openstack/openstack-helm
Code Issues Proposed changes

move all containers into their own mount namespace; fix typos in new configmap logic

Browse Source
This commit is contained in:
Alan Meadows
2017-03-22 12:13:39 -07:00
parent 8c355ac65c
commit 4153e6429e
7 changed files with 100 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
helm-toolkit/templates/snippets/_k8s_init_dep_check.tpl
View File

@@ -15,6 +15,7 @@
{{- define "helm-toolkit.kubernetes_entrypoint_init_container" -}} {{- define "helm-toolkit.kubernetes_entrypoint_init_container" -}}
{{- $envAll := index . 0 -}} {{- $envAll := index . 0 -}}
{{- $deps := index . 1 -}} {{- $deps := index . 1 -}}
{{- $mounts := index . 2 -}}
{ {
"name": "init", "name": "init",
"image": {{ $envAll.Values.images.dep_check | quote }}, "image": {{ $envAll.Values.images.dep_check | quote }},
@@ -66,6 +67,7 @@
"name": "COMMAND", "name": "COMMAND",
"value": "echo done" "value": "echo done"
} }
] ],
"volumeMounts": {{ $mounts | quote | default "[]"}}
} }
{{- end -}} {{- end -}}

2
keystone/templates/configmap-etc.yaml
View File

@@ -48,7 +48,7 @@ data:
{{ .Values.conf.policy.override }} {{ .Values.conf.policy.override }}
{{- else -}} {{- else -}}
{{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end -}} {{- end }}
mpm_event.conf: |+ mpm_event.conf: |+
{{ tuple "etc/_mpm_event.conf.tpl" . | include "helm-toolkit.template" | indent 4 }} {{ tuple "etc/_mpm_event.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
wsgi-keystone.conf: |+ wsgi-keystone.conf: |+

11
keystone/templates/deployment.yaml
View File

@@ -11,10 +11,10 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
{{- $envAll := . }} {{- $envAll := . }}
{{- $dependencies := .Values.dependencies.api }} {{- $dependencies := .Values.dependencies.api }}
{{- $mounts := .Values.mounts.api }} {{- $mounts_keystone_api := .Values.mounts.keystone_api.keystone_api }}
{{- $mounts_keystone_api_init := .Values.mounts.keystone_api.init_container }}
apiVersion: extensions/v1beta1 apiVersion: extensions/v1beta1
kind: Deployment kind: Deployment
@@ -38,7 +38,7 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }} configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }} configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.hash" }}
pod.beta.kubernetes.io/init-containers: '[ pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }} {{ tuple $envAll $dependencies $mounts_keystone_api_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]' ]'
spec: spec:
nodeSelector: nodeSelector:
@@ -75,7 +75,6 @@ spec:
tcpSocket: tcpSocket:
port: {{ .Values.network.port.api }} port: {{ .Values.network.port.api }}
volumeMounts: volumeMounts:
{{ toYaml $mounts.volumeMounts | indent 12 }} {{ toYaml $mounts_keystone_api.volumeMounts | indent 12 }}
volumes: volumes:
{{ toYaml $mounts.volumes | indent 8 }} {{ toYaml $mounts_keystone_api.volumes | indent 8 }}

2
keystone/templates/etc/_policy.json.tpl
View File

@@ -195,3 +195,5 @@
"identity:update_domain_config": "rule:admin_required", "identity:update_domain_config": "rule:admin_required",
"identity:delete_domain_config": "rule:admin_required", "identity:delete_domain_config": "rule:admin_required",
"identity:get_domain_config_default": "rule:admin_required" "identity:get_domain_config_default": "rule:admin_required"
}

