add compute-kit to openstack umbrella chart
ADD: include new charts to the umbrella chart for comprehensive deployment of openstack-helm. * openvswitch * libvirt * neutron * nova * placement Change-Id: I78d1c7c629024c3f9530239dff9f8eb9da598764
This commit is contained in:
parent
8d5ddc9035
commit
2e5b7f9cb7
@ -14,7 +14,7 @@ apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Neutron
|
||||
name: neutron
|
||||
version: 0.2.17
|
||||
version: 0.2.18
|
||||
home: https://docs.openstack.org/neutron/latest/
|
||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Neutron/OpenStack_Project_Neutron_vertical.png
|
||||
sources:
|
||||
|
@ -12,6 +12,12 @@ See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if (.Values.global).subchart_release_name }}
|
||||
{{- $_ := set . "deployment_name" .Chart.Name }}
|
||||
{{- else }}
|
||||
{{- $_ := set . "deployment_name" .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "neutron.configmap.etc" }}
|
||||
{{- $configMapName := index . 0 }}
|
||||
{{- $envAll := index . 1 }}
|
||||
@ -161,7 +167,7 @@ just set it along with nova_metadata_host.
|
||||
{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
|
||||
{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
|
||||
{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .Release.Name $fluentd_host $fluentd_port }}
|
||||
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .deployment_name $fluentd_host $fluentd_port }}
|
||||
{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
|
||||
{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
|
||||
{{- end -}}
|
||||
|
@ -12,19 +12,25 @@ See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if (.Values.global).subchart_release_name }}
|
||||
{{- $_ := set . "deployment_name" .Chart.Name }}
|
||||
{{- else }}
|
||||
{{- $_ := set . "deployment_name" .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.manifests.pod_rally_test }}
|
||||
{{- $envAll := . }}
|
||||
|
||||
{{- $mounts_tests := .Values.pod.mounts.neutron_tests.neutron_tests }}
|
||||
{{- $mounts_tests_init := .Values.pod.mounts.neutron_tests.init_container }}
|
||||
|
||||
{{- $serviceAccountName := print $envAll.Release.Name "-test" }}
|
||||
{{- $serviceAccountName := print .deployment_name "-test" }}
|
||||
{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: {{ print $envAll.Release.Name "-test" }}
|
||||
name: {{ print .deployment_name "-test" }}
|
||||
annotations:
|
||||
"helm.sh/hook": test-success
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||
@ -66,7 +72,7 @@ spec:
|
||||
- name: SERVICE_OS_ROLE
|
||||
value: {{ .Values.endpoints.identity.auth.test.role | quote }}
|
||||
{{ if $envAll.Values.conf.rally_tests.force_project_purge }}
|
||||
- name: {{ .Release.Name }}-reset
|
||||
- name: {{ .deployment_name }}-reset
|
||||
{{ tuple $envAll "purge_test" | include "helm-toolkit.snippets.image" | indent 6 }}
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" .Values.manifests.certificates }}
|
||||
|
@ -14,7 +14,7 @@ apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm Nova
|
||||
name: nova
|
||||
version: 0.2.39
|
||||
version: 0.2.40
|
||||
home: https://docs.openstack.org/nova/latest/
|
||||
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Nova/OpenStack_Project_Nova_vertical.png
|
||||
sources:
|
||||
|
@ -11,6 +11,11 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
{{- if (.Values.global).subchart_release_name }}
|
||||
{{- $_ := set . "deployment_name" .Chart.Name }}
|
||||
{{- else }}
|
||||
{{- $_ := set . "deployment_name" .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{- define "nova.configmap.etc" }}
|
||||
{{- $configMapName := index . 0 }}
|
||||
@ -242,7 +247,7 @@ limitations under the License.
|
||||
{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
|
||||
{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
|
||||
{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .Release.Name $fluentd_host $fluentd_port }}
|
||||
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .deployment_name $fluentd_host $fluentd_port }}
|
||||
{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
|
||||
{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
|
||||
{{- end -}}
|
||||
|
@ -12,19 +12,25 @@ See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if (.Values.global).subchart_release_name }}
|
||||
{{- $_ := set . "deployment_name" .Chart.Name }}
|
||||
{{- else }}
|
||||
{{- $_ := set . "deployment_name" .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.manifests.pod_rally_test }}
|
||||
{{- $envAll := . }}
|
||||
|
||||
{{- $mounts_tests := .Values.pod.mounts.nova_tests.nova_tests }}
|
||||
{{- $mounts_tests_init := .Values.pod.mounts.nova_tests.init_container }}
|
||||
|
||||
{{- $serviceAccountName := print $envAll.Release.Name "-test" }}
|
||||
{{- $serviceAccountName := print $envAll.deployment_name "-test" }}
|
||||
{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Pod
|
||||
metadata:
|
||||
name: {{ print $envAll.Release.Name "-test" }}
|
||||
name: {{ print $envAll.deployment_name "-test" }}
|
||||
labels:
|
||||
{{ tuple $envAll "nova" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
annotations:
|
||||
@ -77,7 +83,7 @@ spec:
|
||||
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
|
||||
{{- end }}
|
||||
- name: RALLY_ENV_NAME
|
||||
value: {{.Release.Name}}
|
||||
value: {{.deployment_name}}
|
||||
command:
|
||||
- /tmp/rally-test.sh
|
||||
volumeMounts:
|
||||
|
@ -4,28 +4,55 @@ dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: file://../../openstack-helm-infra/helm-toolkit
|
||||
version: ">0.1.0"
|
||||
condition: helm-toolkit.enabled
|
||||
- name: mariadb
|
||||
repository: file://../../openstack-helm-infra/mariadb
|
||||
version: ">0.1.0"
|
||||
condition: mariadb.enabled
|
||||
- name: rabbitmq
|
||||
repository: file://../../openstack-helm-infra/rabbitmq
|
||||
version: ">0.1.0"
|
||||
condition: rabbitmq.enabled
|
||||
- name: memcached
|
||||
repository: file://../../openstack-helm-infra/memcached
|
||||
version: ">0.1.0"
|
||||
condition: memcached.enabled
|
||||
- name: keystone
|
||||
repository: file://../keystone
|
||||
version: ">0.1.0"
|
||||
condition: keystone.enabled
|
||||
- name: heat
|
||||
repository: file://../heat
|
||||
version: ">0.1.0"
|
||||
condition: heat.enabled
|
||||
- name: glance
|
||||
repository: file://../glance
|
||||
version: ">0.1.0"
|
||||
condition: glance.enabled
|
||||
- name: openvswitch
|
||||
repository: file://../../openstack-helm-infra/openvswitch
|
||||
version: ">0.1.0"
|
||||
condition: openvswitch.enabled
|
||||
- name: libvirt
|
||||
repository: file://../../openstack-helm-infra/libvirt
|
||||
version: ">0.1.0"
|
||||
condition: libvirt.enabled
|
||||
- name: nova
|
||||
repository: file://../nova
|
||||
version: ">0.1.0"
|
||||
condition: nova.enabled
|
||||
- name: placement
|
||||
repository: file://../placement
|
||||
version: ">0.1.0"
|
||||
condition: placement.enabled
|
||||
- name: neutron
|
||||
repository: file://../neutron
|
||||
version: ">0.1.0"
|
||||
condition: neutron.enabled
|
||||
|
||||
description: A chart for openstack helm commmon deployment items
|
||||
name: openstack
|
||||
type: application
|
||||
version: 0.1.0
|
||||
version: 0.1.1
|
||||
maintainers:
