From 348f538f6d0a317db9178a680ec4ec66c02423e9 Mon Sep 17 00:00:00 2001
From: "xuxant02@gmail.com" <xuxant02@gmail.com>
Date: Mon, 29 Nov 2021 10:22:35 +0545
Subject: [PATCH] Introduced helm hook for masakari

When changes are made to config, helm upgrade failes with immutable fields in jobs. Addition of the helm hooks with post upgrade will delete the old job and create the new jobs which will solve the issue.
Also, mounted the shm and enabled hostNetwork in masakari monitors so that it can communicate with pacemaker remote for monitoring the cluster status.

Change-Id: I8a8bc5b7c77643872e65fac294d0ff48347c476b
---
 masakari/Chart.yaml                           |  2 +-
 .../templates/daemonset-host-monitor.yaml     |  6 ++++
 masakari/templates/job-db-init.yaml           | 10 ++++++
 masakari/templates/job-db-sync.yaml           |  4 +++
 masakari/templates/job-ks-endpoints.yaml      |  8 +++++
 masakari/templates/job-ks-service.yaml        |  8 +++++
 masakari/templates/job-ks-user.yaml           |  8 +++++
 masakari/values.yaml                          | 34 +++++++++++++------
 releasenotes/notes/masakari.yaml              |  1 +
 9 files changed, 69 insertions(+), 12 deletions(-)

