Refactor keystone with new subdirectory template layout
Also, fix some extraneous spacing with hosts in common
This commit is contained in:
parent
d9942320b5
commit
221f14bc2e
@ -1,15 +1,15 @@
|
||||
# fqdn
|
||||
{{define "region"}}cluster{{end}}
|
||||
{{define "tld"}}local{{end}}
|
||||
{{- define "region"}}cluster{{- end}}
|
||||
{{- define "tld"}}local{{- end}}
|
||||
|
||||
# infrastructure services
|
||||
{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.kubernetes.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{- define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
{{- define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
{{- define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
|
||||
# keystone
|
||||
{{define "keystone_db_host"}} {{ include "mariadb_host" . }}{{end}}
|
||||
{{define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
|
||||
{{- define "keystone_db_host"}}{{ include "mariadb_host" . }}{{end}}
|
||||
{{- define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
{{- define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
{{- define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
{{- define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
|
||||
|
11
keystone/templates/bin-configmap.yaml
Normal file
11
keystone/templates/bin-configmap.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-bin
|
||||
data:
|
||||
db-sync.sh: |
|
||||
{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }}
|
||||
init.sh: |
|
||||
{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
|
||||
start.sh: |
|
||||
{{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}
|
21
keystone/templates/bin/_db-sync.sh.tpl
Normal file
21
keystone/templates/bin/_db-sync.sh.tpl
Normal file
@ -0,0 +1,21 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
# order of kolla_keystone_bootstrap urls
|
||||
# for those of looking for a little expanation
|
||||
# to a mysterious blackbox
|
||||
#
|
||||
# these will feed into the keystone endpoints
|
||||
# so it is important they are correct
|
||||
#
|
||||
# keystone_admin_url
|
||||
# keystone_internal_url
|
||||
# keystone_public_url
|
||||
|
||||
keystone-manage db_sync
|
||||
kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
|
||||
{{ .Values.keystone.admin_project_name }} admin \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.admin_region_name }}
|
6
keystone/templates/bin/_init.sh.tpl
Normal file
6
keystone/templates/bin/_init.sh.tpl
Normal file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
|
||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
|
12
keystone/templates/bin/_start.sh.tpl
Normal file
12
keystone/templates/bin/_start.sh.tpl
Normal file
@ -0,0 +1,12 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
# link our keystone wsgi to apaches running config
|
||||
ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf
|
||||
|
||||
# Loading Apache2 ENV variables
|
||||
source /etc/apache2/envvars
|
||||
rm -rf /var/run/apache2/*
|
||||
APACHE_DIR="apache2"
|
||||
|
||||
apache2 -DFOREGROUND
|
@ -1,27 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-dbsyncsh
|
||||
data:
|
||||
db-sync.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
# order of kolla_keystone_bootstrap urls
|
||||
# for those of looking for a little expanation
|
||||
# to a mysterious blackbox
|
||||
#
|
||||
# these will feed into the keystone endpoints
|
||||
# so it is important they are correct
|
||||
#
|
||||
# keystone_admin_url
|
||||
# keystone_internal_url
|
||||
# keystone_public_url
|
||||
|
||||
keystone-manage db_sync
|
||||
kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
|
||||
{{ .Values.keystone.admin_project_name }} admin \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
|
||||
{{ .Values.keystone.admin_region_name }}
|
@ -12,23 +12,23 @@ spec:
|
||||
pod.beta.kubernetes.io/init-containers: '[
|
||||
{
|
||||
"name": "init",
|
||||
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
|
||||
"image": "{{ .Values.images.entrypoint }}",
|
||||
"env": [
|
||||
{
|
||||
"name": "NAMESPACE",
|
||||
