From 393ed4cf47177e43b94d0b98ad2bec1eebe158c1 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Fri, 13 Jan 2017 15:40:38 -0600 Subject: [PATCH] Culmination of glance changes Due to some messy rebases and a botched git history, implemented all changes into one PR --- glance/templates/bin/_init.sh.tpl | 17 ++++ glance/templates/bin/_post.sh.tpl | 42 +++++++++ .../templates/ceph.client.glance.keyring.yaml | 13 --- glance/templates/ceph.conf.yaml | 23 ----- glance/templates/configmap-bin.yaml | 9 ++ glance/templates/configmap-etc.yaml | 17 ++++ glance/templates/db-sync.sh.yaml | 10 --- .../{api.yaml => deployment-api.yaml} | 42 ++++++--- ...registry.yaml => deployment-registry.yaml} | 8 +- .../etc/_ceph.client.glance.keyring.yaml.tpl | 2 + glance/templates/etc/_ceph.conf.tpl | 16 ++++ .../templates/etc/_glance-api-paste.ini.tpl | 90 +++++++++++++++++++ glance/templates/etc/_glance-api.conf.tpl | 44 +++++++++ .../templates/etc/_glance-registry.conf.tpl | 26 ++++++ glance/templates/etc/_policy.json.tpl | 61 +++++++++++++ glance/templates/glance-api.conf.yaml | 48 ---------- glance/templates/glance-registry.conf.yaml | 34 ------- glance/templates/init.sh.yaml | 12 --- .../{db-sync.yaml => job-db-sync.yaml} | 12 +-- glance/templates/{init.yaml => job-init.yaml} | 2 +- glance/templates/{post.yaml => job-post.yaml} | 3 +- glance/templates/post.sh.yaml | 48 ---------- glance/templates/start.sh.yaml | 12 --- glance/values.yaml | 8 +- 24 files changed, 373 insertions(+), 226 deletions(-) create mode 100644 glance/templates/bin/_init.sh.tpl create mode 100644 glance/templates/bin/_post.sh.tpl delete mode 100644 glance/templates/ceph.client.glance.keyring.yaml delete mode 100644 glance/templates/ceph.conf.yaml create mode 100644 glance/templates/configmap-bin.yaml create mode 100644 glance/templates/configmap-etc.yaml delete mode 100644 glance/templates/db-sync.sh.yaml rename glance/templates/{api.yaml => deployment-api.yaml} (74%) rename glance/templates/{registry.yaml => deployment-registry.yaml} (92%) create mode 100644 glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl create mode 100644 glance/templates/etc/_ceph.conf.tpl create mode 100644 glance/templates/etc/_glance-api-paste.ini.tpl create mode 100644 glance/templates/etc/_glance-api.conf.tpl create mode 100644 glance/templates/etc/_glance-registry.conf.tpl create mode 100644 glance/templates/etc/_policy.json.tpl delete mode 100644 glance/templates/glance-api.conf.yaml delete mode 100644 glance/templates/glance-registry.conf.yaml delete mode 100644 glance/templates/init.sh.yaml rename glance/templates/{db-sync.yaml => job-db-sync.yaml} (84%) rename glance/templates/{init.yaml => job-init.yaml} (98%) rename glance/templates/{post.yaml => job-post.yaml} (97%) delete mode 100644 glance/templates/post.sh.yaml delete mode 100644 glance/templates/start.sh.yaml diff --git a/glance/templates/bin/_init.sh.tpl b/glance/templates/bin/_init.sh.tpl new file mode 100644 index 0000000000..9c0daef9b4 --- /dev/null +++ b/glance/templates/bin/_init.sh.tpl @@ -0,0 +1,17 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.glance_database_name }}'" + +ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' \ +login_port='{{ .Values.database.port }}' \ +login_user='{{ .Values.database.root_user }}' \ +login_password='{{ .Values.database.root_password }}' \ +name='{{ .Values.database.glance_user }}' \ +password='{{ .Values.database.glance_password }}' \ +host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'" diff --git a/glance/templates/bin/_post.sh.tpl b/glance/templates/bin/_post.sh.tpl new file mode 100644 index 0000000000..d46e924974 --- /dev/null +++ b/glance/templates/bin/_post.sh.tpl @@ -0,0 +1,42 @@ +#!