diff --git a/masakari/Chart.yaml b/masakari/Chart.yaml
index 009571b3b6..c220995165 100644
--- a/masakari/Chart.yaml
+++ b/masakari/Chart.yaml
@@ -14,7 +14,7 @@ apiVersion: v1
 appVersion: v1.0.0
 description: OpenStack-Helm Masakari
 name: masakari
-version: 0.1.1
+version: 0.1.2
 home: https://docs.openstack.org/developer/masakari
 icon: https://www.openstack.org/themes/openstack/images/project-mascots/Masakari/OpenStack_Project_masakari_vertical.png
 sources:
diff --git a/masakari/templates/daemonset-host-monitor.yaml b/masakari/templates/daemonset-host-monitor.yaml
index 03e54948c4..ebbf566346 100644
--- a/masakari/templates/daemonset-host-monitor.yaml
+++ b/masakari/templates/daemonset-host-monitor.yaml
@@ -71,6 +71,7 @@ spec:
               mountPath: /tmp/masakari-monitors-init.sh
               subPath: masakari-monitors-init.sh
               readOnly: true
+      hostNetwork: true
       containers:
         - name: masakari-host-monitor
 {{ tuple $envAll "masakari_host_monitor" | include "helm-toolkit.snippets.image" | indent 10 }}
@@ -107,6 +108,8 @@ spec:
               mountPath: /var/run
             - name: run
               mountPath: /run
+            - name: shm
+              mountPath: /dev/shm
       volumes:
         - name: pod-tmp
           emptyDir: {}
@@ -114,6 +117,9 @@ spec:
           emptyDir: {}
         - name: masakarietc
           emptyDir: {}
+        - name: shm
+          hostPath:
+            path: /dev/shm
         - name: varrun
           hostPath:
             path: /var/run
diff --git a/masakari/templates/job-db-init.yaml b/masakari/templates/job-db-init.yaml
index 08bfef8e7a..04f6dc14b4 100644
--- a/masakari/templates/job-db-init.yaml
+++ b/masakari/templates/job-db-init.yaml
@@ -12,7 +12,17 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+{{- define "metadata.annotations.job.db_init" }}
+{{- if .Values.helm3_hook -}}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-5"
+{{- end -}}
+{{- end }}
+
 {{- if .Values.manifests.job_db_init }}
 {{- $dbInitJob := dict "envAll" . "serviceName" "masakari" -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $dbInitJob "jobAnnotations" (include "metadata.annotations.job.db_init" . | fromYaml ) }}
+{{- end }}
 {{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
 {{- end }}
diff --git a/masakari/templates/job-db-sync.yaml b/masakari/templates/job-db-sync.yaml
index 8765bbabc6..44563bce2b 100644
--- a/masakari/templates/job-db-sync.yaml
+++ b/masakari/templates/job-db-sync.yaml
@@ -24,6 +24,10 @@ metadata:
   name: masakari-db-sync
   annotations:
     {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+{{- if .Values.helm3_hook }}
+    "helm.sh/hook": "post-install,post-upgrade"
+    "helm.sh/hook-weight": "-4"
+{{- end }}
 spec:
   template:
     metadata:
diff --git a/masakari/templates/job-ks-endpoints.yaml b/masakari/templates/job-ks-endpoints.yaml
index 60d9cd143c..fb8718ccae 100644
--- a/masakari/templates/job-ks-endpoints.yaml
+++ b/masakari/templates/job-ks-endpoints.yaml
@@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+{{- define "metadata.annotations.job.ks_endpoints" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-2"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_endpoints }}
 {{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml ) }}
+{{- end }}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
 {{- end }}
diff --git a/masakari/templates/job-ks-service.yaml b/masakari/templates/job-ks-service.yaml
index 07f0da899e..a33a9bec2c 100644
--- a/masakari/templates/job-ks-service.yaml
+++ b/masakari/templates/job-ks-service.yaml
@@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+{{- define "metadata.annotations.job.ks_service" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-3"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_service }}
 {{- $ksServiceJob := dict "envAll" . "serviceName" "masakari" "serviceTypes" ( tuple "instance-ha" ) -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksServiceJob "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml ) }}
+{{- end }}
 {{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
 {{- end }}
diff --git a/masakari/templates/job-ks-user.yaml b/masakari/templates/job-ks-user.yaml
index 2fa5eaa4e0..0f0fd2768a 100644
--- a/masakari/templates/job-ks-user.yaml
+++ b/masakari/templates/job-ks-user.yaml
@@ -12,7 +12,15 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
+{{- define "metadata.annotations.job.ks_user" }}
+helm.sh/hook: post-install,post-upgrade
+helm.sh/hook-weight: "-1"
+{{- end }}
+
 {{- if .Values.manifests.job_ks_user }}
 {{- $ksUserJob := dict "envAll" . "serviceName" "masakari" -}}
+{{- if .Values.helm3_hook }}
+{{- $_ := set $ksUserJob "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml ) }}
+{{- end }}
 {{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
 {{- end }}
diff --git a/masakari/values.yaml b/masakari/values.yaml
index 5537376845..9f867df39e 100644
--- a/masakari/values.yaml
+++ b/masakari/values.yaml
@@ -25,7 +25,7 @@ images:
     masakari_process_monitor: docker.io/xuxant/masakari-monitors:focal
     masakari_instance_monitor: docker.io/xuxant/masakari-monitors:focal
     rabbit_init: docker.io/rabbitmq:3.7-management
-    dep_check: 'quay.io/airshipit/kubernetes-entrypoint:v1.0.0'
+    dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
   pull_policy: "IfNotPresent"
   local_registry:
     active: false
@@ -71,7 +71,7 @@ endpoints:
     path:
       default: "/v1/%(tenant_id)s"
     scheme:
-      default: 'http'
+      default: "http"
     port:
       api:
         default: 15868
@@ -184,7 +184,7 @@ endpoints:
       default: null
     path:
       default: null
-    scheme: 'http'
+    scheme: "http"
     port:
       service:
         default: 24224
@@ -281,23 +281,23 @@ pod:
         masakari_api:
           readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
         masakari_engine:
           readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
         masakari_db_sync:
           readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
         masakari_host_monitor:
           readOnlyRootFilesystem: false
-          allowPrivilegeEscalation: false
-          runAsUser: 0
+          allowPrivilegeEscalation: true
+          runAsUser: 42424
         masakari_process_monitir:
           readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
-          runAsUser: 0
+          runAsUser: 42424
         masakari_instance_monitor:
           readOnlyRootFilesystem: false
           allowPrivilegeEscalation: false
@@ -564,6 +564,17 @@ conf:
     introspectiveinstancemonitor:
       guest_monitor_interval: 10
       guest_monitor_timeout: 5
+    host:
+      monitoring_driver: default
+      monitoring_interval: 120
+      monitoring_samples: 1
+      disable_ipmi_checks: true
+      corosync_multicast_ports: 5405
+      pacemaker_node_type: remote
+
+# Note(xuxant): Hooks will break the upgrade for helm2
+# Set to false if using helm2.
+helm3_hook: true
 
 network:
   masakari_api:
@@ -589,6 +600,7 @@ manifests:
   job_rabbit_init: true
   service_api: true
   pdb_api: true
-  host_monitor: true
+  # Host Monitors in containers needs pacemaker remote.
+  host_monitor: false
   instance_monitor: true
-  process_monitor: true
+  process_monitor: false
diff --git a/releasenotes/notes/masakari.yaml b/releasenotes/notes/masakari.yaml
index 99680e5aa6..a840acba72 100644
--- a/releasenotes/notes/masakari.yaml
+++ b/releasenotes/notes/masakari.yaml
@@ -2,4 +2,5 @@
 masakari:
   - 0.1.0 Initial Chart
   - 0.1.1 Seperate node labels for monitors
+  - 0.1.2 Added halm hook and fix for hostmonitors to support pacemaker remote
 ...