Culmination of glance changes
Due to some messy rebases and a botched git history, implemented all changes into one PR
This commit is contained in:
parent
49133ce86b
commit
393ed4cf47
glance
templates
bin
ceph.client.glance.keyring.yamlceph.conf.yamlconfigmap-bin.yamlconfigmap-etc.yamldb-sync.sh.yamldeployment-api.yamldeployment-registry.yamletc
_ceph.client.glance.keyring.yaml.tpl_ceph.conf.tpl_glance-api-paste.ini.tpl_glance-api.conf.tpl_glance-registry.conf.tpl_policy.json.tpl
glance-api.conf.yamlglance-registry.conf.yamlinit.sh.yamljob-db-sync.yamljob-init.yamljob-post.yamlpost.sh.yamlstart.sh.yaml
17
glance/templates/bin/_init.sh.tpl
Normal file
17
glance/templates/bin/_init.sh.tpl
Normal file
@ -0,0 +1,17 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' \
|
||||
login_port='{{ .Values.database.port }}' \
|
||||
login_user='{{ .Values.database.root_user }}' \
|
||||
login_password='{{ .Values.database.root_password }}' \
|
||||
name='{{ .Values.database.glance_database_name }}'"
|
||||
|
||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' \
|
||||
login_port='{{ .Values.database.port }}' \
|
||||
login_user='{{ .Values.database.root_user }}' \
|
||||
login_password='{{ .Values.database.root_password }}' \
|
||||
name='{{ .Values.database.glance_user }}' \
|
||||
password='{{ .Values.database.glance_password }}' \
|
||||
host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'"
|
42
glance/templates/bin/_post.sh.tpl
Normal file
42
glance/templates/bin/_post.sh.tpl
Normal file
@ -0,0 +1,42 @@
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=admin \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=internal \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=public \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_user -a "project=service \
|
||||
user={{ .Values.keystone.glance_user }} \
|
||||
password={{ .Values.keystone.glance_password }} \
|
||||
role=admin \
|
||||
region_name={{ .Values.keystone.admin_region_name }} \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
@ -1,13 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-cephclientglancekeyring
|
||||
data:
|
||||
ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+
|
||||
[client.{{ .Values.ceph.glance_user }}]
|
||||
{{- if .Values.ceph.glance_keyring }}
|
||||
key = {{ .Values.ceph.glance_keyring }}
|
||||
{{- else }}
|
||||
key = {{- include "secrets/ceph-client-key" . -}}
|
||||
{{- end }}
|
||||
|
@ -1,23 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-cephconf
|
||||
data:
|
||||
ceph.conf: |+
|
||||
[global]
|
||||
rgw_thread_pool_size = 1024
|
||||
rgw_num_rados_handles = 100
|
||||
{{- if .Values.ceph.monitors }}
|
||||
[mon]
|
||||
{{ range .Values.ceph.monitors }}
|
||||
[mon.{{ . }}]
|
||||
host = {{ . }}
|
||||
mon_addr = {{ . }}
|
||||
{{ end }}
|
||||
{{- else }}
|
||||
mon_host = ceph-mon.ceph
|
||||
{{- end }}
|
||||
[client]
|
||||
rbd_cache_enabled = true
|
||||
rbd_cache_writethrough_until_flush = true
|
||||
|
9
glance/templates/configmap-bin.yaml
Normal file
9
glance/templates/configmap-bin.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-bin
|
||||
data:
|
||||
init.sh: |+
|
||||
{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }}
|
||||
post.sh: |+
|
||||
{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }}
|
17
glance/templates/configmap-etc.yaml
Normal file
17
glance/templates/configmap-etc.yaml
Normal file
@ -0,0 +1,17 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-etc
|
||||
data:
|
||||
ceph.conf: |+
|
||||
{{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }}
|
||||
ceph.client.glance.keyring: |+
|
||||
{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }}
|
||||
glance-api.conf: |+
|
||||
{{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }}
|
||||
glance-api-paste.ini: |+
|
||||
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }}
|
||||
glance-registry.conf: |+
|
||||
{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }}
|
||||
policy.json: |+
|
||||
{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }}
|
@ -1,10 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-dbsyncsh
|
||||
data:
|
||||
db-sync.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
glance-manage db_sync
|
@ -3,7 +3,11 @@ kind: Deployment
|
||||
metadata:
|
||||
name: glance-api
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
{{- if .Values.development.enabled }}
|
