openstack
/
openstack-helm-infra
Code Issues Proposed changes

Libvirt: Move chart to openstack-helm-infra 

This moves the libvirt chart to openstack-helm-infra as part of
the effort to move charts to their appropriate repositories

Change-Id: I02ce197f8d100da74c086d84e2f9d2b902a69e97
Story: 2002204
Task: 21723
This commit is contained in:
Steve Wilkerson 2018-09-04 12:43:36 -05:00
parent c581bbcbf8
commit 6b944f557b
13 changed files with 824 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
libvirt/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm libvirt
name: libvirt
version: 0.1.0
home: https://libvirt.org
sources:
- https://libvirt.org/git/?p=libvirt.git;a=summary
- https://git.openstack.org/cgit/openstack/openstack-helm
maintainers:
- name: OpenStack-Helm Authors

18
libvirt/requirements.yaml Normal file
View File

@ -0,0 +1,18 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

31
libvirt/templates/bin/_ceph-admin-keyring.sh.tpl Normal file
View File

@ -0,0 +1,31 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
export HOME=/tmp
cat > /etc/ceph/ceph.client.admin.keyring << EOF
[client.admin]
{{- if .Values.conf.ceph.admin_keyring }}
key = {{ .Values.conf.ceph.admin_keyring }}
{{- else }}
key = $(cat /tmp/client-keyring)
{{- end }}
EOF
exit 0

39
libvirt/templates/bin/_ceph-keyring.sh.tpl Normal file
View File

@ -0,0 +1,39 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
export HOME=/tmp
KEYRING=/etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring
{{- if .Values.conf.ceph.cinder.keyring }}
cat > ${KEYRING} <<EOF
[client.{{ .Values.conf.ceph.cinder.user }}]
key = {{ .Values.conf.ceph.cinder.keyring }}
EOF
{{- else }}
if ! [ "x${CEPH_CINDER_USER}" == "xadmin"]; then
#NOTE(Portdirect): Determine proper privs to assign keyring
ceph auth get-or-create client.${CEPH_CINDER_USER} \
mon "allow *" \
osd "allow *" \
mgr "allow *" \
-o ${KEYRING}
rm -f /etc/ceph/ceph.client.admin.keyring
fi
{{- end }}