/bin/bash +set -ex +export HOME=/tmp + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=admin \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=internal \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + +ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ +service_type=image \ +description='Openstack Image' \ +endpoint_region='{{ .Values.keystone.glance_region_name }}' \ +url='{{ include "endpoint_glance_api_internal" . }}' \ +interface=public \ +region_name='{{ .Values.keystone.admin_region_name }}' \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + +ansible localhost -vvv -m kolla_keystone_user -a "project=service \ +user={{ .Values.keystone.glance_user }} \ +password={{ .Values.keystone.glance_password }} \ +role=admin \ +region_name={{ .Values.keystone.admin_region_name }} \ +auth='{{ include "keystone_auth" . }}'" \ +-e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" + diff --git a/glance/templates/ceph.client.glance.keyring.yaml b/glance/templates/ceph.client.glance.keyring.yaml deleted file mode 100644 index 915324809b..0000000000 --- a/glance/templates/ceph.client.glance.keyring.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-cephclientglancekeyring -data: - ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+ - [client.{{ .Values.ceph.glance_user }}] - {{- if .Values.ceph.glance_keyring }} - key = {{ .Values.ceph.glance_keyring }} - {{- else }} - key = {{- include "secrets/ceph-client-key" . -}} - {{- end }} - diff --git a/glance/templates/ceph.conf.yaml b/glance/templates/ceph.conf.yaml deleted file mode 100644 index 3c3aed3074..0000000000 --- a/glance/templates/ceph.conf.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-cephconf -data: - ceph.conf: |+ - [global] - rgw_thread_pool_size = 1024 - rgw_num_rados_handles = 100 - {{- if .Values.ceph.monitors }} - [mon] - {{ range .Values.ceph.monitors }} - [mon.{{ . }}] - host = {{ . }} - mon_addr = {{ . }} - {{ end }} - {{- else }} - mon_host = ceph-mon.ceph - {{- end }} - [client] - rbd_cache_enabled = true - rbd_cache_writethrough_until_flush = true - diff --git a/glance/templates/configmap-bin.yaml b/glance/templates/configmap-bin.yaml new file mode 100644 index 0000000000..fe1e9d9858 --- /dev/null +++ b/glance/templates/configmap-bin.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glance-bin +data: + init.sh: |+ +{{ tuple "bin/_init.sh.tpl" . | include "template" | indent 4 }} + post.sh: |+ +{{ tuple "bin/_post.sh.tpl" . | include "template" | indent 4 }} diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml new file mode 100644 index 0000000000..2ba83442aa --- /dev/null +++ b/glance/templates/configmap-etc.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: glance-etc +data: + ceph.conf: |+ +{{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }} + ceph.client.glance.keyring: |+ +{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }} + glance-api.conf: |+ +{{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }} + glance-api-paste.ini: |+ +{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "template" | indent 4 }} + glance-registry.conf: |+ +{{ tuple "etc/_glance-registry.conf.tpl" . | include "template" | indent 4 }} + policy.json: |+ +{{ tuple "etc/_policy.json.tpl" . | include "template" | indent 4 }} diff --git a/glance/templates/db-sync.sh.yaml b/glance/templates/db-sync.sh.yaml deleted file mode 100644 index 78a95b4cd4..0000000000 --- a/glance/templates/db-sync.sh.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-dbsyncsh -data: - db-sync.sh: |+ - #!/bin/bash - set -ex - - glance-manage db_sync diff --git a/glance/templates/api.yaml b/glance/templates/deployment-api.yaml similarity index 74% rename from glance/templates/api.yaml rename to glance/templates/deployment-api.yaml index 53e9cc77b0..27141cce2c 100644 --- a/glance/templates/api.yaml +++ b/glance/templates/deployment-api.yaml @@ -3,7 +3,11 @@ kind: Deployment metadata: name: glance-api spec: - replicas: {{ .Values.replicas }} +{{- if .Values.development.enabled }} + replicas: 1 +{{- else }} + replicas: {{ .Values.replicas.api }} +{{- end }} revisionHistoryLimit: {{ .Values.upgrades.revision_history }} strategy: type: {{ .Values.upgrades.pod_replacement_strategy }} @@ -51,8 +55,7 @@ spec: image: {{ .Values.images.api }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - bash - - /tmp/start.sh + - glance-api ports: - containerPort: {{ .Values.network.port.api }} readinessProbe: @@ -62,29 +65,46 @@ spec: - name: glanceapiconf mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf - - name: startsh - mountPath: /tmp/start.sh - subPath: start.sh + - name: glanceapipaste + mountPath: /etc/glance/glance-api-paste.ini + subPath: glance-api-paste.ini - name: etcglance mountPath: /etc/glance + - name: glancepolicy + mountPath: /etc/glance/policy.json + subPath: policy.json +{{- if .Values.development.enabled }} + - name: glance-data + mountPath: /var/lib/glance/images +{{- else }} - name: cephconf mountPath: /etc/ceph/ceph.conf subPath: ceph.conf - name: cephclientglancekeyring mountPath: /etc/ceph/ceph.client.