|
||||
- name: OpenStack-Helm Authors
|
||||
|
1
openstack/charts/libvirt
Symbolic link
1
openstack/charts/libvirt
Symbolic link
@ -0,0 +1 @@
|
||||
../../../openstack-helm-infra/libvirt/
|
1
openstack/charts/neutron
Symbolic link
1
openstack/charts/neutron
Symbolic link
@ -0,0 +1 @@
|
||||
../../neutron/
|
1
openstack/charts/nova
Symbolic link
1
openstack/charts/nova
Symbolic link
@ -0,0 +1 @@
|
||||
../../nova/
|
1
openstack/charts/openvswitch
Symbolic link
1
openstack/charts/openvswitch
Symbolic link
@ -0,0 +1 @@
|
||||
../../../openstack-helm-infra/openvswitch/
|
1
openstack/charts/placement
Symbolic link
1
openstack/charts/placement
Symbolic link
@ -0,0 +1 @@
|
||||
../../placement/
|
@ -1,7 +1,12 @@
|
||||
---
|
||||
# default values for openstack umbrella chart
|
||||
# Global overrides for subcharts
|
||||
|
||||
# note(v-dspecker): helm3_hook must be disabled
|
||||
# There is a cyclic dependency otherwise. For example, libvirt-default ->
|
||||
# nuetron-ovs-agent-default -> neutron-server -> neutron-ks-user.
|
||||
# Since libvirt-default is deployed during install phase, neutron-ks-user must also
|
||||
# be installed during install phase instead of post-install phase.
|
||||
|
||||
global:
|
||||
subchart_release_name: true
|
||||
|
||||
@ -9,6 +14,7 @@ helm-toolkit:
|
||||
enabled: true
|
||||
|
||||
rabbitmq:
|
||||
release_group: rabbitmq
|
||||
enabled: true
|
||||
volume:
|
||||
enabled: false
|
||||
@ -17,6 +23,7 @@ rabbitmq:
|
||||
server: 1
|
||||
|
||||
mariadb:
|
||||
release_group: mariadb
|
||||
enabled: true
|
||||
pod:
|
||||
replicas:
|
||||
@ -27,16 +34,46 @@ mariadb:
|
||||
enabled: true
|
||||
|
||||
memcached:
|
||||
release_group: memcached
|
||||
enabled: true
|
||||
|
||||
keystone:
|
||||
release_group: keystone
|
||||
enabled: true
|
||||
|
||||
heat:
|
||||
release_group: heat
|
||||
enabled: true
|
||||
helm3_hook: false
|
||||
|
||||
glance:
|
||||
release_group: glance
|
||||
enabled: true
|
||||
storage: pvc
|
||||
volume:
|
||||
class_name: standard
|
||||
helm3_hook: false
|
||||
|
||||
openvswitch:
|
||||
release_group: openvswitch
|
||||
enabled: true
|
||||
|
||||
libvirt:
|
||||
release_group: libvirt
|
||||
enabled: true
|
||||
|
||||
nova:
|
||||
release_group: nova
|
||||
enabled: true
|
||||
helm3_hook: false
|
||||
|
||||
placement:
|
||||
release_group: placement
|
||||
enabled: true
|
||||
helm3_hook: false
|
||||
|
||||
neutron:
|
||||
release_group: neutron
|
||||
enabled: true
|
||||
helm3_hook: false
|
||||
conf:
|
||||
auto_bridge_add:
|
||||
# no idea why, but something with sub-charts and null values get ommitted entirely from sub chart
|
||||
br-ex: "null"
|
||||
|
8
openstack/values_overrides/libvirt/apparmor.yaml
Normal file
8
openstack/values_overrides/libvirt/apparmor.yaml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
libvirt:
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
libvirt-libvirt-default:
|
||||
libvirt: runtime/default
|
||||
...
|
@ -0,0 +1,17 @@
|
||||
# Note: This yaml file serves as an example for overriding the manifest
|
||||
# to enable additional externally managed Ceph Cinder backend. When additional
|
||||
# externally managed Ceph Cinder backend is provisioned as shown in
|
||||
# cinder/values_overrides/external-ceph-backend.yaml of repo openstack-helm,
|
||||
# below override is needed to store the secret key of the cinder user in
|
||||
# libvirt.
|
||||
---
|
||||
libvirt:
|
||||
conf:
|
||||
ceph:
|
||||
cinder:
|
||||
external_ceph:
|
||||
enabled: true
|
||||
user: cinder2
|
||||
secret_uuid: 3f0133e4-8384-4743-9473-fecacc095c74
|
||||
user_secret_name: cinder-volume-external-rbd-keyring
|
||||
...
|
5
openstack/values_overrides/libvirt/netpol.yaml
Normal file
5
openstack/values_overrides/libvirt/netpol.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
libvirt:
|
||||
manifests:
|
||||
network_policy: true
|
||||
...
|
8
openstack/values_overrides/libvirt/ssl.yaml
Normal file
8
openstack/values_overrides/libvirt/ssl.yaml
Normal file
@ -0,0 +1,8 @@
|
||||
---
|
||||
libvirt:
|
||||
conf:
|
||||
libvirt:
|
||||
listen_tcp: "0"
|
||||
listen_tls: "1"
|
||||
listen_addr: 0.0.0.0
|
||||
...
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
libvirt:
|
||||
images:
|
||||
tags:
|
||||
libvirt: docker.io/openstackhelm/libvirt:latest-ubuntu_focal
|
||||
...
|
@ -0,0 +1,6 @@
|
||||
---
|
||||
libvirt:
|
||||
images:
|
||||
tags:
|
||||
libvirt: docker.io/openstackhelm/libvirt:latest-ubuntu_focal
|
||||
...
|
42
openstack/values_overrides/neutron/apparmor.yaml
Normal file
42
openstack/values_overrides/neutron/apparmor.yaml
Normal file
@ -0,0 +1,42 @@
|
||||
---
|
||||
neutron:
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
neutron-dhcp-agent-default:
|
||||
neutron-dhcp-agent: runtime/default
|
||||
neutron-dhcp-agent-init: runtime/default
|
||||
init: runtime/default
|
||||
neutron-l3-agent-default:
|
||||
neutron-l3-agent: runtime/default
|
||||
neutron-l3-agent-init: runtime/default
|
||||
init: runtime/default
|
||||
neutron-lb-agent-default:
|
||||
neutron-lb-agent-default: runtime/default
|
||||
neutron-metadata-agent-default:
|
||||
neutron-metadata-agent: runtime/default
|
||||
neutron-metadata-agent-init: runtime/default
|
||||
init: runtime/default
|
||||
neutron-ovs-agent-default:
|
||||
neutron-ovs-agent: runtime/default
|
||||
neutron-openvswitch-agent-kernel-modules: runtime/default
|
||||
neutron-ovs-agent-init: runtime/default
|
||||
init: runtime/default
|
||||
neutron-sriov-agent-default:
|
||||
neutron-sriov-agent: runtime/default
|
||||
neutron-sriov-agent-init: runtime/default
|
||||
init: runtime/default
|
||||
neutron-netns-cleanup-cron-default:
|
||||
neutron-netns-cleanup-cron: runtime/default
|
||||
init: runtime/default
|
||||
neutron-server:
|
||||
neutron-server: runtime/default
|
||||
init: runtime/default
|
||||
nginx: runtime/default
|
||||
neutron-test:
|
||||
init: runtime/default
|
||||
neutron-test: runtime/default
|
||||
neutron-test-ks-user: runtime/default
|
||||
manifests:
|
||||
certificates: true
|
||||
...
|
33
openstack/values_overrides/neutron/dpdk-bond.yaml
Normal file
33
openstack/values_overrides/neutron/dpdk-bond.yaml
Normal file
@ -0,0 +1,33 @@
|
||||
---
|
||||
neutron:
|
||||
network:
|
||||
interface:
|
||||
tunnel: br-phy-bond0
|
||||
conf:
|
||||
plugins:
|
||||
openvswitch_agent:
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex
|
||||
datapath_type: netdev
|
||||
vhostuser_socket_dir: /var/run/openvswitch/vhostuser
|
||||
ovs_dpdk:
|
||||
enabled: true
|
||||
driver: uio_pci_generic
|
||||
nics: []
|
||||
bonds:
|
||||
# CHANGE-ME: modify below parameters according to your hardware
|
||||
- name: dpdkbond0
|
||||
bridge: br-phy-bond0
|
||||
# The IP from the first nic in nics list shall be used
|
||||
migrate_ip: true
|
||||
ovs_options: "bond_mode=active-backup"
|
||||
nics:
|
||||
- name: dpdk_b0s0
|
||||
pci_id: '0000:00:05.0'
|
||||
- name: dpdk_b0s1
|
||||
pci_id: '0000:00:06.0'
|
||||
bridges:
|
||||
- name: br-phy-bond0
|
||||
...
|
27
openstack/values_overrides/neutron/dpdk.yaml
Normal file
27
openstack/values_overrides/neutron/dpdk.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
neutron:
|
||||
network:
|
||||
interface:
|
||||
tunnel: br-phy
|
||||
conf:
|
||||
plugins:
|
||||
openvswitch_agent:
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex
|
||||
datapath_type: netdev
|
||||
vhostuser_socket_dir: /var/run/openvswitch/vhostuser
|
||||
ovs_dpdk:
|
||||
enabled: true
|
||||
driver: uio_pci_generic
|
||||
nics:
|
||||
# CHANGE-ME: modify pci_id according to your hardware
|
||||
- name: dpdk0
|
||||
pci_id: '0000:05:00.0'
|
||||
bridge: br-phy
|
||||
migrate_ip: true
|
||||
bridges:
|
||||
- name: br-phy
|
||||
bonds: []
|
||||
...
