Refactor keystone with new subdirectory template layout

Also, fix some extraneous spacing with hosts in common
2016-12-08 10:16:19 -08:00 · 2016-12-08 10:16:19 -08:00 · 221f14bc2e
commit 221f14bc2e
parent d9942320b5
19 changed files with 167 additions and 163 deletions
--- a/common/templates/_hosts.tpl
+++ b/common/templates/_hosts.tpl
@ -1,15 +1,15 @@
 # fqdn
-{{define "region"}}cluster{{end}}
+{{- define "region"}}cluster{{- end}}
-{{define "tld"}}local{{end}}
+{{- define "tld"}}local{{- end}}
 # infrastructure services
-{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
-{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
-{{define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.kubernetes.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
 # keystone
-{{define "keystone_db_host"}} {{ include "mariadb_host" . }}{{end}}
+{{- define "keystone_db_host"}}{{ include "mariadb_host" . }}{{end}}
-{{define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
-{{define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
-{{define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
-{{define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
+{{- define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
--- a/keystone/templates/bin-configmap.yaml
+++ b/keystone/templates/bin-configmap.yaml
@ -0,0 +1,11 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-bin
 data:
  db-sync.sh: |
 {{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }}
  init.sh: |
 {{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
  start.sh: |
 {{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}
--- a/keystone/templates/bin/_db-sync.sh.tpl
+++ b/keystone/templates/bin/_db-sync.sh.tpl
@ -0,0 +1,21 @@
 #!/bin/bash
 set -ex
 # order of kolla_keystone_bootstrap urls
 # for those of looking for a little expanation
 # to a mysterious blackbox
 # 
 # these will feed into the keystone endpoints
 # so it is important they are correct
 #
 # keystone_admin_url
 # keystone_internal_url 
 # keystone_public_url 
 keystone-manage db_sync
 kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
  {{ .Values.keystone.admin_project_name }} admin \
  {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
  {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
  {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
  {{ .Values.keystone.admin_region_name }}
--- a/keystone/templates/bin/_init.sh.tpl
+++ b/keystone/templates/bin/_init.sh.tpl
@ -0,0 +1,6 @@
 #!/bin/bash
 set -ex
 export HOME=/tmp
 ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
 ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
--- a/keystone/templates/bin/_start.sh.tpl
+++ b/keystone/templates/bin/_start.sh.tpl
@ -0,0 +1,12 @@
 #!/bin/bash
 set -ex
 # link our keystone wsgi to apaches running config
 ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf
 # Loading Apache2 ENV variables
 source /etc/apache2/envvars
 rm -rf /var/run/apache2/*
 APACHE_DIR="apache2"
 apache2 -DFOREGROUND
--- a/keystone/templates/db-sync.sh.yaml
+++ b/keystone/templates/db-sync.sh.yaml
@ -1,27 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-dbsyncsh
 data:
  db-sync.sh: |+
    #!/bin/bash
    set -ex
    # order of kolla_keystone_bootstrap urls
    # for those of looking for a little expanation
    # to a mysterious blackbox
    # 
    # these will feed into the keystone endpoints
    # so it is important they are correct
    #
    # keystone_admin_url
    # keystone_internal_url 
    # keystone_public_url 
    keystone-manage db_sync
    kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
      {{ .Values.keystone.admin_project_name }} admin \
      {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
      {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
      {{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
      {{ .Values.keystone.admin_region_name }}
--- a/keystone/templates/deployment.yaml
+++ b/keystone/templates/deployment.yaml
@ -12,23 +12,23 @@ spec:
        pod.beta.kubernetes.io/init-containers: '[
          {
            "name": "init",
-            "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+            "image": "{{ .Values.images.entrypoint }}",
            "env": [
              {
                "name": "NAMESPACE",
                "value": "{{ .Release.Namespace }}"
              },
              {
                "name": "INTERFACE_NAME",
                "value": "eth0"
              },
              {
                "name": "DEPENDENCY_SERVICE",
                "value": "mariadb,rabbitmq"
              },
              {
                "name": "DEPENDENCY_JOBS",
-                "value": "mariadb-seed"