{{ .Values.ceph.glance_user }}.keyring subPath: ceph.client.{{ .Values.ceph.glance_user }}.keyring +{{- end }} volumes: - name: glanceapiconf configMap: - name: glance-glanceapiconf - - name: startsh + name: glance-etc + - name: glanceapipaste configMap: - name: glance-startsh + name: glance-etc +{{- if .Values.development.enabled }} + - name: glance-data + hostPath: + path: {{ .Values.development.storage_path }} +{{- else }} - name: cephconf configMap: - name: glance-cephconf + name: glance-etc - name: cephclientglancekeyring configMap: - name: glance-cephclientglancekeyring + name: glance-etc +{{- end }} - name: etcglance emptyDir: {} + - name: glancepolicy + configMap: + name: glance-etc diff --git a/glance/templates/registry.yaml b/glance/templates/deployment-registry.yaml similarity index 92% rename from glance/templates/registry.yaml rename to glance/templates/deployment-registry.yaml index 998d64ad32..2a892429c5 100644 --- a/glance/templates/registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -3,7 +3,11 @@ kind: Deployment metadata: name: glance-registry spec: - replicas: {{ .Values.replicas }} +{{- if .Values.development.enabled }} + replicas: 1 +{{- else }} + replicas: {{ .Values.replicas.registry }} +{{- end }} template: metadata: labels: @@ -55,4 +59,4 @@ spec: volumes: - name: glanceregistryconf configMap: - name: glance-glanceregistryconf + name: glance-etc diff --git a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl new file mode 100644 index 0000000000..f780dada8f --- /dev/null +++ b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl @@ -0,0 +1,2 @@ +[client.{{ .Values.ceph.glance_user }}] + key = {{ .Values.ceph.glance_keyring }} diff --git a/glance/templates/etc/_ceph.conf.tpl b/glance/templates/etc/_ceph.conf.tpl new file mode 100644 index 0000000000..7d2576bf65 --- /dev/null +++ b/glance/templates/etc/_ceph.conf.tpl @@ -0,0 +1,16 @@ +[global] +rgw_thread_pool_size = 1024 +rgw_num_rados_handles = 100 +{{- if .Values.ceph.monitors }} +[mon] +{{ range .Values.ceph.monitors }} + [mon.{{ . }}] + host = {{ . }} + mon_addr = {{ . }} +{{ end }} +{{- else }} +mon_host = ceph-mon.ceph +{{- end }} +[client] + rbd_cache_enabled = true + rbd_cache_writethrough_until_flush = true diff --git a/glance/templates/etc/_glance-api-paste.ini.tpl b/glance/templates/etc/_glance-api-paste.ini.tpl new file mode 100644 index 0000000000..687902743a --- /dev/null +++ b/glance/templates/etc/_glance-api-paste.ini.tpl @@ -0,0 +1,90 @@ +# Use this pipeline for no auth or image caching - DEFAULT +[pipeline:glance-api] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp + +# Use this pipeline for image caching and no auth +[pipeline:glance-api-caching] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache rootapp + +# Use this pipeline for caching w/ management interface but no auth +[pipeline:glance-api-cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context cache cachemanage rootapp + +# Use this pipeline for keystone auth +[pipeline:glance-api-keystone] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context rootapp + +# Use this pipeline for keystone auth with image caching +[pipeline:glance-api-keystone+caching] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache rootapp + +# Use this pipeline for keystone auth with caching and cache management +[pipeline:glance-api-keystone+cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context cache cachemanage rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user. +[pipeline:glance-api-trusted-auth] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context