|
25
openstack/values_overrides/neutron/gate.yaml
Normal file
25
openstack/values_overrides/neutron/gate.yaml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
neutron:
|
||||
network:
|
||||
interface:
|
||||
tunnel: docker0
|
||||
conf:
|
||||
neutron:
|
||||
DEFAULT:
|
||||
l3_ha: False
|
||||
max_l3_agents_per_router: 1
|
||||
l3_ha_network_type: vxlan
|
||||
dhcp_agents_per_network: 1
|
||||
plugins:
|
||||
ml2_conf:
|
||||
ml2_type_flat:
|
||||
flat_networks: public
|
||||
openvswitch_agent:
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex
|
||||
linuxbridge_agent:
|
||||
linux_bridge:
|
||||
bridge_mappings: public:br-ex
|
||||
...
|
14
openstack/values_overrides/neutron/netpol.yaml
Normal file
14
openstack/values_overrides/neutron/netpol.yaml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
neutron:
|
||||
manifests:
|
||||
network_policy: true
|
||||
network_policy:
|
||||
neutron:
|
||||
egress:
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: %%%REPLACE_API_ADDR%%%/32
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: %%%REPLACE_API_PORT%%%
|
||||
...
|
@ -0,0 +1,97 @@
|
||||
---
|
||||
neutron:
|
||||
network:
|
||||
interface:
|
||||
sriov:
|
||||
- device: enp3s0f0
|
||||
num_vfs: 32
|
||||
promisc: false
|
||||
- device: enp66s0f1
|
||||
num_vfs: 32
|
||||
promisc: false
|
||||
tunnel: br-phy-bond0
|
||||
backend:
|
||||
- openvswitch
|
||||
- sriov
|
||||
conf:
|
||||
auto_bridge_add:
|
||||
br-ex: null
|
||||
neutron:
|
||||
DEFAULT:
|
||||
l3_ha: False
|
||||
max_l3_agents_per_router: 1
|
||||
l3_ha_network_type: vxlan
|
||||
dhcp_agents_per_network: 1
|
||||
service_plugins: router
|
||||
plugins:
|
||||
ml2_conf:
|
||||
ml2:
|
||||
mechanism_drivers: l2population,openvswitch,sriovnicswitch
|
||||
type_drivers: vlan,flat,vxlan
|
||||
tenant_network_types: vxlan
|
||||
ml2_type_flat:
|
||||
flat_networks: public
|
||||
ml2_type_vlan:
|
||||
network_vlan_ranges: ovsnet:2:4094,sriovnet1:100:4000,sriovnet2:100:4000
|
||||
openvswitch_agent:
|
||||
default:
|
||||
ovs_vsctl_timeout: 30
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
securitygroup:
|
||||
enable_security_group: False
|
||||
firewall_driver: neutron.agent.firewall.NoopFirewallDriver
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex,ovsnet:br-phy-bond0
|
||||
datapath_type: netdev
|
||||
vhostuser_socket_dir: /var/run/openvswitch/vhostuser
|
||||
of_connect_timeout: 60
|
||||
of_request_timeout: 30
|
||||
sriov_agent:
|
||||
securitygroup:
|
||||
firewall_driver: neutron.agent.firewall.NoopFirewallDriver
|
||||
sriov_nic:
|
||||
physical_device_mappings: sriovnet1:enp3s0f0,sriovnet2:enp66s0f1
|
||||
exclude_devices: enp3s0f0:0000:00:05.1,enp66s0f1:0000:00:06.1
|
||||
ovs_dpdk:
|
||||
enabled: true
|
||||
driver: uio_pci_generic
|
||||
nics: []
|
||||
bonds:
|
||||
# CHANGE-ME: modify below parameters according to your hardware
|
||||
- name: dpdkbond0
|
||||
bridge: br-phy-bond0
|
||||
mtu: 9000
|
||||
# The IP from the first nic in nics list shall be used
|
||||
migrate_ip: true
|
||||
n_rxq: 2
|
||||
n_rxq_size: 1024
|
||||
n_txq_size: 1024
|
||||
ovs_options: "bond_mode=active-backup"
|
||||
nics:
|
||||
- name: dpdk_b0s0
|
||||
pci_id: '0000:00:05.0'
|
||||
vf_index: 0
|
||||
- name: dpdk_b0s1
|
||||
pci_id: '0000:00:06.0'
|
||||
vf_index: 0
|
||||
bridges:
|
||||
- name: br-phy-bond0
|
||||
modules:
|
||||
- name: dpdk
|
||||
log_level: info
|
||||
|
||||
# In case of shared profile (sriov + ovs-dpdk), sriov agent should finish
|
||||
# first so as to let it configure the SRIOV VFs before ovs-agent tries to
|
||||
# bind it with DPDK driver.
|
||||
dependencies:
|
||||
dynamic:
|
||||
targeted:
|
||||
openvswitch:
|
||||
ovs_agent:
|
||||
pod:
|
||||
- requireSameNode: true
|
||||
labels:
|
||||
application: neutron
|
||||
component: neutron-sriov-agent
|
||||
...
|
71
openstack/values_overrides/neutron/tf.yaml
Normal file
71
openstack/values_overrides/neutron/tf.yaml
Normal file
@ -0,0 +1,71 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
tf_neutron_init: opencontrailnightly/contrail-openstack-neutron-init:master-latest
|
||||
labels:
|
||||
job:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
server:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
test:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
network:
|
||||
backend:
|
||||
- tungstenfabric
|
||||
dependencies:
|
||||
dynamic:
|
||||
targeted:
|
||||
tungstenfabric:
|
||||
server:
|
||||
daemonset: []
|
||||
conf:
|
||||
openstack_version: queens
|
||||
neutron:
|
||||
DEFAULT:
|
||||
core_plugin: neutron_plugin_contrail.plugins.opencontrail.contrail_plugin.NeutronPluginContrailCoreV2
|
||||
service_plugins: neutron_plugin_contrail.plugins.opencontrail.loadbalancer.v2.plugin.LoadBalancerPluginV2
|
||||
l3_ha: False
|
||||
api_extensions_path: /opt/plugin/site-packages/neutron_plugin_contrail/extensions:/opt/plugin/site-packages/neutron_lbaas/extensions
|
||||
interface_driver: null
|
||||
quotas:
|
||||
quota_driver: neutron_plugin_contrail.plugins.opencontrail.quota.driver.QuotaDriver
|
||||
plugins:
|
||||
tungstenfabric:
|
||||
APISERVER:
|
||||
api_server_ip: config-api-server.tungsten-fabric.svc.cluster.local
|
||||
api_server_port: 8082
|
||||
contrail_extensions: "ipam:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_ipam.NeutronPluginContrailIpam,policy:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_policy.NeutronPluginContrailPolicy,route-table:neutron_plugin_contrail.plugins.opencontrail.contrail_plugin_vpc.NeutronPluginContrailVpc,contrail:None,service-interface:None,vf-binding:None"
|
||||
multi_tenancy: True
|
||||
KEYSTONE:
|
||||
insecure: True
|
||||
tf_vnc_api_lib:
|
||||
global:
|
||||
WEB_SERVER: config-api-server.tungsten-fabric.svc.cluster.local
|
||||
WEB_PORT: 8082
|
||||
auth:
|
||||
AUTHN_TYPE: keystone
|
||||
AUTHN_PROTOCOL: http
|
||||
AUTHN_URL: /v3/auth/tokens
|
||||
manifests:
|
||||
daemonset_dhcp_agent: false
|
||||
daemonset_l3_agent: false
|
||||
daemonset_lb_agent: false
|
||||
daemonset_metadata_agent: false
|
||||
daemonset_ovs_agent: false
|
||||
daemonset_sriov_agent: false
|
||||
pod_rally_test: false
|
||||
pod:
|
||||
mounts:
|
||||
neutron_db_sync:
|
||||
neutron_db_sync:
|
||||
volumeMounts:
|
||||
- name: db-sync-conf
|
||||
mountPath: /etc/neutron/plugins/tungstenfabric/tf_plugin.ini
|
||||
subPath: tf_plugin.ini
|
||||
readOnly: true
|
||||
volumes:
|
||||
...