+                "value": "mariadb-seed,keystone-db-sync"
              },
              {
                "name": "DEPENDENCY_CONFIG",
                "value": "/etc/apache2/conf-enabled/wsgi-keystone.conf"
              },
              {
                "name": "COMMAND",
@ -58,6 +58,7 @@ spec:
              subPath: keystone.conf
            - name: wsgikeystone
              mountPath: /configmaps/wsgi-keystone.conf
              subPath: wsgi_keystone.conf
            - name: mpmeventconf
              mountPath: /etc/apache2/mods-available/mpm_event.conf
              subPath: mpm_event.conf
@ -67,17 +68,22 @@ spec:
      volumes:
        - name: keystoneconf
          configMap:
-            name: keystone-keystoneconf
+            name: keystone-etc
            items:
            - key: keystone.conf
              path: keystone.conf
        - name: wsgikeystone
          configMap:
-            name: keystone-wsgikeystone
+            name: keystone-etc
            items:
            - key: wsgi-keystone.conf
              path: wsgi_keystone.conf
        - name: mpmeventconf
          configMap:
-            name: keystone-mpmeventconf
+            name: keystone-etc
            # https://github.com/kubernetes/kubernetes/issues/23722
            items:
            - key: mpm-event.conf
              path: mpm_event.conf
        - name: startsh
          configMap:
-            name: keystone-startsh
+            name: keystone-bin
--- a/keystone/templates/etc-configmap.yaml
+++ b/keystone/templates/etc-configmap.yaml
@ -0,0 +1,11 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-etc
 data:
  keystone.conf: |+
 {{ tuple "etc/_keystone.conf.tpl" . | include "template" | indent 4 }}
  mpm-event.conf: |+
 {{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }}  
  wsgi-keystone.conf: |+
 {{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "template" | indent 4 }}
--- a/keystone/templates/etc/_keystone.conf.tpl
+++ b/keystone/templates/etc/_keystone.conf.tpl
@ -0,0 +1,19 @@
 [DEFAULT]
 debug = {{ .Values.misc.debug }}
 use_syslog = False
 use_stderr = True
 workers = {{ .Values.misc.workers }}
 [database]
 connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
 max_retries = -1
 [memcache]
 servers = {{ include "memcached_host" . }}
 [cache]
 backend = dogpile.cache.memcached
 memcache_servers = {{ include "memcached_host" . }}
 config_prefix = cache.keystone
 distributed_lock = True
 enabled = True
--- a/keystone/templates/etc/_mpm_event.conf.tpl
+++ b/keystone/templates/etc/_mpm_event.conf.tpl
@ -0,0 +1,9 @@
 <IfModule mpm_event_module>
  ServerLimit         1024
  StartServers        32
  MinSpareThreads     32
  MaxSpareThreads     256
  ThreadsPerChild     25
  MaxRequestsPerChild 128
  ThreadLimit         720
 </IfModule>
--- a/keystone/templates/etc/_wsgi-keystone.conf.tpl
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@ -0,0 +1,28 @@
 Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
 Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
 <VirtualHost *:{{ .Values.network.port.public }}>
    WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-public
    WSGIScriptAlias / /var/www/cgi-bin/keystone/main
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog "|$/bin/cat 1>&2"
    CustomLog "|/bin/cat" combined
 </VirtualHost>
 <VirtualHost *:{{ .Values.network.port.admin }}>
    WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
    WSGIProcessGroup keystone-admin
    WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
    WSGIApplicationGroup %{GLOBAL}
    WSGIPassAuthorization On
    <IfVersion >= 2.4>
      ErrorLogFormat "%{cu}t %M"
    </IfVersion>
    ErrorLog "|$/bin/cat 1>&2"
    CustomLog "|/bin/cat" combined
 </VirtualHost>
--- a/keystone/templates/init.sh.yaml
+++ b/keystone/templates/init.sh.yaml
@ -1,13 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-initsh
 data:
  init.sh: |+
    #!/bin/bash
    set -ex
    export HOME=/tmp
    ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
    ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"
--- a/keystone/templates/job-db-sync.yaml
+++ b/keystone/templates/job-db-sync.yaml
@ -9,7 +9,7 @@ spec:
        pod.beta.kubernetes.io/init-containers: '[
          {
            "name": "init",
-            "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+            "image": "{{ .Values.images.entrypoint }}",
            "env": [
              {
                "name": "NAMESPACE",
@ -43,13 +43,13 @@ spec:
            - name: keystoneconf
              mountPath: /etc/keystone/keystone.conf
              subPath: keystone.conf
-            - name: dbsyncsh
+            - name: keystone-bin
              mountPath: /tmp/db-sync.sh