rootapp + +# Use this pipeline for authZ only. This means that the registry will treat a +# user as authenticated without making requests to keystone to reauthenticate +# the user and uses cache management +[pipeline:glance-api-trusted-auth+cachemanagement] +pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context cache cachemanage rootapp + +[composite:rootapp] +paste.composite_factory = glance.api:root_app_factory +/: apiversions +/v1: apiv1app +/v2: apiv2app + +[app:apiversions] +paste.app_factory = glance.api.versions:create_resource + +[app:apiv1app] +paste.app_factory = glance.api.v1.router:API.factory + +[app:apiv2app] +paste.app_factory = glance.api.v2.router:API.factory + +[filter:healthcheck] +paste.filter_factory = oslo_middleware:Healthcheck.factory +backends = disable_by_file +disable_by_file_path = /etc/glance/healthcheck_disable + +[filter:versionnegotiation] +paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory + +[filter:cache] +paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory + +[filter:cachemanage] +paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory + +[filter:context] +paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory + +[filter:unauthenticated-context] +paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory + +[filter:authtoken] +paste.filter_factory = keystonemiddleware.auth_token:filter_factory +delay_auth_decision = true + +[filter:gzip] +paste.filter_factory = glance.api.middleware.gzip:GzipMiddleware.factory + +[filter:osprofiler] +paste.filter_factory = osprofiler.web:WsgiMiddleware.factory +hmac_keys = SECRET_KEY #DEPRECATED +enabled = yes #DEPRECATED + +[filter:cors] +paste.filter_factory = oslo_middleware.cors:filter_factory +oslo_config_project = glance +oslo_config_program = glance-api + +[filter:http_proxy_to_wsgi] +paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory diff --git a/glance/templates/etc/_glance-api.conf.tpl b/glance/templates/etc/_glance-api.conf.tpl new file mode 100644 index 0000000000..84134e653a --- /dev/null +++ b/glance/templates/etc/_glance-api.conf.tpl @@ -0,0 +1,44 @@ +[DEFAULT] +debug = {{ .Values.misc.debug }} +use_syslog = False +use_stderr = True + +bind_port = {{ .Values.network.port.api }} +workers = {{ .Values.misc.workers }} +registry_host = glance-registry +# Enable Copy-on-Write +show_image_direct_url = True + +[database] +connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ .Values.keystone.auth_uri }} +auth_url = {{ .Values.keystone.auth_url }} +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.glance_user }} +password = {{ .Values.keystone.glance_password }} + +[paste_deploy] +flavor = keystone + +[oslo_messaging_notifications] +driver = noop + +[glance_store] +filesystem_store_datadir = /var/lib/glance/images/ +{{- if .Values.development.enabled }} +stores = file, http +default_store = file +{{- else }} +stores = file, http, rbd +default_store = rbd +rbd_store_pool = {{ .Values.ceph.glance_pool }} +rbd_store_user = {{ .Values.ceph.glance_user }} +rbd_store_ceph_conf = /etc/ceph/ceph.conf +rbd_store_chunk_size = 8 +{{- end }} diff --git a/glance/templates/etc/_glance-registry.conf.tpl b/glance/templates/etc/_glance-registry.conf.tpl new file mode 100644 index 0000000000..9e4df8d9c1 --- /dev/null +++ b/glance/templates/etc/_glance-registry.conf.tpl @@ -0,0 +1,26 @@ +[DEFAULT] +debug = {{ .Values.misc.debug }} +use_syslog = False +use_stderr = True +bind_port = {{ .Values.network.port.registry }} +workers = {{ .Values.misc.workers }} + +[database] +connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} +max_retries = -1 + +[keystone_authtoken] +auth_uri = {{ .Values.keystone.auth_uri }} +auth_url = {{ .Values.keystone.auth_url }} +auth_type = password +project_domain_id = default +user_domain_id = default +project_name = service +username = {{ .Values.keystone.glance_user }} +password = {{ .Values.keystone.glance_password }} + +[paste_deploy] +flavor = keystone + +[oslo_messaging_notifications] +driver = noop diff --git a/glance/templates/etc/_policy.json.tpl b/glance/templates/etc/_policy.json.tpl new file mode 100644 index 