||||
replicas: 1
|
||||
{{- else }}
|
||||
replicas: {{ .Values.replicas.api }}
|
||||
{{- end }}
|
||||
revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
|
||||
strategy:
|
||||
type: {{ .Values.upgrades.pod_replacement_strategy }}
|
||||
@ -51,8 +55,7 @@ spec:
|
||||
image: {{ .Values.images.api }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
command:
|
||||
- bash
|
||||
- /tmp/start.sh
|
||||
- glance-api
|
||||
ports:
|
||||
- containerPort: {{ .Values.network.port.api }}
|
||||
readinessProbe:
|
||||
@ -62,29 +65,46 @@ spec:
|
||||
- name: glanceapiconf
|
||||
mountPath: /etc/glance/glance-api.conf
|
||||
subPath: glance-api.conf
|
||||
- name: startsh
|
||||
mountPath: /tmp/start.sh
|
||||
subPath: start.sh
|
||||
- name: glanceapipaste
|
||||
mountPath: /etc/glance/glance-api-paste.ini
|
||||
subPath: glance-api-paste.ini
|
||||
- name: etcglance
|
||||
mountPath: /etc/glance
|
||||
- name: glancepolicy
|
||||
mountPath: /etc/glance/policy.json
|
||||
subPath: policy.json
|
||||
{{- if .Values.development.enabled }}
|
||||
- name: glance-data
|
||||
mountPath: /var/lib/glance/images
|
||||
{{- else }}
|
||||
- name: cephconf
|
||||
mountPath: /etc/ceph/ceph.conf
|
||||
subPath: ceph.conf
|
||||
- name: cephclientglancekeyring
|
||||
mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
||||
subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: glanceapiconf
|
||||
configMap:
|
||||
name: glance-glanceapiconf
|
||||
- name: startsh
|
||||
name: glance-etc
|
||||
- name: glanceapipaste
|
||||
configMap:
|
||||
name: glance-startsh
|
||||
name: glance-etc
|
||||
{{- if .Values.development.enabled }}
|
||||
- name: glance-data
|
||||
hostPath:
|
||||
path: {{ .Values.development.storage_path }}
|
||||
{{- else }}
|
||||
- name: cephconf
|
||||
configMap:
|
||||
name: glance-cephconf
|
||||
name: glance-etc
|
||||
- name: cephclientglancekeyring
|
||||
configMap:
|
||||
name: glance-cephclientglancekeyring
|
||||
name: glance-etc
|
||||
{{- end }}
|
||||
- name: etcglance
|
||||
emptyDir: {}
|
||||
- name: glancepolicy
|
||||
configMap:
|
||||
name: glance-etc
|
@ -3,7 +3,11 @@ kind: Deployment
|
||||
metadata:
|
||||
name: glance-registry
|
||||
spec:
|
||||
replicas: {{ .Values.replicas }}
|
||||
{{- if .Values.development.enabled }}
|
||||
replicas: 1
|
||||
{{- else }}
|
||||
replicas: {{ .Values.replicas.registry }}
|
||||
{{- end }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
@ -55,4 +59,4 @@ spec:
|
||||
volumes:
|
||||
- name: glanceregistryconf
|
||||
configMap:
|
||||
name: glance-glanceregistryconf
|
||||
name: glance-etc
|
@ -0,0 +1,2 @@
|
||||
[client.{{ .Values.ceph.glance_user }}]
|
||||
key = {{ .Values.ceph.glance_keyring }}
|
16
glance/templates/etc/_ceph.conf.tpl
Normal file
16
glance/templates/etc/_ceph.conf.tpl
Normal file
@ -0,0 +1,16 @@
|
||||
[global]
|
||||
rgw_thread_pool_size = 1024
|
||||
rgw_num_rados_handles = 100
|
||||
{{- if .Values.ceph.monitors }}
|
||||
[mon]
|
||||
{{ range .Values.ceph.monitors }}
|
||||
[mon.{{ . }}]
|
||||
host = {{ . }}
|
||||
mon_addr = {{ . }}
|
||||
{{ end }}
|
||||
{{- else }}
|
||||
mon_host = ceph-mon.ceph
|
||||
{{- end }}
|
||||
[client]
|
||||
rbd_cache_enabled = true
|
||||
rbd_cache_writethrough_until_flush = true
|
90
glance/templates/etc/_glance-api-paste.ini.tpl
Normal file
90
glance/templates/etc/_glance-api-paste.ini.tpl
Normal file
@ -0,0 +1,90 @@
|
||||
# Use this pipeline for no auth or image caching - DEFAULT
|
||||
[pipeline:glance-api]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp
|
||||
|
||||
# Use this pipeline for image caching and no auth
|
||||
[pipeline:glance-api-caching]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp
|
||||
|
||||
# Use this pipeline for caching w/ management interface but no auth
|
||||
[pipeline:glance-api-cachemanagement]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp
|
||||
|
||||
# Use this pipeline for keystone auth
|
||||
[pipeline:glance-api-keystone]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp
|
||||
|
||||
# Use this pipeline for keystone auth with image caching
|
||||
[pipeline:glance-api-keystone+caching]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp
|
||||
|
||||
# Use this pipeline for keystone auth with caching and cache management
|
||||
[pipeline:glance-api-keystone+cachemanagement]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp
