Glance Config Overrides

This commit moves Glance to use the configuration methods from Heat,
Nova, Neutron and Keystone.

It includes a _values-mvp.yaml that applies values suitable for using
a file backend, including the auto creation of a PVC.

Change-Id: I55a96982a7d0adbc118492aff4b56adf127b2cd1
This commit is contained in:
Pete Birley 2017-04-12 00:50:59 -05:00
parent 2ecfb8f991
commit 489b641d33
14 changed files with 7316 additions and 131 deletions

View File

@ -65,13 +65,13 @@ kubectl update -f https://raw.githubusercontent.com/openstack/openstack-helm/mas
kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack
# Deploy each chart:
helm install --name mariadb --set development.enabled=true local/mariadb --namespace=openstack
helm install --name mariadb local/mariadb --namespace=openstack --set development.enabled=true
helm install --name=memcached local/memcached --namespace=openstack
helm install --name=etcd-rabbitmq local/etcd --namespace=openstack
helm install --name=rabbitmq local/rabbitmq --namespace=openstack
helm install --name=keystone local/keystone --namespace=openstack
helm install --name=cinder local/cinder --namespace=openstack
helm install --name=glance local/glance --namespace=openstack
helm install --name=glance local/glance --namespace=openstack --values=./glance/_values-mvp.yaml
helm install --name=heat local/heat --namespace=openstack
helm install --name=nova local/nova --namespace=openstack
helm install --name=neutron local/neutron --namespace=openstack

29
glance/_values-mvp.yaml Normal file
View File

@ -0,0 +1,29 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# MVP values for glance.
# This file contains overrides to launch a MVP deployment of glance for the
# OpenStack-Helm Single node gates, and local development use. It should be
# kept to the bare minimum required for this purpose.
storage: file
conf:
glance:
glance_store:
glance:
store:
stores: file, http
default_store: file
filesystem_store_datadir: /var/lib/glance/images

View File

@ -11,6 +11,56 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- include "glance.conf.glance_values_skeleton" .Values.conf.glance | trunc 0 -}}
{{- include "glance.conf.glance_registry_values_skeleton" .Values.conf.glance_registry | trunc 0 -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.auth_uri -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "auth_uri" | quote | trunc 0 -}}
{{- end -}}
# FIXME(alanmeadows) fix for broken keystonemiddleware oslo config gen in newton - will remove in future
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup"| set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.hostname_endpoint_uri_lookup" | set .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token.memcached_servers -}}
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.hostname_endpoint_uri_lookup" | set .Values.conf.glance_registry.keystone_authtoken.keystonemiddleware.auth_token "memcached_servers" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup"| set .Values.conf.glance.database.oslo.db "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.database.oslo.db.connection -}}
{{- tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup"| set .Values.conf.glance_registry.database.oslo.db "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | set .Values.conf.glance.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance_registry.default.oslo.messaging.transport_url -}}
{{- tuple "oslo_messaging" "internal" "user" "amqp" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | set .Values.conf.glance_registry.default.oslo.messaging "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_host -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.hostname_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._0 | set .Values.conf.glance.default.glance.api "registry_host" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.glance.default.glance.api.registry_port -}}
{{- $imageRegistry := tuple "image_registry" "internal" "api" . | include "helm-toolkit.hostname_endpoint_uri_lookup" }}
{{- $imageRegistryHostURI := split ":" $imageRegistry -}}
{{- $imageRegistryHostURI._1 | set .Values.conf.glance.default.glance.api "registry_port" | quote | trunc 0 -}}
{{- end -}}
apiVersion: v1
kind: ConfigMap
@ -18,16 +68,80 @@ metadata:
name: glance-etc
data:
ceph.conf: |+
{{ if .Values.conf.ceph.override -}}
{{ .Values.conf.ceph.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.ceph.prefix -}}
{{ .Values.conf.ceph.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_ceph.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+
{{- end }}
{{- if .Values.conf.ceph.append -}}
{{ .Values.conf.ceph.append | indent 4 }}
{{- end }}
ceph.client.{{ .Values.conf.glance.glance_store.glance.store.rbd_store_user }}.keyring: |+
{{ if .Values.conf.ceph_client.override -}}
{{ .Values.conf.ceph_client.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.ceph_client.prefix -}}
{{ .Values.conf.ceph_client.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_ceph.client.glance.keyring.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.ceph_client.append -}}
{{ .Values.conf.ceph_client.append | indent 4 }}
{{- end }}
glance-api.conf: |+
{{ if .Values.conf.glance.override -}}
{{ .Values.conf.glance.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.glance.prefix -}}
{{ .Values.conf.glance.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_glance-api.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.glance.append -}}
{{ .Values.conf.glance.append | indent 4 }}
{{- end }}
glance-api-paste.ini: |+
{{ if .Values.conf.paste.override -}}
{{ .Values.conf.paste.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.paste.prefix -}}
{{ .Values.conf.paste.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_glance-api-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.paste.append -}}
{{ .Values.conf.paste.append | indent 4 }}
{{- end }}
glance-registry.conf: |+
{{ if .Values.conf.glance_registry.override -}}
{{ .Values.conf.glance_registry.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.glance_registry.prefix -}}
{{ .Values.conf.glance_registry.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_glance-registry.conf.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.glance_registry.append -}}
{{ .Values.conf.glance_registry.append | indent 4 }}
{{- end }}
glance-registry-paste.ini: |+
{{ if .Values.conf.paste_registry.override -}}
{{ .Values.conf.paste_registry.override | indent 4 }}
{{- else -}}
{{- if .Values.conf.paste_registry.prefix -}}
{{ .Values.conf.paste_registry.prefix | indent 4 }}
{{- end }}
{{ tuple "etc/_glance-registry-paste.ini.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}
{{- if .Values.conf.paste_registry.append -}}
{{ .Values.conf.paste_registry.append | indent 4 }}
{{- end }}
policy.json: |+
{{ if .Values.conf.policy.override -}}
{{ .Values.conf.policy.override | indent 4 }}
{{- else -}}
{{ tuple "etc/_policy.json.tpl" . | include "helm-toolkit.template" | indent 4 }}
{{- end }}