10
keystone/templates/job-db-init.yaml
View File

@@ -14,7 +14,9 @@
{{- $envAll := . }} {{- $envAll := . }}
{{- $dependencies := .Values.dependencies.init }} {{- $dependencies := .Values.dependencies.init }}
{{- $mounts := .Values.mounts.job_db_init }} {{- $mounts_keystone_db_init := .Values.mounts.keystone_db_init.keystone_db_init }}
{{- $mounts_keystone_db_init_init := .Values.mounts.keystone_db_init.init_container }}
apiVersion: batch/v1 apiVersion: batch/v1
kind: Job kind: Job
metadata: metadata:
@@ -24,7 +26,7 @@ spec:
metadata: metadata:
annotations: annotations:
pod.beta.kubernetes.io/init-containers: '[ pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }} {{ tuple $envAll $dependencies $mounts_keystone_db_init_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]' ]'
spec: spec:
restartPolicy: OnFailure restartPolicy: OnFailure
@@ -47,7 +49,7 @@ spec:
- bash - bash
- /tmp/init.sh - /tmp/init.sh
volumeMounts: volumeMounts:
{{ toYaml $mounts.volumeMounts | indent 12 }} {{ toYaml $mounts_keystone_db_init.volumeMounts | indent 12 }}
volumes: volumes:
{{ toYaml $mounts.volumes | indent 8 }} {{ toYaml $mounts_keystone_db_init.volumes | indent 8 }}

9
keystone/templates/job-db-sync.yaml
View File

@@ -14,7 +14,8 @@
{{- $envAll := . }} {{- $envAll := . }}
{{- $dependencies := .Values.dependencies.db_sync }} {{- $dependencies := .Values.dependencies.db_sync }}
{{- $mounts := .Values.mounts.job_db_sync }} {{- $mounts_keystone_db_sync := .Values.mounts.keystone_db_sync.keystone_db_sync }}
{{- $mounts_keystone_db_sync_init := .Values.mounts.keystone_db_sync.init_container }}
apiVersion: batch/v1 apiVersion: batch/v1
kind: Job kind: Job
metadata: metadata:
@@ -24,7 +25,7 @@ spec:
metadata: metadata:
annotations: annotations:
pod.beta.kubernetes.io/init-containers: '[ pod.beta.kubernetes.io/init-containers: '[
{{ tuple $envAll $dependencies | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }} {{ tuple $envAll $dependencies $mounts_keystone_db_sync_init | include "helm-toolkit.kubernetes_entrypoint_init_container" | indent 10 }}
]' ]'
spec: spec:
restartPolicy: OnFailure restartPolicy: OnFailure
@@ -47,6 +48,6 @@ spec:
- bash - bash
- /tmp/db-sync.sh - /tmp/db-sync.sh
volumeMounts: volumeMounts:
{{ toYaml $mounts.volumeMounts | indent 12 }} {{ toYaml $mounts_keystone_db_sync.volumeMounts | indent 12 }}
volumes: volumes:
{{ toYaml $mounts.volumes | indent 8 }} {{ toYaml $mounts_keystone_db_sync.volumes | indent 8 }}

12
keystone/values.yaml
View File

@@ -95,7 +95,9 @@ resources:
cpu: "500m" cpu: "500m"
mounts: mounts:
job_db_init: keystone_db_init:
init_container: null
keystone_db_init:
volumes: volumes:
- name: keystone-bin - name: keystone-bin
configMap: configMap:
@@ -104,7 +106,9 @@ mounts:
- name: keystone-bin - name: keystone-bin
mountPath: /tmp/init.sh mountPath: /tmp/init.sh
subPath: init.sh subPath: init.sh
job_db_sync: keystone_db_sync:
init_container: null
keystone_db_sync:
volumes: volumes:
- name: empty - name: empty
emptyDir: {} emptyDir: {}
@@ -125,7 +129,9 @@ mounts:
mountPath: /tmp/db-sync.sh mountPath: /tmp/db-sync.sh
subPath: db-sync.sh subPath: db-sync.sh
readOnly: true readOnly: true
api: keystone_api:
init_container: null
keystone_api:
volumes: volumes:
- name: empty - name: empty
emptyDir: {} emptyDir: {}