|
||||
|
||||
# Use this pipeline for authZ only. This means that the registry will treat a
|
||||
# user as authenticated without making requests to keystone to reauthenticate
|
||||
# the user.
|
||||
[pipeline:glance-api-trusted-auth]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp
|
||||
|
||||
# Use this pipeline for authZ only. This means that the registry will treat a
|
||||
# user as authenticated without making requests to keystone to reauthenticate
|
||||
# the user and uses cache management
|
||||
[pipeline:glance-api-trusted-auth+cachemanagement]
|
||||
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp
|
||||
|
||||
[composite:rootapp]
|
||||
paste.composite_factory = glance.api:root_app_factory
|
||||
/: apiversions
|
||||
/v1: apiv1app
|
||||
/v2: apiv2app
|
||||
|
||||
[app:apiversions]
|
||||
paste.app_factory = glance.api.versions:create_resource
|
||||
|
||||
[app:apiv1app]
|
||||
paste.app_factory = glance.api.v1.router:API.factory
|
||||
|
||||
[app:apiv2app]
|
||||
paste.app_factory = glance.api.v2.router:API.factory
|
||||
|
||||
[filter:healthcheck]
|
||||
paste.filter_factory = oslo_middleware:Healthcheck.factory
|
||||
backends = disable_by_file
|
||||
disable_by_file_path = /etc/glance/healthcheck_disable
|
||||
|
||||
[filter:versionnegotiation]
|
||||
paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory
|
||||
|
||||
[filter:cache]
|
||||
paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory
|
||||
|
||||
[filter:cachemanage]
|
||||
paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory
|
||||
|
||||
[filter:context]
|
||||
paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory
|
||||
|
||||
[filter:unauthenticated-context]
|
||||
paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory
|
||||
|
||||
[filter:authtoken]
|
||||
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
|
||||
delay_auth_decision = true
|
||||
|
||||
[filter:gzip]
|
||||
paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory
|
||||
|
||||
[filter:osprofiler]
|
||||
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory
|
||||
hmac_keys = SECRET_KEY #DEPRECATED
|
||||
enabled = yes #DEPRECATED
|
||||
|
||||
[filter:cors]
|
||||
paste.filter_factory = oslo_middleware.cors:filter_factory
|
||||
oslo_config_project = glance
|
||||
oslo_config_program = glance-api
|
||||
|
||||
[filter:http_proxy_to_wsgi]
|
||||
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
|
44
glance/templates/etc/_glance-api.conf.tpl
Normal file
44
glance/templates/etc/_glance-api.conf.tpl
Normal file
@ -0,0 +1,44 @@
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
|
||||
bind_port = {{ .Values.network.port.api }}
|
||||
workers = {{ .Values.misc.workers }}
|
||||
registry_host = glance-registry
|
||||
# Enable Copy-on-Write
|
||||
show_image_direct_url = True
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[keystone_authtoken]
|
||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||
auth_url = {{ .Values.keystone.auth_url }}
|
||||
auth_type = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ .Values.keystone.glance_user }}
|
||||
password = {{ .Values.keystone.glance_password }}
|
||||
|
||||
[paste_deploy]
|
||||
flavor = keystone
|
||||
|
||||
[oslo_messaging_notifications]
|
||||
driver = noop
|
||||
|
||||
[glance_store]
|
||||
filesystem_store_datadir = /var/lib/glance/images/
|
||||
{{- if .Values.development.enabled }}
|
||||
stores = file, http
|
||||
default_store = file
|
||||
{{- else }}
|
||||
stores = file, http, rbd
|
||||
default_store = rbd
|
||||
rbd_store_pool = {{ .Values.ceph.glance_pool }}
|
||||
rbd_store_user = {{ .Values.ceph.glance_user }}
|
||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
||||
rbd_store_chunk_size = 8
|
||||
{{- end }}
