openstack/openstack-helm
Code Issues Proposed changes

Refactor keystone with new subdirectory template layout

Browse Source 
Also, fix some extraneous spacing with hosts in common
This commit is contained in:
Alan Meadows 2016-12-08 10:16:19 -08:00
parent d9942320b5
commit 221f14bc2e
19 changed files with 167 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
common/templates/_hosts.tpl
View File

@ -1,15 +1,15 @@
# fqdn
{{define "region"}}cluster{{end}}
{{define "tld"}}local{{end}}
{{- define "region"}}cluster{{- end}}
{{- define "tld"}}local{{- end}}
# infrastructure services
{{define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.kubernetes.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{- define "rabbitmq_host"}}rabbitmq.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
{{- define "memcached_host"}}memcached.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
{{- define "mariadb_host"}}mariadb.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
# keystone
{{define "keystone_db_host"}} {{ include "mariadb_host" . }}{{end}}
{{define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{end}}
{{- define "keystone_db_host"}}{{ include "mariadb_host" . }}{{end}}
{{- define "keystone_api_endpoint_host_admin"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
{{- define "keystone_api_endpoint_host_internal"}}keystone-api.{{.Release.Namespace}}.svc.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
{{- define "keystone_api_endpoint_host_public"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}
{{- define "keystone_api_endpoint_host_admin_ext"}}keystone-api.{{ include "region" . }}.{{ include "tld" . }}{{- end}}

11
keystone/templates/bin-configmap.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-bin
data:
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "template" | indent 4 }}
init.sh: |
{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
start.sh: |
{{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}

21
keystone/templates/bin/_db-sync.sh.tpl Normal file
View File

@ -0,0 +1,21 @@
#!/bin/bash
set -ex
# order of kolla_keystone_bootstrap urls
# for those of looking for a little expanation
# to a mysterious blackbox
#
# these will feed into the keystone endpoints
# so it is important they are correct
#
# keystone_admin_url
# keystone_internal_url
# keystone_public_url
keystone-manage db_sync
kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
{{ .Values.keystone.admin_project_name }} admin \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.admin_region_name }}

6
keystone/templates/bin/_init.sh.tpl Normal file
View File

@ -0,0 +1,6 @@
#!/bin/bash
set -ex
export HOME=/tmp
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"

12
keystone/templates/bin/_start.sh.tpl Normal file
View File

@ -0,0 +1,12 @@
#!/bin/bash
set -ex
# link our keystone wsgi to apaches running config
ln -s /configmaps/wsgi-keystone.conf /etc/apache2/sites-enabled/wsgi-keystone.conf
# Loading Apache2 ENV variables
source /etc/apache2/envvars
rm -rf /var/run/apache2/*
APACHE_DIR="apache2"
apache2 -DFOREGROUND

27
keystone/templates/db-sync.sh.yaml
View File

@ -1,27 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-dbsyncsh
data:
db-sync.sh: |+
#!/bin/bash
set -ex
# order of kolla_keystone_bootstrap urls
# for those of looking for a little expanation
# to a mysterious blackbox
#
# these will feed into the keystone endpoints
# so it is important they are correct
#
# keystone_admin_url
# keystone_internal_url
# keystone_public_url
keystone-manage db_sync
kolla_keystone_bootstrap {{ .Values.keystone.admin_user }} {{ .Values.keystone.admin_password }} \
{{ .Values.keystone.admin_project_name }} admin \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_admin" . }}:{{ .Values.network.port.admin }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_internal" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.scheme }}://{{ include "keystone_api_endpoint_host_public" . }}:{{ .Values.network.port.public }}/{{ .Values.keystone.version }} \
{{ .Values.keystone.admin_region_name }}

28
keystone/templates/deployment.yaml
View File

@ -12,23 +12,23 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
"image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
"value": "{{ .Release.Namespace }}"
},
{
"name": "INTERFACE_NAME",
"value": "eth0"
},
{
"name": "DEPENDENCY_SERVICE",
"value": "mariadb,rabbitmq"
},
{
"name": "DEPENDENCY_JOBS",
"value": "mariadb-seed"
},
{
"name": "DEPENDENCY_CONFIG",
"value": "/etc/apache2/conf-enabled/wsgi-keystone.conf"
"value": "mariadb-seed,keystone-db-sync"
},
{
"name": "COMMAND",
@ -58,6 +58,7 @@ spec:
subPath: keystone.conf
- name: wsgikeystone
mountPath: /configmaps/wsgi-keystone.conf
subPath: wsgi_keystone.conf
- name: mpmeventconf
mountPath: /etc/apache2/mods-available/mpm_event.conf
subPath: mpm_event.conf
@ -67,17 +68,22 @@ spec:
volumes:
- name: keystoneconf
configMap:
name: keystone-keystoneconf
name: keystone-etc
items:
- key: keystone.conf
path: keystone.conf
- name: wsgikeystone
configMap:
name: keystone-wsgikeystone
name: keystone-etc
items:
- key: wsgi-keystone.conf
path: wsgi_keystone.conf
- name: mpmeventconf
configMap:
name: keystone-mpmeventconf
# https://github.com/kubernetes/kubernetes/issues/23722
name: keystone-etc
items:
- key: mpm-event.conf
path: mpm_event.conf
- name: startsh
configMap:
name: keystone-startsh
name: keystone-bin

11
keystone/templates/etc-configmap.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-etc
data:
keystone.conf: |+
{{ tuple "etc/_keystone.conf.tpl" . | include "template" | indent 4 }}
mpm-event.conf: |+
{{ tuple "etc/_mpm_event.conf.tpl" . | include "template" | indent 4 }}
wsgi-keystone.conf: |+
{{ tuple "etc/_wsgi-keystone.conf.tpl" . | include "template" | indent 4 }}

