ^.*\.rst$
|
||||
- ^doc/.*$
|
||||
- ^releasenotes/.*$
|
||||
|
||||
- job:
|
||||
name: osh-addons-base
|
||||
parent: osh-addons-parent
|
||||
roles:
|
||||
- zuul: openstack/openstack-helm-infra
|
||||
timeout: 7200
|
||||
vars:
|
||||
zuul_osh_infra_relative_path: ../openstack-helm-infra/
|
||||
zuul_osh_relative_path: ../openstack-helm/
|
||||
pre-run:
|
||||
- ./tools/gate/playbooks/osh-infra-upgrade-host.yaml
|
||||
- ./tools/gate/playbooks/osh-infra-setup-firewall.yaml
|
||||
post-run: ./tools/gate/playbooks/osh-infra-collect-logs.yaml
|
||||
required-projects:
|
||||
- openstack/openstack-helm-infra
|
||||
- openstack/openstack-helm
|
||||
nodeset: openstack-helm-single-node
|
||||
|
||||
- job:
|
||||
name: osh-helm3-linter
|
||||
nodeset: ubuntu-focal
|
||||
run: tools/gate/playbooks/helm3-linter.yaml
|
||||
required-projects:
|
||||
- openstack/openstack-helm-infra
|
||||
irrelevant-files:
|
||||
- ^.*\.rst$
|
||||
- ^doc/.*$
|
||||
|
||||
- job:
|
||||
name: osh-addons-mini-mirror
|
||||
parent: osh-addons-base
|
||||
run: tools/gate/playbooks/osh-gate-runner.yaml
|
||||
timeout: 7200
|
||||
nodeset: openstack-helm-single-node
|
||||
vars:
|
||||
osh_params:
|
||||
container_distro_name: ubuntu
|
||||
container_distro_version: bionic
|
||||
gate_scripts_relative_path: ../openstack-helm-addons
|
||||
gate_scripts:
|
||||
- ./tools/deployment/common/install-packages.sh
|
||||
- ./tools/deployment/common/deploy-k8s.sh
|
||||
- ./tools/deployment/common/setup-client.sh
|
||||
- ./tools/deployment/component/mini-mirror/mini-mirror.sh
|
||||
|
||||
- job:
|
||||
name: osh-addons-mini-mirror-apparmor
|
||||
parent: osh-addons-base
|
||||
run: tools/gate/playbooks/osh-gate-runner.yaml
|
||||
timeout: 7200
|
||||
nodeset: openstack-helm-single-node
|
||||
vars:
|
||||
osh_params:
|
||||
container_distro_name: ubuntu
|
||||
container_distro_version: bionic
|
||||
feature_gates: apparmor
|
||||
gate_scripts_relative_path: ../openstack-helm-addons
|
||||
gate_scripts:
|
||||
- ./tools/deployment/common/install-packages.sh
|
||||
- ./tools/deployment/common/deploy-k8s.sh
|
||||
- ./tools/deployment/common/setup-client.sh
|
||||
- ./tools/deployment/component/mini-mirror/mini-mirror.sh
|
|
@ -1,32 +0,0 @@
|
|||
---
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
- project:
|
||||
templates:
|
||||
- release-notes-jobs-python3
|
||||
check:
|
||||
jobs:
|
||||
- openstack-helm-lint
|
||||
- osh-helm3-linter:
|
||||
voting: false
|
||||
- osh-addons-mini-mirror
|
||||
gate:
|
||||
jobs:
|
||||
- openstack-helm-lint
|
||||
- osh-addons-mini-mirror
|
||||
promote:
|
||||
jobs:
|
||||
- publish-openstack-helm-charts
|
||||
experimental:
|
||||
jobs:
|
||||
- osh-addons-mini-mirror-apparmor
|
Loading…
Reference in New Issue