View File

@ -19,11 +19,7 @@ kind: Deployment
metadata:
name: glance-api
spec:
{{- if .Values.development.enabled }}
replicas: 1
{{- else }}
replicas: {{ .Values.replicas.api }}
{{- end }}
revisionHistoryLimit: {{ .Values.upgrades.revision_history }}
strategy:
type: {{ .Values.upgrades.pod_replacement_strategy }}
@ -63,10 +59,10 @@ spec:
- --config-file
- /etc/glance/glance-api.conf
ports:
- containerPort: {{ .Values.network.api.port }}
- containerPort: {{ .Values.conf.glance.default.glance.api.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.api.port }}
port: {{ .Values.conf.glance.default.glance.api.bind_port }}
volumeMounts:
- name: etcglance
mountPath: /etc/glance
@ -82,9 +78,9 @@ spec:
mountPath: /etc/glance/policy.json
subPath: policy.json
readOnly: true
{{- if .Values.development.enabled }}
- name: glance-data
mountPath: /var/lib/glance/images
{{- if eq .Values.storage "file" }}
- name: glance-images
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
{{- else }}
- name: cephconf
mountPath: /etc/ceph/ceph.conf
@ -102,10 +98,10 @@ spec:
- name: glanceapipaste
configMap:
name: glance-etc
{{- if .Values.development.enabled }}
- name: glance-data
hostPath:
path: {{ .Values.development.storage_path }}
{{- if eq .Values.storage "file" }}
- name: glance-images
persistentVolumeClaim:
claimName: glance-images
{{- else }}
- name: cephconf
configMap:

View File

@ -19,11 +19,7 @@ kind: Deployment
metadata:
name: glance-registry
spec:
{{- if .Values.development.enabled }}
replicas: 1
{{- else }}
replicas: {{ .Values.replicas.registry }}
{{- end }}
template:
metadata:
labels:
@ -55,10 +51,10 @@ spec:
- --config-file
- /etc/glance/glance-registry.conf
ports:
- containerPort: {{ .Values.network.registry.port }}
- containerPort: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
readinessProbe:
tcpSocket:
port: {{ .Values.network.registry.port }}
port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
volumeMounts:
- name: etcglance
mountPath: /etc/glance

View File

@ -1,17 +1,3 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Use this pipeline for no auth or image caching - DEFAULT
[pipeline:glance-api]
pipeline = cors healthcheck http_proxy_to_wsgi versionnegotiation osprofiler unauthenticated-context rootapp

File diff suppressed because it is too large Load Diff

View File

@ -1,17 +1,3 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Use this pipeline for no auth - DEFAULT
[pipeline:glance-registry]
pipeline = healthcheck osprofiler unauthenticated-context registryapp