144
libvirt/templates/bin/_libvirt.sh.tpl Normal file
View File

@ -0,0 +1,144 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
if [ -n "$(cat /proc/*/comm 2>/dev/null | grep libvirtd)" ]; then
echo "ERROR: libvirtd daemon already running on host" 1>&2
exit 1
fi
rm -f /var/run/libvirtd.pid
if [[ -c /dev/kvm ]]; then
chmod 660 /dev/kvm
chown root:kvm /dev/kvm
fi
# We assume that if hugepage count > 0, then hugepages should be exposed to libvirt/qemu
hp_count="$(cat /proc/meminfo | grep HugePages_Total | tr -cd '[:digit:]')"
if [ 0"$hp_count" -gt 0 ]; then
echo "INFO: Detected hugepage count of '$hp_count'. Enabling hugepage settings for libvirt/qemu."
# Enable KVM hugepages for QEMU
if [ -n "$(grep KVM_HUGEPAGES=0 /etc/default/qemu-kvm)" ]; then
sed -i 's/.*KVM_HUGEPAGES=0.*/KVM_HUGEPAGES=1/g' /etc/default/qemu-kvm
else
echo KVM_HUGEPAGES=1 >> /etc/default/qemu-kvm
fi
# Ensure that the hugepage mount location is available/mapped inside the
# container. This assumes use of the default ubuntu dev-hugepages.mount
# systemd unit which mounts hugepages at this location.
if [ ! -d /dev/hugepages ]; then
echo "ERROR: Hugepages configured in kernel, but libvirtd container cannot access /dev/hugepages"
exit 1
fi
# Kubernetes 1.10.x introduced cgroup changes that caused the container's
# hugepage byte limit quota to zero out. This workaround sets that pod limit
# back to the total number of hugepage bytes available to the baremetal host.
if [ -d /sys/fs/cgroup/hugetlb ]; then
# NOTE(portdirect): Kubelet will always create pod specific cgroups for
# hugetables so if the hugetlb cgroup is enabled, when k8s removes the pod
# it will also remove the hugetlb cgroup for the pod, taking any qemu
# processes with it.
echo "WARN: As the hugetlb cgroup is enabled, it will not be possible to restart the libvirt pod via k8s, without killing VMs."
for limit in $(ls /sys/fs/cgroup/hugetlb/kubepods/hugetlb.*.limit_in_bytes); do
target="/sys/fs/cgroup/hugetlb/$(dirname $(awk -F: '($2~/hugetlb/){print $3}' /proc/self/cgroup))/$(basename $limit)"
# Ensure the write target for the hugepage limit for the pod exists
if [ ! -f "$target" ]; then
echo "ERROR: Could not find write target for hugepage limit: $target"
fi
# Write hugetable limit for pod
echo "$(cat $limit)" > "$target"
done
fi
# Determine OS default hugepage size to use for the hugepage write test
default_hp_kb="$(cat /proc/meminfo | grep Hugepagesize | tr -cd '[:digit:]')"
# Attempt to write to the hugepage mount to ensure it is operational, but only
# if we have at least 1 free page.
num_free_pages="$(cat /sys/kernel/mm/hugepages/hugepages-${default_hp_kb}kB/free_hugepages | tr -cd '[:digit:]')"
echo "INFO: '$num_free_pages' free hugepages of size ${default_hp_kb}kB"
if [ 0"$num_free_pages" -gt 0 ]; then
(fallocate -o0 -l "$default_hp_kb" /dev/hugepages/foo && rm /dev/hugepages/foo) || \
(echo "ERROR: fallocate failed test at /dev/hugepages with size ${default_hp_kb}kB"
rm /dev/hugepages/foo
exit 1)
fi
fi
if [ -n "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" ] ; then
libvirtd --listen &
tmpsecret=$(mktemp --suffix .xml)
function cleanup {
rm -f "${tmpsecret}"
}
trap cleanup EXIT
# Wait for the libvirtd is up
TIMEOUT=60
while [[ ! -f /var/run/libvirtd.pid ]]; do
if [[ ${TIMEOUT} -gt 0 ]]; then
let TIMEOUT-=1
sleep 1
else
echo "ERROR: libvirt did not start in time (pid file missing)"
exit 1
fi
done
# Even though we see the pid file the socket immediately (this is
# needed for virsh)
TIMEOUT=10
while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do
if [[ ${TIMEOUT} -gt 0 ]]; then
let TIMEOUT-=1
sleep 1
else
echo "ERROR: libvirt did not start in time (socket missing)"
exit 1
fi
done
if [ -z "${CEPH_CINDER_KEYRING}" ] ; then
CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring)
fi
cat > ${tmpsecret} <<EOF
<secret ephemeral='no' private='no'>
<uuid>${LIBVIRT_CEPH_CINDER_SECRET_UUID}</uuid>
<usage type='ceph'>
<name>client.${CEPH_CINDER_USER}. secret</name>
</usage>
</secret>
EOF
virsh secret-define --file ${tmpsecret}
virsh secret-set-value --secret "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}"
# rejoin libvirtd
wait
else
exec libvirtd --listen
fi

37
libvirt/templates/configmap-bin.yaml Normal file
View File

@ -0,0 +1,37 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: libvirt-bin
data:
{{- if .Values.images.local_registry.active }}
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
{{- end }}
libvirt.sh: |
{{ tuple "bin/_libvirt.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- if .Values.conf.ceph.enabled }}
ceph-keyring.sh: |
{{ tuple "bin/_ceph-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ceph-admin-keyring.sh: |
{{ tuple "bin/_ceph-admin-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
{{- end }}

28
libvirt/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,28 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: libvirt-etc
data:
libvirtd.conf: |
{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | indent 4 }}
qemu.conf: |
{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | indent 4 }}
{{- end }}