|
26
glance/templates/etc/_glance-registry.conf.tpl
Normal file
26
glance/templates/etc/_glance-registry.conf.tpl
Normal file
@ -0,0 +1,26 @@
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
bind_port = {{ .Values.network.port.registry }}
|
||||
workers = {{ .Values.misc.workers }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[keystone_authtoken]
|
||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||
auth_url = {{ .Values.keystone.auth_url }}
|
||||
auth_type = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ .Values.keystone.glance_user }}
|
||||
password = {{ .Values.keystone.glance_password }}
|
||||
|
||||
[paste_deploy]
|
||||
flavor = keystone
|
||||
|
||||
[oslo_messaging_notifications]
|
||||
driver = noop
|
61
glance/templates/etc/_policy.json.tpl
Normal file
61
glance/templates/etc/_policy.json.tpl
Normal file
@ -0,0 +1,61 @@
|
||||
{
|
||||
"context_is_admin": "role:admin",
|
||||
"default": "role:admin",
|
||||
|
||||
"add_image": "",
|
||||
"delete_image": "",
|
||||
"get_image": "",
|
||||
"get_images": "",
|
||||
"modify_image": "",
|
||||
"publicize_image": "role:admin",
|
||||
"copy_from": "",
|
||||
|
||||
"download_image": "",
|
||||
"upload_image": "",
|
||||
|
||||
"delete_image_location": "",
|
||||
"get_image_location": "",
|
||||
"set_image_location": "",
|
||||
|
||||
"add_member": "",
|
||||
"delete_member": "",
|
||||
"get_member": "",
|
||||
"get_members": "",
|
||||
"modify_member": "",
|
||||
|
||||
"manage_image_cache": "role:admin",
|
||||
|
||||
"get_task": "role:admin",
|
||||
"get_tasks": "role:admin",
|
||||
"add_task": "role:admin",
|
||||
"modify_task": "role:admin",
|
||||
|
||||
"deactivate": "",
|
||||
"reactivate": "",
|
||||
|
||||
"get_metadef_namespace": "",
|
||||
"get_metadef_namespaces":"",
|
||||
"modify_metadef_namespace":"",
|
||||
"add_metadef_namespace":"",
|
||||
|
||||
"get_metadef_object":"",
|
||||
"get_metadef_objects":"",
|
||||
"modify_metadef_object":"",
|
||||
"add_metadef_object":"",
|
||||
|
||||
"list_metadef_resource_types":"",
|
||||
"get_metadef_resource_type":"",
|
||||
"add_metadef_resource_type_association":"",
|
||||
|
||||
"get_metadef_property":"",
|
||||
"get_metadef_properties":"",
|
||||
"modify_metadef_property":"",
|
||||
"add_metadef_property":"",
|
||||
|
||||
"get_metadef_tag":"",
|
||||
"get_metadef_tags":"",
|
||||
"modify_metadef_tag":"",
|
||||
"add_metadef_tag":"",
|
||||
"add_metadef_tags":""
|
||||
|
||||
}
|
@ -1,48 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-glanceapiconf
|
||||
data:
|
||||
glance-api.conf: |+
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
|
||||
bind_port = {{ .Values.network.port.api }}
|
||||
|
||||
workers = {{ .Values.misc.workers }}
|
||||
registry_host = {{ include "glance_registry_host" . }}
|
||||
|
||||
# Enable Copy-on-Write
|
||||
show_image_direct_url = True
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[keystone_authtoken]
|
||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||
auth_url = {{ .Values.keystone.auth_url }}
|
||||
auth_type = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ .Values.keystone.glance_user }}
|
||||
password = {{ .Values.keystone.glance_password }}
|
||||
|
||||
[paste_deploy]
|
||||
flavor = keystone
|
||||
|
||||
[oslo_messaging_notifications]
|
||||
driver = noop
|
||||
|
||||
[glance_store]
|
||||
filesystem_store_datadir = /var/lib/glance/images/
|
||||
stores = file, http, rbd
|
||||
default_store = rbd
|
||||
rbd_store_pool = {{ .Values.ceph.glance_pool }}
|
||||
rbd_store_user = {{ .Values.ceph.glance_user }}
|
||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
||||
rbd_store_chunk_size = 8
|
||||
|
@ -1,34 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-glanceregistryconf
|
||||