|
142
openstack/values_overrides/neutron/tls.yaml
Normal file
142
openstack/values_overrides/neutron/tls.yaml
Normal file
@ -0,0 +1,142 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
nginx: docker.io/nginx:1.18.0
|
||||
network:
|
||||
server:
|
||||
ingress:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "https"
|
||||
pod:
|
||||
security_context:
|
||||
neutron_server:
|
||||
pod:
|
||||
runAsUser: 0
|
||||
container:
|
||||
neutron_server:
|
||||
readOnlyRootFilesystem: false
|
||||
resources:
|
||||
nginx:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
conf:
|
||||
nginx: |
|
||||
worker_processes 1;
|
||||
daemon off;
|
||||
user nginx;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
sendfile on;
|
||||
keepalive_timeout 65s;
|
||||
tcp_nodelay on;
|
||||
|
||||
log_format main '[nginx] method=$request_method path=$request_uri '
|
||||
'status=$status upstream_status=$upstream_status duration=$request_time size=$body_bytes_sent '
|
||||
'"$remote_user" "$http_referer" "$http_user_agent"';
|
||||
|
||||
access_log /dev/stdout main;
|
||||
|
||||
upstream websocket {
|
||||
server 127.0.0.1:$PORT;
|
||||
}
|
||||
|
||||
server {
|
||||
server_name {{ printf "%s.%s.svc.%s" "${SHORTNAME}" .Release.Namespace .Values.endpoints.cluster_domain_suffix }};
|
||||
listen $POD_IP:$PORT ssl;
|
||||
|
||||
client_max_body_size 0;
|
||||
|
||||
ssl_certificate /etc/nginx/certs/tls.crt;
|
||||
ssl_certificate_key /etc/nginx/certs/tls.key;
|
||||
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
|
||||
|
||||
location / {
|
||||
proxy_pass_request_headers on;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_pass http://websocket;
|
||||
proxy_read_timeout 90;
|
||||
}
|
||||
}
|
||||
}
|
||||
neutron:
|
||||
DEFAULT:
|
||||
bind_host: 127.0.0.1
|
||||
nova:
|
||||
cafile: /etc/neutron/certs/ca.crt
|
||||
keystone_authtoken:
|
||||
cafile: /etc/neutron/certs/ca.crt
|
||||
oslo_messaging_rabbit:
|
||||
ssl: true
|
||||
ssl_ca_file: /etc/rabbitmq/certs/ca.crt
|
||||
ssl_cert_file: /etc/rabbitmq/certs/tls.crt
|
||||
ssl_key_file: /etc/rabbitmq/certs/tls.key
|
||||
metadata_agent:
|
||||
DEFAULT:
|
||||
auth_ca_cert: /etc/ssl/certs/openstack-helm.crt
|
||||
nova_metadata_port: 443
|
||||
nova_metadata_protocol: https
|
||||
endpoints:
|
||||
compute:
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
compute_metadata:
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
metadata:
|
||||
public: 443
|
||||
identity:
|
||||
auth:
|
||||
admin:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
neutron:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
nova:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
test:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
default: 443
|
||||
network:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: neutron-tls-server
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
ingress:
|
||||
port:
|
||||
ingress:
|
||||
default: 443
|
||||
oslo_messaging:
|
||||
port:
|
||||
https:
|
||||
default: 15680
|
||||
manifests:
|
||||
certificates: true
|
||||
...
|
21
openstack/values_overrides/neutron/train-ubuntu_bionic.yaml
Normal file
21
openstack/values_overrides/neutron/train-ubuntu_bionic.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
neutron_db_sync: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_dhcp: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_l3: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_l2gw: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_linuxbridge_agent: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_metadata: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_openvswitch_agent: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_server: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_rpc_server: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
neutron_bagpipe_bgp: "docker.io/openstackhelm/neutron:train-ubuntu_bionic"
|
||||
...
|
21
openstack/values_overrides/neutron/ussuri-ubuntu_bionic.yaml
Normal file
21
openstack/values_overrides/neutron/ussuri-ubuntu_bionic.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
neutron_db_sync: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_dhcp: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_l3: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_l2gw: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_linuxbridge_agent: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_metadata: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_openvswitch_agent: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_server: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_rpc_server: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
neutron_bagpipe_bgp: "docker.io/openstackhelm/neutron:ussuri-ubuntu_bionic"
|
||||
...
|
@ -0,0 +1,21 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
neutron_db_sync: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_dhcp: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_l3: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_l2gw: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_linuxbridge_agent: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_metadata: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_openvswitch_agent: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_server: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_rpc_server: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
neutron_bagpipe_bgp: "docker.io/openstackhelm/neutron:victoria-ubuntu_focal"
|
||||
...
|
21
openstack/values_overrides/neutron/wallaby-ubuntu_focal.yaml
Normal file
21
openstack/values_overrides/neutron/wallaby-ubuntu_focal.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
neutron:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
neutron_db_sync: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_dhcp: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_l3: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_l2gw: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_linuxbridge_agent: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_metadata: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_openvswitch_agent: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_server: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_rpc_server: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
neutron_bagpipe_bgp: "docker.io/openstackhelm/neutron:wallaby-ubuntu_focal"
|
||||
...
|
37
openstack/values_overrides/nova/apparmor.yaml
Normal file
37
openstack/values_overrides/nova/apparmor.yaml
Normal file
@ -0,0 +1,37 @@
|
||||
---
|
||||
nova:
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
nova-compute-default:
|
||||
nova-compute: runtime/default
|
||||
init: runtime/default
|
||||
nova-compute-init: runtime/default
|
||||
nova-compute-vnc-init: runtime/default
|
||||
nova-api-metadata:
|
||||
nova-api-metadata-init: runtime/default
|
||||
nova-api: runtime/default
|
||||
init: runtime/default
|
||||
nova-api-osapi:
|
||||
nova-osapi: runtime/default
|
||||
init: runtime/default
|
||||
nova-conductor:
|
||||
nova-conductor: runtime/default
|
||||
init: runtime/default
|
||||
nova-novncproxy:
|
||||
nova-novncproxy: runtime/default
|
||||
nova-novncproxy-init-assets: runtime/default
|
||||
nova-novncproxy-init: runtime/default
|
||||
init: runtime/default
|
||||
nova-scheduler:
|
||||
nova-scheduler: runtime/default
|
||||
init: runtime/default
|
||||
nova-cell-setup:
|
||||
nova-cell-setup: runtime/default
|
||||
nova-cell-setup-init: runtime/default
|
||||
init: runtime/default
|
||||
nova-test:
|
||||
init: runtime/default
|
||||
nova-test: runtime/default
|
||||
nova-test-ks-user: runtime/default
|
||||
...
|
23
openstack/values_overrides/nova/cntt.yaml
Normal file
23
openstack/values_overrides/nova/cntt.yaml
Normal file
@ -0,0 +1,23 @@
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
---
|
||||
nova:
|
||||
conf:
|
||||
nova:
|
||||
DEFAULT:
|
||||
reserved_huge_pages:
|
||||
type: multistring
|
||||
values:
|
||||
- node:0,size:1GB,count:4
|
||||
- node:1,size:1GB,count:4
|
||||
reserved_host_memory_mb: 512
|
||||
...
|
18
openstack/values_overrides/nova/netpol.yaml
Normal file
18
openstack/values_overrides/nova/netpol.yaml
Normal file
@ -0,0 +1,18 @@
|
||||
---
|
||||
nova:
|
||||
manifests:
|
||||
network_policy: true
|
||||
network_policy:
|
||||
nova:
|
||||
egress:
|
||||
- to:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
application: nova
|
||||
- to:
|
||||
- ipBlock:
|
||||
cidr: %%%REPLACE_API_ADDR%%%/32
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: %%%REPLACE_API_PORT%%%
|
||||
...
|
27
openstack/values_overrides/nova/opensuse_15.yaml
Normal file
27
openstack/values_overrides/nova/opensuse_15.yaml
Normal file
@ -0,0 +1,27 @@
|
||||
---
|
||||
nova:
|
||||
conf:
|
||||
software:
|
||||
apache2:
|
||||
binary: apache2ctl
|
||||
start_parameters: -DFOREGROUND -k start
|
||||
site_dir: /etc/apache2/vhosts.d
|
||||
conf_dir: /etc/apache2/conf.d
|
||||
a2enmod:
|
||||
- version
|
||||
security: |
|
||||
<Directory "/var/www">
|
||||
Options Indexes FollowSymLinks
|
||||
AllowOverride All
|
||||
<IfModule !mod_access_compat.c>
|
||||
Require all granted
|
||||
</IfModule>
|
||||
<IfModule mod_access_compat.c>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</IfModule>
|
||||
</Directory>
|
||||
nova:
|
||||
DEFAULT:
|
||||
mkisofs_cmd: mkisofs
|
||||
...
