feat(ironic): allow users to provide configs in ironic.conf.d

Allow users to provide additional projected volumes to be mounted into the various deployments, statefulsets, and jobs that the ironic chart has in the /etc/ironic/ironic.conf.d/ path. This allows for users to provide service account or database secrets via different operators as well as provide ways to use the chart to define common deployments while being able to have site specific overrides. Change-Id: Ic7b474fd0c99f15e0ed7e13a6da46e5c2a8fea0f Signed-off-by: Mathieu Gagné <mgagne@calavera.ca>
2026-02-26 15:34:36 -05:00
parent cd78f168ad
commit 2fd721998c
6 changed files with 42 additions and 2 deletions
--- a/ironic/templates/bin/_ironic-api.sh.tpl
+++ b/ironic/templates/bin/_ironic-api.sh.tpl
@@ -23,7 +23,8 @@ OPTIONS=" --config-file /tmp/pod-shared/swift.conf"
 function start () {
  exec ironic-api \
        --config-file /etc/ironic/ironic.conf \
-        ${OPTIONS}
+        ${OPTIONS} \
+        --config-dir /etc/ironic/ironic.conf.d
 }

 function stop () {
--- a/ironic/templates/bin/_ironic-conductor.sh.tpl
+++ b/ironic/templates/bin/_ironic-conductor.sh.tpl
@@ -26,4 +26,5 @@ OPTIONS=" --config-file /tmp/pod-shared/swift.conf"
 exec ironic-conductor \
      --config-file /etc/ironic/ironic.conf \
      --config-file /tmp/pod-shared/conductor-local-ip.conf \
-      ${OPTIONS}
+      ${OPTIONS} \
+      --config-dir /etc/ironic/ironic.conf.d
--- a/ironic/templates/deployment-api.yaml
+++ b/ironic/templates/deployment-api.yaml
@@ -17,6 +17,7 @@ limitations under the License.

 {{- $mounts_ironic_api := .Values.pod.mounts.ironic_api.ironic_api }}
 {{- $mounts_ironic_api_init := .Values.pod.mounts.ironic_api.init_container }}
+{{- $etcSources := .Values.pod.etcSources.ironic_api }}

 {{- $serviceAccountName := "ironic-api" }}
 {{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -113,6 +114,9 @@ spec:
              mountPath: /etc/ironic/ironic.conf
              subPath: ironic.conf
              readOnly: true
+            - name: ironic-etc-snippets
+              mountPath: /etc/ironic/ironic.conf.d/
+              readOnly: true
            {{- if .Values.conf.ironic.DEFAULT.log_config_append }}
            - name: ironic-etc
              mountPath: {{ .Values.conf.ironic.DEFAULT.log_config_append }}
@@ -139,6 +143,14 @@ spec:
          secret:
            secretName: ironic-etc
            defaultMode: 0444
+        - name: ironic-etc-snippets
+{{- if $etcSources }}
+          projected:
+            sources:
+{{ toYaml $etcSources | indent 14 }}
+{{- else }}
+          emptyDir: {}
+{{ end }}
        - name: pod-shared
          emptyDir: {}
 {{ if $mounts_ironic_api.volumes }}{{ toYaml $mounts_ironic_api.volumes | indent 8 }}{{ end }}
--- a/ironic/templates/statefulset-conductor.yaml
+++ b/ironic/templates/statefulset-conductor.yaml
@@ -17,6 +17,7 @@ limitations under the License.

 {{- $mounts_ironic_conductor := .Values.pod.mounts.ironic_conductor.ironic_conductor }}
 {{- $mounts_ironic_conductor_init := .Values.pod.mounts.ironic_conductor.init_container }}
+{{- $etcSources := .Values.pod.etcSources.ironic_conductor }}

 {{- $serviceAccountName := "ironic-conductor" }}
 {{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -171,6 +172,9 @@ spec:
              mountPath: /etc/ironic/ironic.conf
              subPath: ironic.conf
              readOnly: true
+            - name: ironic-etc-snippets
+              mountPath: /etc/ironic/ironic.conf.d/
+              readOnly: true
            {{- if .Values.conf.ironic.DEFAULT.log_config_append }}
            - name: ironic-etc
              mountPath: {{ .Values.conf.ironic.DEFAULT.log_config_append }}
@@ -251,6 +255,14 @@ spec:
          secret:
            secretName: ironic-etc
            defaultMode: 0444
+        - name: ironic-etc-snippets
+{{- if $etcSources }}
+          projected:
+            sources:
+{{ toYaml $etcSources | indent 14 }}
+{{- else }}
+          emptyDir: {}
+{{ end }}
        - name: host-var-lib-ironic
          hostPath:
            path: /var/lib/ironic
--- a/ironic/values.yaml
+++ b/ironic/values.yaml
@@ -727,6 +727,13 @@ pod:
      ironic_db_sync:
        volumeMounts:
        volumes:
+  # -- This allows users to add Kubernetes Projected Volumes to be mounted at /etc/ironic/ironic.conf.d/
+  ## This is a list of projected volume source objects for each deployment/statefulset/daemonset/cronjob
+  ## https://kubernetes.io/docs/concepts/storage/projected-volumes/
+  etcSources:
+    ironic_api: []
+    ironic_conductor: []
+    ironic_db_sync: []
  replicas:
    api: 1
    conductor: 1
--- a/releasenotes/notes/ironic-c0de8abe9970dca0.yaml
+++ b/releasenotes/notes/ironic-c0de8abe9970dca0.yaml
@@ -0,0 +1,7 @@
+---
+ironic:
+  - |
+    Allow users to add additional sources to the Projected Volume that is mounted
+    at /etc/ironic/ironic.conf.d/ so they may more easily override configs or provide
+    additional configs for the various services in the chart.
+...