0000000000..0a058c1c5d --- /dev/null +++ b/glance/templates/etc/_policy.json.tpl @@ -0,0 +1,61 @@ +{ + "context_is_admin": "role:admin", + "default": "role:admin", + + "add_image": "", + "delete_image": "", + "get_image": "", + "get_images": "", + "modify_image": "", + "publicize_image": "role:admin", + "copy_from": "", + + "download_image": "", + "upload_image": "", + + "delete_image_location": "", + "get_image_location": "", + "set_image_location": "", + + "add_member": "", + "delete_member": "", + "get_member": "", + "get_members": "", + "modify_member": "", + + "manage_image_cache": "role:admin", + + "get_task": "role:admin", + "get_tasks": "role:admin", + "add_task": "role:admin", + "modify_task": "role:admin", + + "deactivate": "", + "reactivate": "", + + "get_metadef_namespace": "", + "get_metadef_namespaces":"", + "modify_metadef_namespace":"", + "add_metadef_namespace":"", + + "get_metadef_object":"", + "get_metadef_objects":"", + "modify_metadef_object":"", + "add_metadef_object":"", + + "list_metadef_resource_types":"", + "get_metadef_resource_type":"", + "add_metadef_resource_type_association":"", + + "get_metadef_property":"", + "get_metadef_properties":"", + "modify_metadef_property":"", + "add_metadef_property":"", + + "get_metadef_tag":"", + "get_metadef_tags":"", + "modify_metadef_tag":"", + "add_metadef_tag":"", + "add_metadef_tags":"" + +} diff --git a/glance/templates/glance-api.conf.yaml b/glance/templates/glance-api.conf.yaml deleted file mode 100644 index ee61d333ec..0000000000 --- a/glance/templates/glance-api.conf.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-glanceapiconf -data: - glance-api.conf: |+ - [DEFAULT] - debug = {{ .Values.misc.debug }} - use_syslog = False - use_stderr = True - - bind_port = {{ .Values.network.port.api }} - - workers = {{ .Values.misc.workers }} - registry_host = {{ include "glance_registry_host" . }} - - # Enable Copy-on-Write - show_image_direct_url = True - - [database] - connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} - max_retries = -1 - - [keystone_authtoken] - auth_uri = {{ .Values.keystone.auth_uri }} - auth_url = {{ .Values.keystone.auth_url }} - auth_type = password - project_domain_id = default - user_domain_id = default - project_name = service - username = {{ .Values.keystone.glance_user }} - password = {{ .Values.keystone.glance_password }} - - [paste_deploy] - flavor = keystone - - [oslo_messaging_notifications] - driver = noop - - [glance_store] - filesystem_store_datadir = /var/lib/glance/images/ - stores = file, http, rbd - default_store = rbd - rbd_store_pool = {{ .Values.ceph.glance_pool }} - rbd_store_user = {{ .Values.ceph.glance_user }} - rbd_store_ceph_conf = /etc/ceph/ceph.conf - rbd_store_chunk_size = 8 - diff --git a/glance/templates/glance-registry.conf.yaml b/glance/templates/glance-registry.conf.yaml deleted file mode 100644 index 81629caa46..0000000000 --- a/glance/templates/glance-registry.conf.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-glanceregistryconf -data: - glance-registry.conf: |+ - [DEFAULT] - debug = {{ .Values.misc.debug }} - use_syslog = False - use_stderr = True - - bind_port = {{ .Values.network.port.registry }} - - workers = {{ .Values.misc.workers }} - - [database] - connection = mysql+pymysql://{{ .Values.database.glance_user }}:{{ .Values.database.glance_password }}@{{ .Values.database.address }}/{{ .Values.database.glance_database_name }} - max_retries = -1 - - [keystone_authtoken] - auth_uri = {{ .Values.keystone.auth_uri }} - auth_url = {{ .Values.keystone.auth_url }} - auth_type = password - project_domain_id = default - user_domain_id = default - project_name = service - username = {{ .Values.keystone.glance_user }} - password = {{ .Values.keystone.glance_password }} - - [paste_deploy] - flavor = keystone - - [oslo_messaging_notifications] - driver = noop diff --git a/glance/templates/init.sh.yaml b/glance/templates/init.sh.yaml deleted file mode 100644 index 8605f7c544..0000000000 --- a/glance/templates/init.sh.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-initsh -data: - init.sh: |+ - #!