|
36
openstack/values_overrides/nova/ssh.yaml
Normal file
36
openstack/values_overrides/nova/ssh.yaml
Normal file
@ -0,0 +1,36 @@
|
||||
---
|
||||
nova:
|
||||
network:
|
||||
ssh:
|
||||
enabled: true
|
||||
public_key: |
|
||||
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfgGkoPxu6jVqyBTGDlhGqoFFaTymMOH3pDRzrzXCVodqrtv1heBAyi7L63+MZ+m/facDDo43hWzhFLmmMgD00AS7L+VH+oeEwKVCfq0HN3asKLadpweBQVAkGX7PzjRKF25qj6J7iVpKAf1NcnJCsWL3b+wC9mwK7TmupOmWra8BrfP7Fvek1RLx3lwk+ZZ9lUlm6o+jwXn/9rCEFa7ywkGpdrPRBNHQshGjDlJPi15boXIKxOmoZ/DszkJq7iLYQnwa4Kdb0dJ9OE/l2LLBiEpkMlTnwXA7QCS5jEHXwW78b4BOZvqrFflga+YldhDmkyRRfnhcF5Ok2zQmx9Q+t root@openstack-helm
|
||||
private_key: |
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEA34BpKD8buo1asgUxg5YRqqBRWk8pjDh96Q0c681wlaHaq7b9
|
||||
YXgQMouy+t/jGfpv32nAw6ON4Vs4RS5pjIA9NAEuy/lR/qHhMClQn6tBzd2rCi2n
|
||||
acHgUFQJBl+z840Shduao+ie4laSgH9TXJyQrFi92/sAvZsCu05rqTplq2vAa3z+
|
||||
xb3pNUS8d5cJPmWfZVJZuqPo8F5//awhBWu8sJBqXaz0QTR0LIRow5ST4teW6FyC
|
||||
sTpqGfw7M5Cau4i2EJ8GuCnW9HSfThP5diywYhKZDJU58FwO0AkuYxB18Fu/G+AT
|
||||
mb6qxX5YGvmJXYQ5pMkUX54XBeTpNs0JsfUPrQIDAQABAoIBAFkEFd3XtL2KSxMY
|
||||
Cm50OLkSfRRQ7yVP4qYNePVZr3uJKUS27xgA78KR7UkKHrNcEW6T+hhxbbLR2AmF
|
||||
wLga40VxKyhGNqgJ5Vx/OAM//Ed4AAVfxYvTkfmsXqPRPiTEjRoPKvoZTh6riFHx
|
||||
ZExAd0aNWaDhyZu6v03GoA6YmaG53CLhUpDjIEpAHT8Q5fiukvpvFNAkSpSU3wWW
|
||||
YD14S5BTXx8Z7v5mNgbxzDIST9P6oGm9jOoMJJCxu3KVF5Xh6k23DP1wukiWNypJ
|
||||
b7dzfE8/NZUZ15Du4g1ZXHZyOATwN+4GQi1tV+oB1o6wI6829lpIMlsmqHhrw867
|
||||
942SmakCgYEA9R1xFEEVRavBGIUeg/NMbFP+Ssl2DljAdnmcOASCxAFqCx6y3WSK
|
||||
P2xWTD/MCG/uz627EVp+lfbapZimm171rUMpVCqTa5tH+LZ+Lbl+rjoLwSWVqySK
|
||||
MGyIEzpPLq5PrpGdUghZNsGAG7kgTarJM5SYyA+Esqr8AADjDrZdmzcCgYEA6W1C
|
||||
h9nU5i04UogndbkOiDVDWn0LnjUnVDTmhgGhbJDLtx4/hte/zGK7+mKl561q3Qmm
|
||||
xY0s8cSQCX1ULHyrgzS9rc0k42uvuRWgpKKKT5IrjiA91HtfcVM1r9hxa2/dw4wk
|
||||
WbAoaqpadjQAKoB4PNYzRfvITkv/9O+JSyK5BjsCgYEA5p9C68momBrX3Zgyc/gQ
|
||||
qcQFeJxAxZLf0xjs0Q/9cSnbeobxx7h3EuF9+NP1xuJ6EVDmt5crjzHp2vDboUgh
|
||||
Y1nToutENXSurOYXpjHnbUoUETCpt5LzqkgTZ/Pu2H8NXbSIDszoE8rQHEV8jVbp
|
||||
Y+ymK2XedrTF0cMD363aONUCgYEAy5J4+kdUL+VyADAz0awxa0KgWdNCBZivkvWL
|
||||
sYTMhgUFVM7xciTIZXQaIjRUIeeQkfKv2gvUDYlyYIRHm4Cih4vAfEmziQ7KMm0V
|
||||
K1+BpgGBMLMXmS57PzblVFU8HQlzau3Wac2CgfvNZtbU6jweIFhiYP9DYl1PfQpG
|
||||
PxuqJy8CgYBERsjdYfnyGMnFg3DVwgv/W/JspX201jMhQW2EW1OGDf7RQV+qTUnU
|
||||
2NRGN9QbVYUvdwuRPd7C9wXQfLzXf0/E67oYg6fHHGTBNMjSq56qhZ2dSZnyQCxI
|
||||
UZu0B4/1A5493Mypxp8c2fPhBdfzjTA5latsr75U26OMPxCxgFxm1A==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
...
|
79
openstack/values_overrides/nova/tf.yaml
Normal file
79
openstack/values_overrides/nova/tf.yaml
Normal file
@ -0,0 +1,79 @@
|
||||
---
|
||||
nova:
|
||||
images:
|
||||
tags:
|
||||
tf_compute_init: opencontrailnightly/contrail-openstack-compute-init:master-latest
|
||||
conf:
|
||||
nova:
|
||||
libvirt:
|
||||
virt_type: qemu
|
||||
cpu_mode: host-model
|
||||
agent:
|
||||
compute:
|
||||
node_selector_key: openstack-compute-node
|
||||
node_selector_value: enabled
|
||||
compute_ironic:
|
||||
node_selector_key: openstack-compute-node
|
||||
node_selector_value: enabled
|
||||
api_metadata:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
conductor:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
job:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
novncproxy:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
osapi:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
scheduler:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
spiceproxy:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
test:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
rootwrap: |
|
||||
# Configuration for nova-rootwrap
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
[DEFAULT]
|
||||
# List of directories to load filter definitions from (separated by ',').
|
||||
# These directories MUST all be only writeable by root !
|
||||
filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap
|
||||
|
||||
# List of directories to search executables in, in case filters do not
|
||||
# explicitely specify a full path (separated by ',')
|
||||
# If not specified, defaults to system PATH environment variable.
|
||||
# These directories MUST all be only writeable by root !
|
||||
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin,/var/lib/openstack/bin,/var/lib/kolla/venv/bin,/opt/plugin/bin
|
||||
|
||||
# Enable logging to syslog
|
||||
# Default value is False
|
||||
use_syslog=False
|
||||
|
||||
# Which syslog facility to use.
|
||||
# Valid values include auth, authpriv, syslog, local0, local1...
|
||||
# Default value is 'syslog'
|
||||
syslog_log_facility=syslog
|
||||
|
||||
# Which messages to log.
|
||||
# INFO means log all usage
|
||||
# ERROR means only log unsuccessful attempts
|
||||
syslog_log_level=ERROR
|
||||
network:
|
||||
backend:
|
||||
- tungstenfabric
|
||||
dependencies:
|
||||
dynamic:
|
||||
targeted:
|
||||
tungstenfabric:
|
||||
compute:
|
||||
daemonset: []
|
||||
...
|
15
openstack/values_overrides/nova/tls-offloading.yaml
Normal file
15
openstack/values_overrides/nova/tls-offloading.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
nova:
|
||||
endpoints:
|
||||
identity:
|
||||
auth:
|
||||
admin:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
nova:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
test:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
|
||||
tls:
|
||||
identity: true
|
||||
...