              subPath: db-sync.sh
      volumes:
        - name: keystoneconf
          configMap:
-            name: keystone-keystoneconf
+            name: keystone-etc
-        - name: dbsyncsh
+        - name: keystone-bin
          configMap:
-            name: keystone-dbsyncsh
+            name: keystone-bin
--- a/keystone/templates/job-init.yaml
+++ b/keystone/templates/job-init.yaml
@ -9,7 +9,7 @@ spec:
        pod.beta.kubernetes.io/init-containers: '[
          {
            "name": "init",
-            "image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
+            "image": "{{ .Values.images.entrypoint }}",
            "env": [
              {
                "name": "NAMESPACE",
@ -36,11 +36,14 @@ spec:
        - name: keystone-init
          image: {{ .Values.images.init }}
          imagePullPolicy: Always
          command:
            - bash 
            - /tmp/init.sh
          volumeMounts:
-            - name: initsh
+            - name: keystone-bin
              mountPath: /tmp/init.sh
              subPath: init.sh
      volumes:
-        - name: initsh
+        - name: keystone-bin
          configMap:
-            name: keystone-initsh
+            name: keystone-bin
--- a/keystone/templates/keystone.conf.yaml
+++ b/keystone/templates/keystone.conf.yaml
@ -1,26 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-keystoneconf
 data:
  keystone.conf: |+
    [DEFAULT]
    debug = {{ .Values.misc.debug }}
    use_syslog = False
    use_stderr = True
    workers = {{ .Values.misc.workers }}
    [database]
    connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
    max_retries = -1
    [memcache]
    servers = {{ include "memcached_host" . }}
    [cache]
    backend = dogpile.cache.memcached
    memcache_servers = {{ include "memcached_host" . }}
    config_prefix = cache.keystone
    distributed_lock = True
    enabled = True
--- a/keystone/templates/mpm_event.conf.yaml
+++ b/keystone/templates/mpm_event.conf.yaml
@ -1,15 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata: 
  name: keystone-mpmeventconf
 data:
  mpm-event.conf: |+
    <IfModule mpm_event_module>
      ServerLimit         1024
      StartServers        32
      MinSpareThreads     32
      MaxSpareThreads     256
      ThreadsPerChild     25
      MaxRequestsPerChild 128
      ThreadLimit         720
    </IfModule>
--- a/keystone/templates/start.sh.yaml
+++ b/keystone/templates/start.sh.yaml
@ -1,15 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-startsh
 data:
  start.sh: |+
    #!/bin/bash
    set -ex
    # Loading Apache2 ENV variables
    source /etc/apache2/envvars
    rm -rf /var/run/apache2/*
    APACHE_DIR="apache2"
    apache2 -DFOREGROUND
--- a/keystone/templates/wsgi-keystone.conf.yaml
+++ b/keystone/templates/wsgi-keystone.conf.yaml
@ -1,34 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: keystone-wsgikeystone
 data:
  wsgi-keystone.conf: |+
    Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
    Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
    <VirtualHost *:{{ .Values.network.port.public }}>
        WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-public
        WSGIScriptAlias / /var/www/cgi-bin/keystone/main
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        <IfVersion >= 2.4>
          ErrorLogFormat "%{cu}t %M"
        </IfVersion>
        ErrorLog "|$/bin/cat 1>&2"
        CustomLog "|/bin/cat" combined
    </VirtualHost>
    <VirtualHost *:{{ .Values.network.port.admin }}>
        WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
        WSGIProcessGroup keystone-admin
        WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
        WSGIApplicationGroup %{GLOBAL}
        WSGIPassAuthorization On
        <IfVersion >= 2.4>
          ErrorLogFormat "%{cu}t %M"
        </IfVersion>
        ErrorLog "|$/bin/cat 1>&2"
        CustomLog "|/bin/cat" combined
    </VirtualHost>
--- a/keystone/values.yaml
+++ b/keystone/values.yaml
@ -13,6 +13,7 @@ images:
  db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
  api: quay.io/stackanetes/stackanetes-keystone-api:newton
  init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
  entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
 keystone:
  version: v2.0
@ -26,7 +27,14 @@ network:
  port:
    admin: 35357
    public: 5000
-  ip_address: "{{ .IP }}"
+  # alanmeadows(TODO): I seem unable to use {{ .IP }} here
  # but it does work for wsrep.conf in mariadb, I have spent
  # time trying to figure this out am completely stumped
  # 
  # helm --debug --dry-run shows me that the config map
  # contains {{ .IP }} but its simply translated by K8s
  # to ""
  ip_address: "0.0.0.0"    
 database:
  port: 3306