"value": "{{ .Release.Namespace }}"
|
||||
},
|
||||
{
|
||||
"name": "INTERFACE_NAME",
|
||||
"value": "eth0"
|
||||
},
|
||||
{
|
||||
"name": "DEPENDENCY_SERVICE",
|
||||
"value": "mariadb,rabbitmq"
|
||||
},
|
||||
{
|
||||
"name": "DEPENDENCY_JOBS",
|
||||
"value": "mariadb-seed"
|
||||
},
|
||||
{
|
||||
"name": "DEPENDENCY_CONFIG",
|
||||
"value": "/etc/apache2/conf-enabled/wsgi-keystone.conf"
|
||||
"value": "mariadb-seed,keystone-db-sync"
|
||||
},
|
||||
{
|
||||
"name": "COMMAND",
|
||||
@ -58,6 +58,7 @@ spec:
|
||||
subPath: keystone.conf
|
||||
- name: wsgikeystone
|
||||
mountPath: /configmaps/wsgi-keystone.conf
|
||||
subPath: wsgi_keystone.conf
|
||||
- name: mpmeventconf
|
||||
mountPath: /etc/apache2/mods-available/mpm_event.conf
|
||||
subPath: mpm_event.conf
|
||||
@ -67,17 +68,22 @@ spec:
|
||||
volumes:
|
||||
- name: keystoneconf
|
||||
configMap:
|
||||
name: keystone-keystoneconf
|
||||
name: keystone-etc
|
||||
items:
|
||||
- key: keystone.conf
|
||||
path: keystone.conf
|
||||
- name: wsgikeystone
|
||||
configMap:
|
||||
name: keystone-wsgikeystone
|
||||
name: keystone-etc
|
||||
items:
|
||||
- key: wsgi-keystone.conf
|
||||
path: wsgi_keystone.conf
|
||||
- name: mpmeventconf
|
||||
configMap:
|
||||
name: keystone-mpmeventconf
|
||||
# https://github.com/kubernetes/kubernetes/issues/23722
|
||||
name: keystone-etc
|
||||
items:
|
||||
- key: mpm-event.conf
|
||||
path: mpm_event.conf
|
||||
- name: startsh
|
||||
configMap:
|
||||
name: keystone-startsh
|
||||
name: keystone-bin
|
||||
|
11
keystone/templates/etc-configmap.yaml
Normal file
11
keystone/templates/etc-configmap.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-etc
|
||||
data:
|
||||
keystone.conf: |+
|
||||
{{ tuple "etc/_keystone.conf.tpl" . | include "template" | indent 4 }}
|
||||
mpm-event.conf: |+
|
||||
{{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }}
|
||||
wsgi-keystone.conf: |+
|
||||
{{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "template" | indent 4 }}
|
19
keystone/templates/etc/_keystone.conf.tpl
Normal file
19
keystone/templates/etc/_keystone.conf.tpl
Normal file
@ -0,0 +1,19 @@
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
workers = {{ .Values.misc.workers }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[memcache]
|
||||
servers = {{ include "memcached_host" . }}
|
||||
|
||||
[cache]
|
||||
backend = dogpile.cache.memcached
|
||||
memcache_servers = {{ include "memcached_host" . }}
|
||||
config_prefix = cache.keystone
|
||||
distributed_lock = True
|
||||
enabled = True
|
9
keystone/templates/etc/_mpm_event.conf.tpl
Normal file
9
keystone/templates/etc/_mpm_event.conf.tpl
Normal file
@ -0,0 +1,9 @@
|
||||
<IfModule mpm_event_module>
|
||||
ServerLimit 1024
|
||||
StartServers 32
|
||||
MinSpareThreads 32
|
||||
MaxSpareThreads 256
|
||||
ThreadsPerChild 25
|
||||
MaxRequestsPerChild 128
|
||||
ThreadLimit 720
|
||||
</IfModule>
|
28
keystone/templates/etc/_wsgi-keystone.conf.tpl
Normal file
28
keystone/templates/etc/_wsgi-keystone.conf.tpl
Normal file
@ -0,0 +1,28 @@
|
||||
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
|
||||
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
|
||||
|
||||
<VirtualHost *:{{ .Values.network.port.public }}>
|
||||
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-public
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:{{ .Values.network.port.admin }}>
|
||||
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-initsh
|
||||
data:
|
||||
init.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
|
||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
|
||||
|
@ -9,7 +9,7 @@ spec:
|
||||
pod.beta.kubernetes.io/init-containers: '[
|
||||
{
|
||||
"name": "init",
|
||||
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
|
||||
"image": "{{ .Values.images.entrypoint }}",
|
||||
"env": [
|
||||
{
|
||||
"name": "NAMESPACE",
|
||||
@ -43,13 +43,13 @@ spec:
|
||||
- name: keystoneconf
|
||||
mountPath: /etc/keystone/keystone.conf
|
||||
subPath: keystone.conf
|
||||
- name: dbsyncsh
|
||||
- name: keystone-bin
|
||||