|
213
openstack/values_overrides/nova/tls.yaml
Normal file
213
openstack/values_overrides/nova/tls.yaml
Normal file
@ -0,0 +1,213 @@
|
||||
---
|
||||
nova:
|
||||
network:
|
||||
osapi:
|
||||
ingress:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "https"
|
||||
metadata:
|
||||
ingress:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "https"
|
||||
novncproxy:
|
||||
ingress:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "https"
|
||||
conf:
|
||||
mpm_event: |
|
||||
<IfModule mpm_event_module>
|
||||
ServerLimit 1024
|
||||
StartServers 32
|
||||
MinSpareThreads 32
|
||||
MaxSpareThreads 256
|
||||
ThreadsPerChild 25
|
||||
MaxRequestsPerChild 128
|
||||
ThreadLimit 720
|
||||
</IfModule>
|
||||
wsgi_nova_api: |
|
||||
{{- $portInt := tuple "compute" "internal" "api" $ | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
Listen {{ $portInt }}
|
||||
<VirtualHost *:{{ $portInt }}>
|
||||
ServerName {{ printf "%s.%s.svc.%s" "nova-api" .Release.Namespace .Values.endpoints.cluster_domain_suffix }}
|
||||
WSGIDaemonProcess nova-api processes=1 threads=1 user=nova display-name=%{GROUP}
|
||||
WSGIProcessGroup nova-api
|
||||
WSGIScriptAlias / /var/www/cgi-bin/nova/nova-api-wsgi
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
AllowEncodedSlashes On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
|
||||
ErrorLog /dev/stdout
|
||||
CustomLog /dev/stdout combined env=!forwarded
|
||||
CustomLog /dev/stdout proxy env=forwarded
|
||||
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/nova/certs/tls.crt
|
||||
SSLCertificateKeyFile /etc/nova/certs/tls.key
|
||||
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||||
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
|
||||
SSLHonorCipherOrder on
|
||||
</VirtualHost>
|
||||
wsgi_nova_metadata: |
|
||||
{{- $portInt := tuple "compute_metadata" "internal" "metadata" $ | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
Listen {{ $portInt }}
|
||||
<VirtualHost *:{{ $portInt }}>
|
||||
ServerName {{ printf "%s.%s.svc.%s" "nova-metadata" .Release.Namespace .Values.endpoints.cluster_domain_suffix }}
|
||||
WSGIDaemonProcess nova-metadata processes=1 threads=1 user=nova display-name=%{GROUP}
|
||||
WSGIProcessGroup nova-metadata
|
||||
WSGIScriptAlias / /var/www/cgi-bin/nova/nova-metadata-wsgi
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
AllowEncodedSlashes On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
|
||||
ErrorLog /dev/stdout
|
||||
CustomLog /dev/stdout combined env=!forwarded
|
||||
CustomLog /dev/stdout proxy env=forwarded
|
||||
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/nova/certs/tls.crt
|
||||
SSLCertificateKeyFile /etc/nova/certs/tls.key
|
||||
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||||
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
|
||||
SSLHonorCipherOrder on
|
||||
</VirtualHost>
|
||||
software:
|
||||
apache2:
|
||||
a2enmod:
|
||||
- ssl
|
||||
nova:
|
||||
console:
|
||||
ssl_minimum_version: tlsv1_2
|
||||
glance:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
ironic:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
neutron:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
keystone_authtoken:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
cinder:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
placement:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
keystone:
|
||||
cafile: /etc/nova/certs/ca.crt
|
||||
oslo_messaging_rabbit:
|
||||
ssl: true
|
||||
ssl_ca_file: /etc/rabbitmq/certs/ca.crt
|
||||
ssl_cert_file: /etc/rabbitmq/certs/tls.crt
|
||||
ssl_key_file: /etc/rabbitmq/certs/tls.key
|
||||
endpoints:
|
||||
identity:
|
||||
auth:
|
||||
admin:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
nova:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
neutron:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
placement:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
test:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
default: 443
|
||||
image:
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
compute:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: nova-tls-api
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: 'https'
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
compute_metadata:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: metadata-tls-metadata
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
metadata:
|
||||
public: 443
|
||||
compute_novnc_proxy:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: nova-novncproxy-tls-proxy
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
novnc_proxy:
|
||||
public: 443
|
||||
compute_spice_proxy:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: nova-tls-spiceproxy
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
placement:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: placement-tls-api
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
network:
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
oslo_messaging:
|
||||
port:
|
||||
https:
|
||||
default: 15680
|
||||
pod:
|
||||
security_context:
|
||||
nova:
|
||||
container:
|
||||
nova_api:
|
||||
runAsUser: 0
|
||||
readOnlyRootFilesystem: false
|
||||
nova_osapi:
|
||||
runAsUser: 0
|
||||
readOnlyRootFilesystem: false
|
||||
manifests:
|
||||
certificates: true
|
||||
...
|
24
openstack/values_overrides/nova/train-ubuntu_bionic.yaml
Normal file
24
openstack/values_overrides/nova/train-ubuntu_bionic.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
nova:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
nova_api: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_cell_setup: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_cell_setup_init: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
nova_compute: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_compute_ssh: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_conductor: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_db_sync: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_novncproxy: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_novncproxy_assets: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_scheduler: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_spiceproxy: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:train-ubuntu_bionic"
|
||||
nova_service_cleaner: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_bionic"
|
||||
...
|
24
openstack/values_overrides/nova/ussuri-ubuntu_bionic.yaml
Normal file
24
openstack/values_overrides/nova/ussuri-ubuntu_bionic.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
nova:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
nova_api: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_cell_setup: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_cell_setup_init: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
nova_compute: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_compute_ssh: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_conductor: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_db_sync: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_novncproxy: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_novncproxy_assets: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_scheduler: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_spiceproxy: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:ussuri-ubuntu_bionic"
|
||||
nova_service_cleaner: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_bionic"
|
||||
...
|
24
openstack/values_overrides/nova/victoria-ubuntu_focal.yaml
Normal file
24
openstack/values_overrides/nova/victoria-ubuntu_focal.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
nova:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
nova_api: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_cell_setup: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_cell_setup_init: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
nova_compute: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_compute_ssh: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_conductor: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_db_sync: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_novncproxy: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_novncproxy_assets: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_scheduler: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_spiceproxy: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:victoria-ubuntu_focal"
|
||||
nova_service_cleaner: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_bionic"
|
||||
...
|
24
openstack/values_overrides/nova/wallaby-ubuntu_focal.yaml
Normal file
24
openstack/values_overrides/nova/wallaby-ubuntu_focal.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
nova:
|
||||
images:
|
||||
tags:
|
||||
bootstrap: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
nova_api: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_cell_setup: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_cell_setup_init: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
nova_compute: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_compute_ssh: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_conductor: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_db_sync: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_novncproxy: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_novncproxy_assets: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_scheduler: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_spiceproxy: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_spiceproxy_assets: "docker.io/openstackhelm/nova:wallaby-ubuntu_focal"
|
||||
nova_service_cleaner: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_bionic"
|
||||
...
|
7
openstack/values_overrides/nova/wallaby.yaml
Normal file
7
openstack/values_overrides/nova/wallaby.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
nova:
|
||||
conf:
|
||||
rally_tests:
|
||||
tests:
|
||||
NovaAgents.list_agents: []
|
||||
...
|
15
openstack/values_overrides/openvswitch/apparmor.yaml
Normal file
15
openstack/values_overrides/openvswitch/apparmor.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
# NOTE: Enable this with the correct policy
|
||||
---
|
||||
openvswitch:
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
openvswitch-vswitchd:
|
||||
openvswitch-vswitchd: runtime/default
|
||||
openvswitch-vswitchd-modules: runtime/default
|
||||
init: runtime/default
|
||||
openvswitch-db:
|
||||
openvswitch-db: runtime/default
|
||||
openvswitch-db-perms: runtime/default
|
||||
init: runtime/default
|
||||
...
|
25
openstack/values_overrides/openvswitch/dpdk-opensuse_15.yaml
Normal file
25
openstack/values_overrides/openvswitch/dpdk-opensuse_15.yaml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
openvswitch:
|
||||
images:
|
||||
tags:
|
||||
openvswitch_db_server: docker.io/openstackhelm/openvswitch:latest-opensuse_15-dpdk
|
||||
openvswitch_vswitchd: docker.io/openstackhelm/openvswitch:latest-opensuse_15-dpdk
|
||||
pod:
|
||||
resources:
|
||||
enabled: true
|
||||
ovs:
|
||||
vswitchd:
|
||||
requests:
|
||||
memory: "2Gi"
|
||||
cpu: "2"
|
||||
limits:
|
||||
memory: "2Gi"
|
||||
cpu: "2"
|
||||
hugepages-1Gi: "1Gi"
|
||||
conf:
|
||||
ovs_dpdk:
|
||||
enabled: true
|
||||
hugepages_mountpath: /dev/hugepages
|
||||
vhostuser_socket_dir: vhostuser
|
||||
socket_memory: 1024
|
||||
...
|
@ -0,0 +1,25 @@
|
||||
---
|
||||
openvswitch:
|
||||
images:
|
||||
tags:
|
||||
openvswitch_db_server: docker.io/openstackhelm/openvswitch:latest-ubuntu_bionic-dpdk
|
||||
openvswitch_vswitchd: docker.io/openstackhelm/openvswitch:latest-ubuntu_bionic-dpdk
|
||||
pod:
|
||||
resources:
|
||||
enabled: true
|
||||
ovs:
|
||||
vswitchd:
|
||||
requests:
|
||||
memory: "2Gi"
|
||||
cpu: "2"
|
||||
limits:
|
||||
memory: "2Gi"
|
||||
cpu: "2"
|
||||
hugepages-1Gi: "1Gi"
|
||||
conf:
|
||||
ovs_dpdk:
|
||||
enabled: true
|
||||
hugepages_mountpath: /dev/hugepages
|
||||
vhostuser_socket_dir: vhostuser
|
||||
socket_memory: 1024
|
||||
...