231
libvirt/templates/daemonset-libvirt.yaml Normal file
View File

@ -0,0 +1,231 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.daemonset_libvirt }}
{{- $envAll := . }}
{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}}
{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }}
{{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }}
{{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }}
{{- $serviceAccountName := "libvirt" }}
{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: libvirt
labels:
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
selector:
matchLabels:
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.agent.libvirt.node_selector_key }}: {{ .Values.labels.agent.libvirt.node_selector_value }}
hostNetwork: true
hostPID: true
dnsPolicy: ClusterFirstWithHostNet
initContainers:
{{ tuple $envAll "pod_dependency" $mounts_libvirt_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
{{- if .Values.conf.ceph.enabled }}
{{- if empty .Values.conf.ceph.cinder.keyring }}
- name: ceph-admin-keyring-placement
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
securityContext:
runAsUser: 0
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: libvirt-bin
mountPath: /tmp/ceph-admin-keyring.sh
subPath: ceph-admin-keyring.sh
readOnly: true
{{- if empty .Values.conf.ceph.admin_keyring }}
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
{{ end }}
{{ end }}
- name: ceph-keyring-placement
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
securityContext:
runAsUser: 0
env:
- name: CEPH_CINDER_USER
value: "{{ .Values.conf.ceph.cinder.user }}"
{{- if .Values.conf.ceph.cinder.keyring }}
- name: CEPH_CINDER_KEYRING
value: "{{ .Values.conf.ceph.cinder.keyring }}"
{{ end }}
- name: LIBVIRT_CEPH_CINDER_SECRET_UUID
value: "{{ .Values.conf.ceph.cinder.secret_uuid }}"
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: libvirt-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
{{- end }}
containers:
- name: libvirt
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.libvirt | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
privileged: true
runAsUser: 0
{{- if .Values.conf.ceph.enabled }}
env:
- name: CEPH_CINDER_USER
value: "{{ .Values.conf.ceph.cinder.user }}"
{{- if .Values.conf.ceph.cinder.keyring }}
- name: CEPH_CINDER_KEYRING
value: "{{ .Values.conf.ceph.cinder.keyring }}"
{{ end }}
- name: LIBVIRT_CEPH_CINDER_SECRET_UUID
value: "{{ .Values.conf.ceph.cinder.secret_uuid }}"
{{ end }}
command:
- /tmp/libvirt.sh
lifecycle:
preStop:
exec:
command:
- bash
- -c
- |-
kill $(cat /var/run/libvirtd.pid)
volumeMounts:
- name: libvirt-bin
mountPath: /tmp/libvirt.sh
subPath: libvirt.sh
readOnly: true
- name: libvirt-etc
mountPath: /etc/libvirt/libvirtd.conf
subPath: libvirtd.conf
readOnly: true
- name: libvirt-etc
mountPath: /etc/libvirt/qemu.conf
subPath: qemu.conf
readOnly: true
- name: etc-libvirt-qemu
mountPath: /etc/libvirt/qemu
- mountPath: /lib/modules
name: libmodules
readOnly: true
- name: var-lib-libvirt
mountPath: /var/lib/libvirt
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
mountPropagation: Bidirectional
{{- end }}
- name: var-lib-nova
mountPath: /var/lib/nova
{{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }}
mountPropagation: Bidirectional
{{- end }}
- name: run
mountPath: /run
- name: dev
mountPath: /dev
- name: cgroup
mountPath: /sys/fs/cgroup
- name: machine-id
mountPath: /etc/machine-id
readOnly: true
{{- if .Values.conf.ceph.enabled }}
- name: etcceph
mountPath: /etc/ceph
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
{{- if empty .Values.conf.ceph.cinder.keyring }}
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
{{- end }}
{{- end }}
{{ if $mounts_libvirt.volumeMounts }}{{ toYaml $mounts_libvirt.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: libvirt-bin
configMap:
name: libvirt-bin
defaultMode: 0555
- name: libvirt-etc
configMap:
name: libvirt-etc
defaultMode: 0444
{{- if .Values.conf.ceph.enabled }}
- name: etcceph
emptyDir: {}
- name: ceph-etc
configMap:
name: {{ .Values.ceph_client.configmap }}
defaultMode: 0444
{{- if empty .Values.conf.ceph.cinder.keyring }}
- name: ceph-keyring
secret:
secretName: {{ .Values.ceph_client.user_secret_name }}
{{ end }}
{{ end }}
- name: libmodules
hostPath:
path: /lib/modules
- name: var-lib-libvirt
hostPath:
path: /var/lib/libvirt
- name: var-lib-nova
hostPath:
path: /var/lib/nova
- name: run
hostPath:
path: /run
- name: dev
hostPath:
path: /dev
- name: cgroup
hostPath:
path: /sys/fs/cgroup
- name: machine-id
hostPath:
path: /etc/machine-id
- name: etc-libvirt-qemu
hostPath:
path: /etc/libvirt/qemu
{{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }}
{{- end }}