19
keystone/templates/etc/_keystone.conf.tpl Normal file
View File

@ -0,0 +1,19 @@
[DEFAULT]
debug = {{ .Values.misc.debug }}
use_syslog = False
use_stderr = True
workers = {{ .Values.misc.workers }}
[database]
connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
max_retries = -1
[memcache]
servers = {{ include "memcached_host" . }}
[cache]
backend = dogpile.cache.memcached
memcache_servers = {{ include "memcached_host" . }}
config_prefix = cache.keystone
distributed_lock = True
enabled = True

9
keystone/templates/etc/_mpm_event.conf.tpl Normal file
View File

@ -0,0 +1,9 @@
<IfModule mpm_event_module>
ServerLimit 1024
StartServers 32
MinSpareThreads 32
MaxSpareThreads 256
ThreadsPerChild 25
MaxRequestsPerChild 128
ThreadLimit 720
</IfModule>

28
keystone/templates/etc/_wsgi-keystone.conf.tpl Normal file
View File

@ -0,0 +1,28 @@
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
<VirtualHost *:{{ .Values.network.port.public }}>
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>
<VirtualHost *:{{ .Values.network.port.admin }}>
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>

13
keystone/templates/init.sh.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-initsh
data:
init.sh: |+
#!/bin/bash
set -ex
export HOME=/tmp
ansible localhost -vvv -m mysql_db -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ include "keystone_db_host" . }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.keystone_user }}' password='{{ .Values.database.keystone_password }}' host='%' priv='{{ .Values.database.keystone_database_name }}.*:ALL' append_privs='yes'"

10
keystone/templates/db-sync.yaml → keystone/templates/job-db-sync.yaml
View File

@ -9,7 +9,7 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
"image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
@ -43,13 +43,13 @@ spec:
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
- name: dbsyncsh
- name: keystone-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
volumes:
- name: keystoneconf
configMap:
name: keystone-keystoneconf
- name: dbsyncsh
name: keystone-etc
- name: keystone-bin
configMap:
name: keystone-dbsyncsh
name: keystone-bin

11
keystone/templates/init.yaml → keystone/templates/job-init.yaml
View File

@ -9,7 +9,7 @@ spec:
pod.beta.kubernetes.io/init-containers: '[
{
"name": "init",
"image": "quay.io/stackanetes/kubernetes-entrypoint:v0.1.0",
"image": "{{ .Values.images.entrypoint }}",
"env": [
{
"name": "NAMESPACE",
@ -36,11 +36,14 @@ spec:
- name: keystone-init
image: {{ .Values.images.init }}
imagePullPolicy: Always
command:
- bash
- /tmp/init.sh
volumeMounts:
- name: initsh
- name: keystone-bin
mountPath: /tmp/init.sh
subPath: init.sh
volumes:
- name: initsh
- name: keystone-bin
configMap:
name: keystone-initsh
name: keystone-bin

26
keystone/templates/keystone.conf.yaml
View File

@ -1,26 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-keystoneconf
data:
keystone.conf: |+
[DEFAULT]
debug = {{ .Values.misc.debug }}
use_syslog = False
use_stderr = True
workers = {{ .Values.misc.workers }}
[database]
connection = mysql+pymysql://{{ .Values.database.keystone_user }}:{{ .Values.database.keystone_password }}@{{ include "keystone_db_host" . }}/{{ .Values.database.keystone_database_name }}
max_retries = -1
[memcache]
servers = {{ include "memcached_host" . }}
[cache]
backend = dogpile.cache.memcached
memcache_servers = {{ include "memcached_host" . }}
config_prefix = cache.keystone
distributed_lock = True
enabled = True

15
keystone/templates/mpm_event.conf.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-mpmeventconf
data:
mpm-event.conf: |+
<IfModule mpm_event_module>
ServerLimit 1024
StartServers 32
MinSpareThreads 32
MaxSpareThreads 256
ThreadsPerChild 25
MaxRequestsPerChild 128
ThreadLimit 720
</IfModule>

15
keystone/templates/start.sh.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-startsh
data:
start.sh: |+
#!/bin/bash
set -ex
# Loading Apache2 ENV variables
source /etc/apache2/envvars
rm -rf /var/run/apache2/*
APACHE_DIR="apache2"
apache2 -DFOREGROUND

34
keystone/templates/wsgi-keystone.conf.yaml
View File

@ -1,34 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-wsgikeystone
data:
wsgi-keystone.conf: |+
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.public }}
Listen {{ .Values.network.ip_address }}:{{ .Values.network.port.admin }}
<VirtualHost *:{{ .Values.network.port.public }}>
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>
<VirtualHost *:{{ .Values.network.port.admin }}>
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>

10
keystone/values.yaml
View File

@ -13,6 +13,7 @@ images:
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
api: quay.io/stackanetes/stackanetes-keystone-api:newton
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
keystone:
version: v2.0
@ -26,7 +27,14 @@ network:
port:
admin: 35357
public: 5000
ip_address: "{{ .IP }}"
# alanmeadows(TODO): I seem unable to use {{ .IP }} here
# but it does work for wsrep.conf in mariadb, I have spent
# time trying to figure this out am completely stumped
#
# helm --debug --dry-run shows me that the config map
# contains {{ .IP }} but its simply translated by K8s
# to ""
ip_address: "0.0.0.0"
database:
port: 3306