|
5
openstack/values_overrides/openvswitch/netpol.yaml
Normal file
5
openstack/values_overrides/openvswitch/netpol.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
openvswitch:
|
||||
manifests:
|
||||
network_policy: true
|
||||
...
|
12
openstack/values_overrides/openvswitch/vswitchd-probes.yaml
Normal file
12
openstack/values_overrides/openvswitch/vswitchd-probes.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
---
|
||||
openvswitch:
|
||||
pod:
|
||||
probes:
|
||||
ovs_vswitch:
|
||||
ovs_vswitch:
|
||||
liveness:
|
||||
exec:
|
||||
- /bin/bash
|
||||
- -c
|
||||
- '/usr/bin/ovs-appctl bond/list; C1=$?; ovs-vsctl --column statistics list interface dpdk_b0s0 | grep -q -E "rx_|tx_"; C2=$?; ovs-vsctl --column statistics list interface dpdk_b0s1 | grep -q -E "rx_|tx_"; C3=$?; exit $(($C1+$C2+$C3))'
|
||||
...
|
15
openstack/values_overrides/placement/apparmor.yaml
Normal file
15
openstack/values_overrides/placement/apparmor.yaml
Normal file
@ -0,0 +1,15 @@
|
||||
---
|
||||
placement:
|
||||
pod:
|
||||
mandatory_access_control:
|
||||
type: apparmor
|
||||
placement-api:
|
||||
placement-api: runtime/default
|
||||
init: runtime/default
|
||||
placement-db-migrate:
|
||||
init: runtime/default
|
||||
placement-mysql-migration: runtime/default
|
||||
|
||||
manifests:
|
||||
job_db_migrate: true
|
||||
...
|
21
openstack/values_overrides/placement/netpol.yaml
Normal file
21
openstack/values_overrides/placement/netpol.yaml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
placement:
|
||||
manifests:
|
||||
network_policy: true
|
||||
network_policy:
|
||||
placement:
|
||||
egress:
|
||||
- {}
|
||||
ingress:
|
||||
- from:
|
||||
- podSelector:
|
||||
matchLabels:
|
||||
application: nova
|
||||
ports:
|
||||
- protocol: TCP
|
||||
port: 8778
|
||||
- protocol: TCP
|
||||
port: 80
|
||||
- protocol: TCP
|
||||
port: 8080
|
||||
...
|
80
openstack/values_overrides/placement/tls.yaml
Normal file
80
openstack/values_overrides/placement/tls.yaml
Normal file
@ -0,0 +1,80 @@
|
||||
---
|
||||
placement:
|
||||
network:
|
||||
api:
|
||||
ingress:
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/backend-protocol: "https"
|
||||
conf:
|
||||
software:
|
||||
apache2:
|
||||
a2enmod:
|
||||
- ssl
|
||||
placement:
|
||||
keystone_authtoken:
|
||||
cafile: /etc/placement/certs/ca.crt
|
||||
wsgi_placement: |
|
||||
Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
||||
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
|
||||
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
|
||||
CustomLog /dev/stdout combined env=!forwarded
|
||||
CustomLog /dev/stdout proxy env=forwarded
|
||||
<VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
|
||||
ServerName {{ printf "%s.%s.svc.%s" "placement-api" .Release.Namespace .Values.endpoints.cluster_domain_suffix }}
|
||||
WSGIDaemonProcess placement-api processes=4 threads=1 user=placement group=placement display-name=%{GROUP}
|
||||
WSGIProcessGroup placement-api
|
||||
WSGIScriptAlias / /var/www/cgi-bin/placement/placement-api
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
ErrorLog /dev/stdout
|
||||
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
|
||||
CustomLog /dev/stdout combined env=!forwarded
|
||||
CustomLog /dev/stdout proxy env=forwarded
|
||||
|
||||
SSLEngine on
|
||||
SSLCertificateFile /etc/placement/certs/tls.crt
|
||||
SSLCertificateKeyFile /etc/placement/certs/tls.key
|
||||
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
|
||||
SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
|
||||
SSLHonorCipherOrder on
|
||||
</VirtualHost>
|
||||
Alias /placement /var/www/cgi-bin/placement/placement-api
|
||||
<Location /placement>
|
||||
SetHandler wsgi-script
|
||||
Options +ExecCGI
|
||||
WSGIProcessGroup placement-api
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
</Location>
|
||||
endpoints:
|
||||
identity:
|
||||
auth:
|
||||
admin:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
placement:
|
||||
cacert: /etc/ssl/certs/openstack-helm.crt
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
default: 443
|
||||
placement:
|
||||
host_fqdn_override:
|
||||
default:
|
||||
tls:
|
||||
secretName: placement-tls-api
|
||||
issuerRef:
|
||||
name: ca-issuer
|
||||
kind: ClusterIssuer
|
||||
scheme:
|
||||
default: https
|
||||
port:
|
||||
api:
|
||||
public: 443
|
||||
manifests:
|
||||
certificates: true
|
||||
...
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
placement:
|
||||
images:
|
||||
pull_policy: IfNotPresent
|
||||
tags:
|
||||
placement: "docker.io/openstackhelm/placement:train-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
|
||||
db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
|
||||
placement_db_sync: "docker.io/openstackhelm/placement:train-ubuntu_bionic"
|
||||
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
|
||||
image_repo_sync: "docker.io/docker:17.07.0"
|
||||
manifests:
|
||||
job_db_migrate: true
|
||||
dependencies:
|
||||
static:
|
||||
db_sync:
|
||||
jobs:
|
||||
- placement-db-init
|
||||
- placement-db-migrate
|
||||
...
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
placement:
|
||||
images:
|
||||
pull_policy: IfNotPresent
|
||||
tags:
|
||||
placement: "docker.io/openstackhelm/placement:ussuri-ubuntu_bionic"
|
||||
ks_user: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_service: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_init: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_drop: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
|
||||
db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
|
||||
placement_db_sync: "docker.io/openstackhelm/placement:ussuri-ubuntu_bionic"
|
||||
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
|
||||
image_repo_sync: "docker.io/docker:17.07.0"
|
||||
manifests:
|
||||
job_db_migrate: true
|
||||
dependencies:
|
||||
static:
|
||||
db_sync:
|
||||
jobs:
|
||||
- placement-db-init
|
||||
- placement-db-migrate
|
||||
...
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
placement:
|
||||
images:
|
||||
pull_policy: IfNotPresent
|
||||
tags:
|
||||
placement: "docker.io/openstackhelm/placement:victoria-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
|
||||
db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
|
||||
placement_db_sync: "docker.io/openstackhelm/placement:victoria-ubuntu_focal"
|
||||
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
|
||||
image_repo_sync: "docker.io/docker:17.07.0"
|
||||
manifests:
|
||||
job_db_migrate: true
|
||||
dependencies:
|
||||
static:
|
||||
db_sync:
|
||||
jobs:
|
||||
- placement-db-init
|
||||
- placement-db-migrate
|
||||
...
|
@ -0,0 +1,24 @@
|
||||
---
|
||||
placement:
|
||||
images:
|
||||
pull_policy: IfNotPresent
|
||||
tags:
|
||||
placement: "docker.io/openstackhelm/placement:wallaby-ubuntu_focal"
|
||||
ks_user: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_service: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
ks_endpoints: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_init: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_drop: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
|
||||
db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
|
||||
placement_db_sync: "docker.io/openstackhelm/placement:wallaby-ubuntu_focal"
|
||||
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
|
||||
image_repo_sync: "docker.io/docker:17.07.0"
|
||||
manifests:
|
||||
job_db_migrate: true
|
||||
dependencies:
|
||||
static:
|
||||
db_sync:
|
||||
jobs:
|
||||
- placement-db-init
|
||||
- placement-db-migrate
|
||||
...
|
@ -31,4 +31,5 @@ neutron:
|
||||
- 0.2.15 Remove unsupported values overrides
|
||||
- 0.2.16 Remove usage of six
|
||||
- 0.2.17 Migrated PodDisruptionBudget resource to policy/v1 API version
|
||||
- 0.2.18 Updated naming for subchart compatibility
|
||||
...
