Introduced helm hook for masakari

When changes are made to config, helm upgrade failes with immutable fields in jobs. Addition of the helm hooks with post upgrade will delete the old job and create the new jobs which will solve the issue. Also, mounted the shm and enabled hostNetwork in masakari monitors so that it can communicate with pacemaker remote for monitoring the cluster status. Change-Id: I8a8bc5b7c77643872e65fac294d0ff48347c476b
2021-11-29 10:22:35 +05:45 · 2021-11-29 10:22:35 +05:45 · 348f538f6d
commit 348f538f6d
parent 311fb5bf69
9 changed files with 69 additions and 12 deletions
--- a/masakari/Chart.yaml
+++ b/masakari/Chart.yaml
@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Masakari
 name: masakari
-version: 0.1.1
+version: 0.1.2
 home: https://docs.openstack.org/developer/masakari
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Masakari/OpenStack_Project_masakari_vertical.png
 sources:
--- a/masakari/templates/daemonset-host-monitor.yaml
+++ b/masakari/templates/daemonset-host-monitor.yaml
@ -71,6 +71,7 @@ spec:
              mountPath: /tmp/masakari-monitors-init.sh
              subPath: masakari-monitors-init.sh
              readOnly: true
+      hostNetwork: true
      containers:
        - name: masakari-host-monitor
 {{ tuple $envAll "masakari_host_monitor" | include "helm-toolkit.snippets.image" | indent 10 }}
@ -107,6 +108,8 @@ spec:
              mountPath: /var/run
            - name: run
              mountPath: /run
+            - name: shm
+              mountPath: /dev/shm
      volumes:
        - name: pod-tmp
          emptyDir: {}
@ -114,6 +117,9 @@ spec:
          emptyDir: {}
        - name: masakarietc
          emptyDir: {}
+        - name: shm
+          hostPath:
+            path: /dev/shm
        - name: varrun
          hostPath:
            path: /var/run
--- a/masakari/templates/job-db-init.yaml
+++ b/masakari/templates/job-db-init.yaml
@ -12,7 +12,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

+{{- define "metadata.annotations.job.db_init" }}
+{{- if .Values.helm3_hook -}}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-5"
+{{- end -}}
+{{- end }}
+
 {{- if .Values.manifests.job_db_init }}
 {{- $dbInitJob := dict "envAll" . "serviceName" "masakari" -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $dbInitJob "jobAnnotations" (include "metadata.annotations.job.db_init" . | fromYaml ) }}
+{{- end }}
 {{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
 {{- end }}
--- a/masakari/templates/job-db-sync.yaml
+++ b/masakari/templates/job-db-sync.yaml
@ -24,6 +24,10 @@ metadata:
  name: masakari-db-sync
  annotations:
    {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+{{- if .Values.helm3_hook }}
+    "helm.sh/hook": "post-install,post-upgrade"
+    "helm.sh/hook-weight": "-4"
+{{- end }}
 spec:
  template:
    metadata:
--- a/masakari/templates/job-ks-endpoints.yaml
+++ b/masakari/templates/job-ks-endpoints.yaml
@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

+{{- define "metadata.annotations.job.ks_endpoints" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-2"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_endpoints }}
 {{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml ) }}
+{{- end }}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
 {{- end }}
--- a/masakari/templates/job-ks-service.yaml
+++ b/masakari/templates/job-ks-service.yaml
@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

+{{- define "metadata.annotations.job.ks_service" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-3"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_service }}
 {{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml ) }}
+{{- end }}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
 {{- end }}
--- a/masakari/templates/job-ks-user.yaml
+++ b/masakari/templates/job-ks-user.yaml
@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}

+{{- define "metadata.annotations.job.ks_user" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-1"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_user }}
 {{- $ksUserJob := dict "envAll" . "serviceName" "masakari" -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml ) }}
+{{- end }}
 {{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
 {{- end }}
--- a/masakari/values.yaml
+++ b/masakari/values.yaml
@ -25,7 +25,7 @@ images:
    masakari_process_monitor: docker.io/xuxant/masakari-monitors:focal
    masakari_instance_monitor: docker.io/xuxant/masakari-monitors:focal
    rabbit_init: docker.io/rabbitmq:3.7-management
-    dep_check: 'quay.io/airshipit/kubernetes-entrypoint:v1.0.0'
+    dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
  pull_policy: "IfNotPresent"
  local_registry:
    active: false
@ -71,7 +71,7 @@ endpoints:
    path:
      default: "/v1/%(tenant_id)s"
    scheme:
-      default: 'http'
+      default: "http"
    port:
      api:
        default: 15868
@ -184,7 +184,7 @@ endpoints:
      default: null
    path:
      default: null
-    scheme: 'http'
+    scheme: "http"
    port:
      service:
        default: 24224
@ -281,23 +281,23 @@ pod:
        masakari_api:
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
        masakari_engine:
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
        masakari_db_sync:
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
        masakari_host_monitor:
          readOnlyRootFilesystem: false
-          allowPrivilegeEscalation: false
-          runAsUser: 0
+          allowPrivilegeEscalation: true
+          runAsUser: 42424
        masakari_process_monitir:
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
        masakari_instance_monitor:
          readOnlyRootFilesystem: false
          allowPrivilegeEscalation: false
@ -564,6 +564,17 @@ conf:
    introspectiveinstancemonitor:
      guest_monitor_interval: 10
      guest_monitor_timeout: 5
+    host:
+      monitoring_driver: default
+      monitoring_interval: 120
+      monitoring_samples: 1
+      disable_ipmi_checks: true
+      corosync_multicast_ports: 5405
+      pacemaker_node_type: remote
+
+# Note(xuxant): Hooks will break the upgrade for helm2
+# Set to false if using helm2.
+helm3_hook: true

 network:
  masakari_api:
@ -589,6 +600,7 @@ manifests:
  job_rabbit_init: true
  service_api: true
  pdb_api: true
-  host_monitor: true
+  # Host Monitors in containers needs pacemaker remote.
+  host_monitor: false
  instance_monitor: true
-  process_monitor: true
+  process_monitor: false
--- a/releasenotes/notes/masakari.yaml
+++ b/releasenotes/notes/masakari.yaml
@ -2,4 +2,5 @@
 masakari:
  - 0.1.0 Initial Chart
  - 0.1.1 Seperate node labels for monitors
+  - 0.1.2 Added halm hook and fix for hostmonitors to support pacemaker remote
 ...