20
libvirt/templates/job-image-repo-sync.yaml Normal file
View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

53
libvirt/templates/utils/_to_libvirt_conf.tpl Normal file
View File

@ -0,0 +1,53 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{/*
abstract: |
Builds a libvirt compatible config file.
values: |
conf:
libvirt:
log_level: 3
cgroup_controllers:
- cpu
- cpuacct
usage: |
{{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt }}
return: |
cgroup_controllers = [ "cpu", "cpuacct" ]
log_level = 3
*/}}
{{- define "libvirt.utils._to_libvirt_conf.list_to_string" -}}
{{- $local := dict "first" true -}}
{{- range $k, $v := . -}}{{- if not $local.first -}}, {{ end -}}{{- $v | quote -}}{{- $_ := set $local "first" false -}}{{- end -}}
{{- end -}}
{{- define "libvirt.utils.to_libvirt_conf" -}}
{{- range $key, $value := . -}}
{{- if kindIs "slice" $value }}
{{ $key }} = [ {{ include "libvirt.utils._to_libvirt_conf.list_to_string" $value }} ]
{{- else if kindIs "string" $value }}
{{- if regexMatch "^[0-9]+$" $value }}
{{ $key }} = {{ $value }}
{{- else }}
{{ $key }} = {{ $value | quote }}
{{- end }}
{{- else }}
{{ $key }} = {{ $value }}
{{- end }}
{{- end -}}
{{- end -}}

165
libvirt/values.yaml Normal file
View File

@ -0,0 +1,165 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for libvirt.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
release_group: null
labels:
agent:
libvirt:
node_selector_key: openstack-compute-node
node_selector_value: enabled
images:
tags:
libvirt: docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
image_repo_sync: docker.io/docker:17.07.0
pull_policy: "IfNotPresent"
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
network:
# provide what type of network wiring will be used
# possible options: openvswitch, linuxbridge, sriov
backend:
- openvswitch
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
ceph_client:
configmap: ceph-etc
user_secret_name: pvc-ceph-client-key
conf:
ceph:
enabled: true
admin_keyring: null
cinder:
user: "cinder"
keyring: null
secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
libvirt:
listen_tcp: "1"
listen_tls: "0"
auth_tcp: "none"
ca_file: ""
listen_addr: 127.0.0.1
log_level: "3"
qemu:
stdio_handler: "file"
user: "nova"
group: "kvm"
pod:
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
libvirt:
init_container: null
libvirt:
lifecycle:
upgrades:
daemonsets:
pod_replacement_strategy: RollingUpdate
libvirt:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
resources:
enabled: false
libvirt:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
image_repo_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- libvirt-image-repo-sync
services:
- endpoint: node
service: local_image_registry
targeted:
openvswitch:
libvirt:
pod:
- requireSameNode: true
labels:
application: neutron
component: neutron-ovs-agent
linuxbridge:
libvirt:
pod:
- requireSameNode: true
labels:
application: neutron
component: neutron-lb-agent
sriov:
libvirt:
pod:
- requireSameNode: true
labels:
application: neutron
component: neutron-sriov-agent
static:
libvirt:
services: null
image_repo_sync:
services:
- endpoint: internal
service: local_image_registry
manifests:
configmap_bin: true
configmap_etc: true
daemonset_libvirt: true
job_image_repo_sync: true

6
playbooks/osh-infra-openstack-support.yaml
View File

@ -66,6 +66,12 @@
./tools/deployment/openstack-support/035-mariadb.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Libvirt
shell: |
set -xe;
./tools/deployment/openstack-support/040-libvirt.sh
args:
chdir: "{{ zuul.project.src_dir }}"
- name: Deploy Openvswitch
shell: |
set -xe;

28
tools/deployment/openstack-support/040-libvirt.sh Executable file
View File

@ -0,0 +1,28 @@
#!/bin/bash
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Lint and package chart
make libvirt
#NOTE: Deploy command
helm upgrade --install libvirt ./libvirt \
--namespace=openstack \
--set conf.ceph.enabled=false \
--set network.backend="null"
#NOTE: Validate Deployment info
helm status libvirt