|
||||
|
@ -60,4 +60,5 @@ nova:
|
||||
- 0.2.37 Remove nova-placement
|
||||
- 0.2.38 Update nova image defaults
|
||||
- 0.2.39 Migrated CronJob resource to batch/v1 API version & PodDisruptionBudget to policy/v1
|
||||
- 0.2.40 Updated naming for subchart compatibility
|
||||
...
|
||||
|
@ -1,4 +1,5 @@
|
||||
---
|
||||
openstack:
|
||||
- 0.1.0 Initial Chart
|
||||
- 0.1.1 Deploy compute-kit charts (neutron, nova, libvirt, openvswitch, placement)
|
||||
...
|
||||
|
@ -13,28 +13,110 @@
|
||||
# under the License.
|
||||
|
||||
set -xe
|
||||
namespace=openstack
|
||||
chart=$namespace
|
||||
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm/openstack"}"}"
|
||||
|
||||
export OSH_TEST_TIMEOUT=1200
|
||||
export OS_CLOUD=openstack_helm
|
||||
: "${RUN_HELM_TESTS:="no"}"
|
||||
: "${CEPH_ENABLED:="false"}"
|
||||
: "${OSH_EXTRA_HELM_ARGS:=""}"
|
||||
release=openstack
|
||||
namespace=$release
|
||||
|
||||
: ${GLANCE_BACKEND:="pvc"}
|
||||
tee /tmp/glance.yaml <<EOF
|
||||
glance:
|
||||
storage: ${GLANCE_BACKEND}
|
||||
volume:
|
||||
class_name: standard
|
||||
EOF
|
||||
#NOTE: Deploy neutron
|
||||
tee /tmp/neutron.yaml << EOF
|
||||
neutron:
|
||||
release_group: neutron
|
||||
enabled: true
|
||||
network:
|
||||
interface:
|
||||
tunnel: docker0
|
||||
conf:
|
||||
neutron:
|
||||
DEFAULT:
|
||||
l3_ha: False
|
||||
max_l3_agents_per_router: 1
|
||||
l3_ha_network_type: vxlan
|
||||
dhcp_agents_per_network: 1
|
||||
plugins:
|
||||
ml2_conf:
|
||||
ml2_type_flat:
|
||||
flat_networks: public
|
||||
openvswitch_agent:
|
||||
agent:
|
||||
tunnel_types: vxlan
|
||||
ovs:
|
||||
bridge_mappings: public:br-ex
|
||||
linuxbridge_agent:
|
||||
linux_bridge:
|
||||
bridge_mappings: public:br-ex
|
||||
EOF
|
||||
## includes second argument 'subchart' to indicate a different path
|
||||
export HELM_CHART_ROOT_PATH="../openstack-helm/openstack"
|
||||
: ${OSH_EXTRA_HELM_ARGS_MARIADB:="$(./tools/deployment/common/get-values-overrides.sh mariadb subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_RABBITMQ:="$(./tools/deployment/common/get-values-overrides.sh rabbitmq subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_MEMCACHED:="$(./tools/deployment/common/get-values-overrides.sh memcached subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_KEYSTONE:="$(./tools/deployment/common/get-values-overrides.sh keystone subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_HEAT:="$(./tools/deployment/common/get-values-overrides.sh heat subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_GLANCE:="$(./tools/deployment/common/get-values-overrides.sh glance subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_OPENVSWITCH:="$(./tools/deployment/common/get-values-overrides.sh openvswitch subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_LIBVIRT:="$(./tools/deployment/common/get-values-overrides.sh libvirt subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_NOVA:="$(./tools/deployment/common/get-values-overrides.sh nova subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_PLACEMENT:="$(./tools/deployment/common/get-values-overrides.sh placement subchart)"}
|
||||
: ${OSH_EXTRA_HELM_ARGS_NEUTRON:="$(./tools/deployment/common/get-values-overrides.sh neutron subchart)"}
|
||||
|
||||
#NOTE: Lint and package chart
|
||||
make -C ${HELM_CHART_ROOT_PATH} .
|
||||
|
||||
echo "helm installing ..."
|
||||
helm upgrade --install $chart $chart/ \
|
||||
${OSH_EXTRA_HELM_ARGS_MARIADB} \
|
||||
${OSH_EXTRA_HELM_ARGS_RABBITMQ} \
|
||||
${OSH_EXTRA_HELM_ARGS_MEMCACHED} \
|
||||
${OSH_EXTRA_HELM_ARGS_KEYSTONE} \
|
||||
${OSH_EXTRA_HELM_ARGS_HEAT} \
|
||||
${OSH_EXTRA_HELM_ARGS_GLANCE} \
|
||||
${OSH_EXTRA_HELM_ARGS:=} \
|
||||
--namespace=$namespace
|
||||
if [ "x$(systemd-detect-virt)" != "xnone" ]; then
|
||||
echo 'OSH is being deployed in virtualized environment, using qemu for nova'
|
||||
OSH_EXTRA_HELM_ARGS=( "--set nova.conf.nova.libvirt.virt_type=qemu" \
|
||||
"--set nova.conf.nova.libvirt.cpu_mode=none" )
|
||||
fi
|
||||
echo "helm installing openstack..."
|
||||
helm upgrade --install $release openstack/ \
|
||||
${OSH_EXTRA_HELM_ARGS_MARIADB} \
|
||||
${OSH_EXTRA_HELM_ARGS_RABBITMQ} \
|
||||
${OSH_EXTRA_HELM_ARGS_MEMCACHED} \
|
||||
${OSH_EXTRA_HELM_ARGS_KEYSTONE} \
|
||||
${OSH_EXTRA_HELM_ARGS_HEAT} \
|
||||
${OSH_EXTRA_HELM_ARGS_GLANCE} \
|
||||
${OSH_EXTRA_HELM_ARGS_OPENVSWITCH} \
|
||||
${OSH_EXTRA_HELM_ARGS_LIBVIRT} \
|
||||
${OSH_EXTRA_HELM_ARGS_NOVA} \
|
||||
${OSH_EXTRA_HELM_ARGS_PLACEMENT} \
|
||||
${OSH_EXTRA_HELM_ARGS_NEUTRON} \
|
||||
${OSH_EXTRA_HELM_ARGS} \
|
||||
--set nova.bootstrap.wait_for_computes.enabled=true \
|
||||
--set libvirt.conf.ceph.enabled=${CEPH_ENABLED} \
|
||||
--set nova.conf.ceph.enabled=${CEPH_ENABLED} \
|
||||
--values=/tmp/neutron.yaml \
|
||||
--values=/tmp/glance.yaml \
|
||||
--namespace=$namespace
|
||||
|
||||
# If compute kit installed using Tungsten Fubric, it will be alive when Tunsten Fabric become active.
|
||||
if [[ "$FEATURE_GATES" =~ (,|^)tf(,|$) ]]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
#NOTE: Wait for deploy
|
||||
./tools/deployment/common/wait-for-pods.sh $namespace 1800
|
||||
|
||||
#NOTE: Validate Deployment info
|
||||
openstack service list
|
||||
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||
openstack compute service list
|
||||
openstack network agent list
|
||||
openstack hypervisor list
|
||||
|
||||
if [ "${RUN_HELM_TESTS}" == "no" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
./tools/deployment/common/run-helm-tests.sh $chart $release
|
||||
|
@ -170,7 +170,7 @@
|
||||
name: openstack-helm-compute-kit-umbrella
|
||||
parent: openstack-helm-chart-deploy
|
||||
vars:
|
||||
run_helm_tests: "no"
|
||||
run_helm_tests: "yes"
|
||||
gate_scripts_relative_path: ../openstack-helm
|
||||
gate_scripts:
|
||||
- ./tools/deployment/common/install-packages.sh
|
||||
@ -178,12 +178,6 @@
|
||||
- - ./tools/deployment/common/setup-client.sh
|
||||
- ./tools/deployment/component/common/ingress.sh
|
||||
- ./tools/deployment/component/common/openstack.sh
|
||||
- ./tools/deployment/component/compute-kit/openvswitch.sh
|
||||
- ./tools/deployment/component/compute-kit/libvirt.sh
|
||||
- ./tools/deployment/component/compute-kit/compute-kit.sh
|
||||
- - export OSH_TEST_TIMEOUT=1200;./tools/deployment/common/run-helm-tests.sh neutron
|
||||
- ./tools/deployment/common/run-helm-tests.sh nova;
|
||||
- ./tools/deployment/common/run-helm-tests.sh openstack;
|
||||
- ./tools/deployment/developer/common/170-setup-gateway.sh
|
||||
- - ./tools/deployment/developer/common/900-use-it.sh
|
||||
- ./tools/deployment/common/force-cronjob-run.sh
|
||||
|
Loading…
Reference in New Issue
Block a user