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,27 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if eq .Values.storage "file" }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: glance-images
annotations:
volume.beta.kubernetes.io/storage-class: general
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 20Gi
{{- end }}

View File

@ -21,14 +21,14 @@ data:
OS_AUTH_URL: |
{{ tuple "identity" "internal" "api" . | include "helm-toolkit.keystone_endpoint_uri_lookup" | b64enc | indent 4 }}
OS_REGION_NAME: |
{{ .Values.keystone.glance_region_name | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.region_name | b64enc | indent 4 }}
OS_PROJECT_DOMAIN_NAME: |
{{ .Values.keystone.glance_project_domain | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.project_domain_name | b64enc | indent 4 }}
OS_PROJECT_NAME: |
{{ .Values.keystone.glance_project_name | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.project_name | b64enc | indent 4 }}
OS_USER_DOMAIN_NAME: |
{{ .Values.keystone.glance_user_domain | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.user_domain_name | b64enc | indent 4 }}
OS_USERNAME: |
{{ .Values.keystone.glance_user | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.username | b64enc | indent 4 }}
OS_PASSWORD: |
{{ .Values.keystone.glance_password | b64enc | indent 4 }}
{{ .Values.conf.glance.keystone_authtoken.keystonemiddleware.auth_token.password | b64enc | indent 4 }}

View File

@ -18,7 +18,7 @@ metadata:
name: glance-api
spec:
ports:
- port: {{ .Values.network.api.port }}
- port: {{ .Values.conf.glance.default.glance.api.bind_port }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: .Values.network.api.node_port.port
{{ end }}

View File

@ -18,7 +18,7 @@ metadata:
name: glance-registry
spec:
ports:
- port: {{ .Values.network.registry.port }}
- port: {{ .Values.conf.glance_registry.default.glance.registry.bind_port }}
{{ if .Values.network.registry.node_port.enabled }}
nodePort: {{ .Values.network.register.node_port.port }}
{{ end }}

View File

@ -21,9 +21,7 @@ replicas:
api: 1
registry: 1
development:
enabled: false
storage_path: /var/lib/localkube/openstack-helm/glance/images
storage: ceph
labels:
node_selector_key: openstack-control-plane
@ -69,25 +67,79 @@ keystone:
admin_project_name: "admin"
admin_project_domain: "default"
admin_region_name: "RegionOne"
glance_user: "glance"
glance_user_domain: "default"
glance_user_role: "admin"
glance_password: "password"
glance_project_name: "service"
glance_project_domain: "default"
glance_region_name: "RegionOne"
conf:
ceph:
override:
append:
ceph_client:
override:
append:
paste:
override:
append:
policy:
override:
append:
glance:
override:
append:
default:
glance:
api:
bind_port: 9292
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
region_name: RegionOne
project_domain_name: default
project_name: service
user_domain_name: default
username: glance
password: password
glance_store:
glance:
store:
stores: file, http, rbd
default_store: rbd
rbd_store_chunk_size: 8
rbd_store_pool: images
rbd_store_user: admin
rbd_store_ceph_conf: /etc/ceph/ceph.conf
paste_registry:
override:
append:
glance_registry:
override:
append:
default:
glance:
registry:
bind_port: 9191
keystone_authtoken:
keystonemiddleware:
auth_token:
auth_type: password
auth_version: v3
region_name: RegionOne
project_domain_name: default
project_name: service
user_domain_name: default
username: glance
password: password
network:
api:
name: "glance-api"
port: 9292
node_port:
enabled: false
port: 30092
registry:
name: "glance-registry"
port: 9191
node_port:
enabled: false
port: 30091
@ -95,8 +147,6 @@ network:
ceph:
enabled: true
monitors: []
glance_user: "admin"
glance_pool: "images"
# a null value for the keyring will
# attempt to use the key from
# common/secrets/ceph-client-key
@ -221,7 +271,14 @@ endpoints:
scheme: 'http'
port:
api: 9292
registry: 9191
image_registry:
name: glance-registry
hosts:
default: glance-registry
path: null
scheme: 'http'
port:
api: 9191
oslo_db:
auth:
admin:
@ -236,3 +293,22 @@ endpoints:
scheme: mysql+pymysql
port:
mysql: 3306
oslo_cache:
hosts:
default: memcache
port:
memcache: 11211
oslo_messaging:
auth:
admin:
username: admin
password: password
user:
username: rabbitmq
password: password
hosts:
default: rabbitmq
path: /
scheme: rabbit
port:
amqp: 5672