/bin/bash - set -ex - export HOME=/tmp - - ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_database_name }}'" - ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.database.address }}' login_port='{{ .Values.database.port }}' login_user='{{ .Values.database.root_user }}' login_password='{{ .Values.database.root_password }}' name='{{ .Values.database.glance_user }}' password='{{ .Values.database.glance_password }}' host='%' priv='{{ .Values.database.glance_database_name }}.*:ALL' append_privs='yes'" diff --git a/glance/templates/db-sync.yaml b/glance/templates/job-db-sync.yaml similarity index 84% rename from glance/templates/db-sync.yaml rename to glance/templates/job-db-sync.yaml index fe0c1f56a3..660e183380 100644 --- a/glance/templates/db-sync.yaml +++ b/glance/templates/job-db-sync.yaml @@ -40,19 +40,13 @@ spec: image: {{ .Values.images.db_sync }} imagePullPolicy: {{ .Values.images.pull_policy }} command: - - bash - - /tmp/db-sync.sh + - glance-manage + - db_sync volumeMounts: - name: glanceapiconf mountPath: /etc/glance/glance-api.conf subPath: glance-api.conf - - name: dbsyncsh - mountPath: /tmp/db-sync.sh - subPath: db-sync.sh volumes: - name: glanceapiconf configMap: - name: glance-glanceapiconf - - name: dbsyncsh - configMap: - name: glance-dbsyncsh + name: glance-etc diff --git a/glance/templates/init.yaml b/glance/templates/job-init.yaml similarity index 98% rename from glance/templates/init.yaml rename to glance/templates/job-init.yaml index 48b97a7cbd..49a9d8120b 100644 --- a/glance/templates/init.yaml +++ b/glance/templates/job-init.yaml @@ -52,4 +52,4 @@ spec: volumes: - name: initsh configMap: - name: glance-initsh + name: glance-bin diff --git a/glance/templates/post.yaml b/glance/templates/job-post.yaml similarity index 97% rename from glance/templates/post.yaml rename to glance/templates/job-post.yaml index 4fe1c195bf..152577200e 100644 --- a/glance/templates/post.yaml +++ b/glance/templates/job-post.yaml @@ -52,5 +52,4 @@ spec: volumes: - name: postsh configMap: - name: glance-postsh - + name: glance-bin diff --git a/glance/templates/post.sh.yaml b/glance/templates/post.sh.yaml deleted file mode 100644 index 156b60d605..0000000000 --- a/glance/templates/post.sh.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-postsh -data: - post.sh: |+ - #!/bin/bash - set -ex - export HOME=/tmp - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=admin \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{'openstack_glance_auth': {{ include "keystone_auth" . }}}" - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=internal \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - - ansible localhost -vvv -m kolla_keystone_service -a "service_name=glance \ - service_type=image \ - description='Openstack Image' \ - endpoint_region='{{ .Values.keystone.glance_region_name }}' \ - url='{{ include "endpoint_glance_api_internal" . }}' \ - interface=public \ - region_name='{{ .Values.keystone.admin_region_name }}' \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - - ansible localhost -vvv -m kolla_keystone_user -a "project=service \ - user={{ .Values.keystone.glance_user }} \ - password={{ .Values.keystone.glance_password }} \ - role=admin \ - region_name={{ .Values.keystone.admin_region_name }} \ - auth='{{ include "keystone_auth" . }}'" \ - -e "{ 'openstack_glance_auth': {{ include "keystone_auth" . }} }" - diff --git a/glance/templates/start.sh.yaml b/glance/templates/start.sh.yaml deleted file mode 100644 index e9b3d40ec9..0000000000 --- a/glance/templates/start.sh.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: glance-startsh -data: - start.sh: |+ - #!/bin/bash - set -ex - - cp `find / -not -path "/etc/*" -name glance-api-paste.ini` /etc/glance/ - - glance-api diff --git a/glance/values.yaml b/glance/values.yaml index a3c6886a54..cacd0909b4 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -3,7 +3,13 @@ # Declare name/value pairs to be passed into your templates. # name: value -replicas: 1 +replicas: + api: 1 + registry: 1 + +development: + enabled: false + storage_path: /data/openstack-helm/glance/images labels: node_selector_key: openstack-control-plane