mountPath: /tmp/db-sync.sh
|
||||
subPath: db-sync.sh
|
||||
volumes:
|
||||
- name: keystoneconf
|
||||
configMap:
|
||||
name: keystone-keystoneconf
|
||||
- name: dbsyncsh
|
||||
name: keystone-etc
|
||||
- name: keystone-bin
|
||||
configMap:
|
||||
name: keystone-dbsyncsh
|
||||
name: keystone-bin
|
@ -9,7 +9,7 @@ spec:
|
||||
pod.beta.kubernetes.io/init-containers: '[
|
||||
{
|
||||
"name": "init",
|
||||
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
|
||||
"image": "{{ .Values.images.entrypoint }}",
|
||||
"env": [
|
||||
{
|
||||
"name": "NAMESPACE",
|
||||
@ -36,11 +36,14 @@ spec:
|
||||
- name: keystone-init
|
||||
image: {{ .Values.images.init }}
|
||||
imagePullPolicy: Always
|
||||
command:
|
||||
- bash
|
||||
- /tmp/init.sh
|
||||
volumeMounts:
|
||||
- name: initsh
|
||||
- name: keystone-bin
|
||||
mountPath: /tmp/init.sh
|
||||
subPath: init.sh
|
||||
volumes:
|
||||
- name: initsh
|
||||
- name: keystone-bin
|
||||
configMap:
|
||||
name: keystone-initsh
|
||||
name: keystone-bin
|
@ -1,26 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-keystoneconf
|
||||
data:
|
||||
keystone.conf: |+
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
workers = {{ .Values.misc.workers }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[memcache]
|
||||
servers = {{ include "memcached_host" . }}
|
||||
|
||||
[cache]
|
||||
backend = dogpile.cache.memcached
|
||||
memcache_servers = {{ include "memcached_host" . }}
|
||||
config_prefix = cache.keystone
|
||||
distributed_lock = True
|
||||
enabled = True
|
||||
|
@ -1,15 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-mpmeventconf
|
||||
data:
|
||||
mpm-event.conf: |+
|
||||
<IfModule mpm_event_module>
|
||||
ServerLimit 1024
|
||||
StartServers 32
|
||||
MinSpareThreads 32
|
||||
MaxSpareThreads 256
|
||||
ThreadsPerChild 25
|
||||
MaxRequestsPerChild 128
|
||||
ThreadLimit 720
|
||||
</IfModule>
|
@ -1,15 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-startsh
|
||||
data:
|
||||
start.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
# Loading Apache2 ENV variables
|
||||
source /etc/apache2/envvars
|
||||
rm -rf /var/run/apache2/*
|
||||
APACHE_DIR="apache2"
|
||||
|
||||
apache2 -DFOREGROUND
|
@ -1,34 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-wsgikeystone
|
||||
data:
|
||||
wsgi-keystone.conf: |+
|
||||
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
|
||||
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
|
||||
|
||||
<VirtualHost *:{{ .Values.network.port.public }}>
|
||||
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-public
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:{{ .Values.network.port.admin }}>
|
||||
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
|
||||
WSGIProcessGroup keystone-admin
|
||||
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog "|$/bin/cat 1>&2"
|
||||
CustomLog "|/bin/cat" combined
|
||||
</VirtualHost>
|
@ -11,13 +11,14 @@ labels:
|
||||
|
||||
images:
|
||||
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
|
||||
api: quay.io/stackanetes/stackanetes-keystone-api:newton
|
||||
api: quay.io/stackanetes/stackanetes-keystone-api:newton
|
||||
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
|
||||
entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
|
||||
|
||||
keystone:
|
||||
version: v2.0
|
||||
scheme: http
|
||||
admin_region_name: RegionOne
|
||||
admin_region_name: RegionOne
|
||||
admin_user: admin
|
||||
admin_password: password
|
||||
admin_project_name: admin
|
||||
@ -26,7 +27,14 @@ network:
|
||||
port:
|
||||
admin: 35357
|
||||
public: 5000
|
||||
ip_address: "{{ .IP }}"
|
||||
# alanmeadows(TODO): I seem unable to use {{ .IP }} here
|
||||
# but it does work for wsrep.conf in mariadb, I have spent
|
||||
# time trying to figure this out am completely stumped
|
||||
#
|
||||
# helm --debug --dry-run shows me that the config map
|
||||
# contains {{ .IP }} but its simply translated by K8s
|
||||
# to ""
|
||||
ip_address: "0.0.0.0"
|
||||
|
||||
database:
|
||||
port: 3306
|
||||
|
Loading…
Reference in New Issue
Block a user