data:
|
||||
glance-registry.conf: |+
|
||||
[DEFAULT]
|
||||
debug = {{ .Values.misc.debug }}
|
||||
use_syslog = False
|
||||
use_stderr = True
|
||||
|
||||
bind_port = {{ .Values.network.port.registry }}
|
||||
|
||||
workers = {{ .Values.misc.workers }}
|
||||
|
||||
[database]
|
||||
connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }}
|
||||
max_retries = -1
|
||||
|
||||
[keystone_authtoken]
|
||||
auth_uri = {{ .Values.keystone.auth_uri }}
|
||||
auth_url = {{ .Values.keystone.auth_url }}
|
||||
auth_type = password
|
||||
project_domain_id = default
|
||||
user_domain_id = default
|
||||
project_name = service
|
||||
username = {{ .Values.keystone.glance_user }}
|
||||
password = {{ .Values.keystone.glance_password }}
|
||||
|
||||
[paste_deploy]
|
||||
flavor = keystone
|
||||
|
||||
[oslo_messaging_notifications]
|
||||
driver = noop
|
@ -1,12 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-initsh
|
||||
data:
|
||||
init.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_database_name }}'"
|
||||
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_user }}' password='{{ .Values.database.glance_password }}' host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'"
|
@ -40,19 +40,13 @@ spec:
|
||||
image: {{ .Values.images.db_sync }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
command:
|
||||
- bash
|
||||
- /tmp/db-sync.sh
|
||||
- glance-manage
|
||||
- db_sync
|
||||
volumeMounts:
|
||||
- name: glanceapiconf
|
||||
mountPath: /etc/glance/glance-api.conf
|
||||
subPath: glance-api.conf
|
||||
- name: dbsyncsh
|
||||
mountPath: /tmp/db-sync.sh
|
||||
subPath: db-sync.sh
|
||||
volumes:
|
||||
- name: glanceapiconf
|
||||
configMap:
|
||||
name: glance-glanceapiconf
|
||||
- name: dbsyncsh
|
||||
configMap:
|
||||
name: glance-dbsyncsh
|
||||
name: glance-etc
|
@ -52,4 +52,4 @@ spec:
|
||||
volumes:
|
||||
- name: initsh
|
||||
configMap:
|
||||
name: glance-initsh
|
||||
name: glance-bin
|
@ -52,5 +52,4 @@ spec:
|
||||
volumes:
|
||||
- name: postsh
|
||||
configMap:
|
||||
name: glance-postsh
|
||||
|
||||
name: glance-bin
|
@ -1,48 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-postsh
|
||||
data:
|
||||
post.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=admin \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=internal \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \
|
||||
service_type=image \
|
||||
description='Openstack Image' \
|
||||
endpoint_region='{{ .Values.keystone.glance_region_name }}' \
|
||||
url='{{ include "endpoint_glance_api_internal" . }}' \
|
||||
interface=public \
|
||||
region_name='{{ .Values.keystone.admin_region_name }}' \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
||||
ansible localhost -vvv -m kolla_keystone_user -a "project=service \
|
||||
user={{ .Values.keystone.glance_user }} \
|
||||
password={{ .Values.keystone.glance_password }} \
|
||||
role=admin \
|
||||
region_name={{ .Values.keystone.admin_region_name }} \
|
||||
auth='{{ include "keystone_auth" . }}'" \
|
||||
-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }"
|
||||
|
@ -1,12 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: glance-startsh
|
||||
data:
|
||||
start.sh: |+
|
||||
#!/bin/bash
|
||||
set -ex
|
||||
|
||||
cp `find / -not -path "/etc/*" -name glance-api-paste.ini` /etc/glance/
|
||||
|
||||
glance-api
|
@ -3,7 +3,13 @@
|
||||
# Declare name/value pairs to be passed into your templates.
|
||||
# name: value
|
||||
|
||||
replicas: 1
|
||||
replicas:
|
||||
api: 1
|
||||
registry: 1
|
||||
|
||||
development:
|
||||
enabled: false
|
||||
storage_path: /data/openstack-helm/glance/images
|
||||
|
||||
labels:
|
||||
node_selector_key: openstack-control-plane
|
||||
|
Loading…
Reference in New Issue
Block a user