diff --git a/cinder/templates/bin/_db-init.sh.tpl b/cinder/templates/bin/_db-init.sh.tpl deleted file mode 100644 index 1762c2f706..0000000000 --- a/cinder/templates/bin/_db-init.sh.tpl +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash - -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex -export HOME=/tmp - -ansible localhost -vvv \ - -m mysql_db -a "login_host='{{ .Values.database.address }}' \ - login_port='{{ .Values.database.port }}' \ - login_user='{{ .Values.database.root_user }}' \ - login_password='{{ .Values.database.root_password }}' \ - name='{{ .Values.database.cinder_database_name }}'" - -ansible localhost -vvv \ - -m mysql_user -a "login_host='{{ .Values.database.address }}' \ - login_port='{{ .Values.database.port }}' \ - login_user='{{ .Values.database.root_user }}' \ - login_password='{{ .Values.database.root_password }}' \ - name='{{ .Values.database.cinder_user }}' \ - password='{{ .Values.database.cinder_password }}' \ - host='%' \ - priv='{{ .Values.database.cinder_database_name }}.*:ALL' \ - append_privs='yes'" diff --git a/cinder/templates/bin/_db-sync.sh.tpl b/cinder/templates/bin/_db-sync.sh.tpl new file mode 100644 index 0000000000..9353596a3f --- /dev/null +++ b/cinder/templates/bin/_db-sync.sh.tpl @@ -0,0 +1,19 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex + +glance-manage db sync diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml index 96d78bf203..92cdb13653 100644 --- a/cinder/templates/configmap-bin.yaml +++ b/cinder/templates/configmap-bin.yaml @@ -17,8 +17,10 @@ kind: ConfigMap metadata: name: cinder-bin data: - db-init.sh: |+ -{{ tuple "bin/_db-init.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} + db-init.py: | +{{- include "helm-toolkit.db_init" . | indent 4 }} + db-sync.sh: | +{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/cinder/templates/etc/_cinder.conf.tpl b/cinder/templates/etc/_cinder.conf.tpl index cb336d6485..e1ce7a90f6 100644 --- a/cinder/templates/etc/_cinder.conf.tpl +++ b/cinder/templates/etc/_cinder.conf.tpl @@ -40,7 +40,7 @@ os_region_name = {{ .Values.keystone.cinder_region_name }} host=cinder-volume-worker [database] -connection = mysql+pymysql://{{ .Values.database.cinder_user }}:{{ .Values.database.cinder_password }}@{{ .Values.database.address }}:{{ .Values.database.port }}/{{ .Values.database.cinder_database_name }} +connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }} max_retries = -1 [keystone_authtoken] diff --git a/cinder/templates/job-db-init.yaml b/cinder/templates/job-db-init.yaml index c9bff2261e..bbc079e369 100644 --- a/cinder/templates/job-db-init.yaml +++ b/cinder/templates/job-db-init.yaml @@ -43,17 +43,37 @@ spec: cpu: {{ .Values.resources.cinder_db_init.limits.cpu | quote }} {{- end }} env: - - name: ANSIBLE_LIBRARY - value: /usr/share/ansible/ + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: cinder-db-root + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/cinder/cinder.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection command: - - bash - - /tmp/db-init.sh + - python + - /tmp/db-init.py volumeMounts: - - name: dbinitsh - mountPath: /tmp/db-init.sh - subPath: db-init.sh + - name: cinder-bin + mountPath: /tmp/db-init.py + subPath: db-init.py + readOnly: true + - name: etccinder + mountPath: /etc/cinder + - name: cinderconf + mountPath: /etc/cinder/cinder.conf + subPath: cinder.conf readOnly: true volumes: - - name: dbinitsh + - name: etccinder + emptyDir: {} + - name: cinderconf + configMap: + name: cinder-etc + - name: cinder-bin configMap: name: cinder-bin diff --git a/cinder/templates/job-db-sync.yaml b/cinder/templates/job-db-sync.yaml index 47bfd85e96..78ff2631fd 100644 --- a/cinder/templates/job-db-sync.yaml +++ b/cinder/templates/job-db-sync.yaml @@ -43,22 +43,25 @@ spec: cpu: {{ .Values.resources.cinder_db_sync.limits.cpu | quote }} {{- end }} command: - - cinder-manage - args: - - --config-dir - - /etc/cinder/conf - - db - - sync + - bash + - /tmp/db-sync.sh volumeMounts: - - name: pod-etc-cinder + - name: cinder-bin + mountPath: /tmp/db-sync.sh + subPath: db-sync.sh + readOnly: true + - name: etccinder mountPath: /etc/cinder - - name: cinderconf - mountPath: /etc/cinder/conf/cinder.conf - subPath: cinder.conf + - name: cinderapiconf + mountPath: /etc/cinder/cinder-api.conf + subPath: cinder-api.conf readOnly: true volumes: - - name: pod-etc-cinder + - name: etccinder emptyDir: {} - - name: cinderconf + - name: cinderapiconf configMap: name: cinder-etc + - name: cinder-bin + configMap: + name: cinder-bin diff --git a/cinder/templates/secret-db-root.env.yaml b/cinder/templates/secret-db-root.env.yaml new file mode 100644 index 0000000000..7411f1c230 --- /dev/null +++ b/cinder/templates/secret-db-root.env.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: cinder-db-root +type: Opaque +data: + DB_CONNECTION: {{ tuple "oslo_db" "internal" "admin" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | b64enc }} diff --git a/cinder/values.yaml b/cinder/values.yaml index 9cbb4a8124..97b86537db 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -27,15 +27,15 @@ labels: node_selector_value: enabled images: - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.1 + db_init: quay.io/stackanetes/stackanetes-cinder-api:newton + db_sync: quay.io/stackanetes/stackanetes-cinder-api:newton ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton ks_endpoints: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton - db_sync: quay.io/stackanetes/stackanetes-cinder-api:newton api: quay.io/stackanetes/stackanetes-cinder-api:newton scheduler: quay.io/stackanetes/stackanetes-cinder-scheduler:newton volume: quay.io/stackanetes/stackanetes-cinder-volume:newton + dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.1 pull_policy: "IfNotPresent" upgrades: @@ -65,15 +65,6 @@ network: port: api: 8776 -database: - address: mariadb - port: 3306 - root_user: root - root_password: password - cinder_database_name: cinder - cinder_password: password - cinder_user: cinder - ceph: enabled: true monitors: [] @@ -199,6 +190,20 @@ endpoints: scheme: 'http' port: api: 8776 + oslo_db: + auth: + admin: + username: root + password: password + user: + username: cinder + password: password + hosts: + default: mariadb + path: /cinder + scheme: mysql+pymysql + port: + mysql: 3306 resources: enabled: false