diff --git a/aodh/templates/cron-job-alarms-cleaner.yaml b/aodh/templates/cron-job-alarms-cleaner.yaml
index a9b273d094..531e715898 100644
--- a/aodh/templates/cron-job-alarms-cleaner.yaml
+++ b/aodh/templates/cron-job-alarms-cleaner.yaml
@@ -54,31 +54,35 @@ spec:
command:
- /tmp/aodh-alarms-cleaner.sh
volumeMounts:
- - name: aodh-bin
- mountPath: /tmp/aodh-alarms-cleaner.sh
- subPath: aodh-alarms-cleaner.sh
- readOnly: true
- - name: pod-etc-aodh
- mountPath: /etc/aodh
- - name: aodh-etc
- mountPath: /etc/aodh/aodh.conf
- subPath: aodh.conf
- readOnly: true
- - name: aodh-etc
- mountPath: {{ .Values.conf.aodh.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.aodh.DEFAULT.log_config_append }}
- readOnly: true
-{{ if $mounts_aodh_alarms_cleaner.volumeMounts }}{{ toYaml $mounts_aodh_alarms_cleaner.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: aodh-bin
+ mountPath: /tmp/aodh-alarms-cleaner.sh
+ subPath: aodh-alarms-cleaner.sh
+ readOnly: true
+ - name: pod-etc-aodh
+ mountPath: /etc/aodh
+ - name: aodh-etc
+ mountPath: /etc/aodh/aodh.conf
+ subPath: aodh.conf
+ readOnly: true
+ - name: aodh-etc
+ mountPath: {{ .Values.conf.aodh.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.aodh.DEFAULT.log_config_append }}
+ readOnly: true
+{{ if $mounts_aodh_alarms_cleaner.volumeMounts }}{{ toYaml $mounts_aodh_alarms_cleaner.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: pod-etc-aodh
- emptyDir: {}
- - name: aodh-etc
- secret:
- secretName: aodh-etc
- defaultMode: 0444
- - name: aodh-bin
- configMap:
- name: aodh-bin
- defaultMode: 0555
-{{ if $mounts_aodh_alarms_cleaner.volumes }}{{ toYaml $mounts_aodh_alarms_cleaner.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: pod-etc-aodh
+ emptyDir: {}
+ - name: aodh-etc
+ secret:
+ secretName: aodh-etc
+ defaultMode: 0444
+ - name: aodh-bin
+ configMap:
+ name: aodh-bin
+ defaultMode: 0555
+{{ if $mounts_aodh_alarms_cleaner.volumes }}{{ toYaml $mounts_aodh_alarms_cleaner.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/aodh/templates/deployment-api.yaml b/aodh/templates/deployment-api.yaml
index 9f04ab71f4..707cfd2954 100644
--- a/aodh/templates/deployment-api.yaml
+++ b/aodh/templates/deployment-api.yaml
@@ -76,6 +76,8 @@ spec:
tcpSocket:
port: {{ tuple "alarming" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: wsgi-aodh
mountPath: /var/www/cgi-bin/aodh
- name: pod-etc-aodh
@@ -106,6 +108,8 @@ spec:
readOnly: true
{{ if $mounts_aodh_api.volumeMounts }}{{ toYaml $mounts_aodh_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: wsgi-aodh
emptyDir: {}
- name: pod-etc-aodh
diff --git a/aodh/templates/deployment-evaluator.yaml b/aodh/templates/deployment-evaluator.yaml
index 2df99de65c..477f484ed5 100644
--- a/aodh/templates/deployment-evaluator.yaml
+++ b/aodh/templates/deployment-evaluator.yaml
@@ -69,6 +69,8 @@ spec:
- /tmp/aodh-evaluator.sh
- stop
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-aodh
mountPath: /etc/aodh
- name: aodh-etc
@@ -89,6 +91,8 @@ spec:
readOnly: true
{{ if $mounts_aodh_evaluator.volumeMounts }}{{ toYaml $mounts_aodh_evaluator.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-aodh
emptyDir: {}
- name: aodh-etc
diff --git a/aodh/templates/deployment-listener.yaml b/aodh/templates/deployment-listener.yaml
index f24eb58471..794c780b30 100644
--- a/aodh/templates/deployment-listener.yaml
+++ b/aodh/templates/deployment-listener.yaml
@@ -69,6 +69,8 @@ spec:
- /tmp/aodh-listener.sh
- stop
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-aodh
mountPath: /etc/aodh
- name: aodh-etc
@@ -89,6 +91,8 @@ spec:
readOnly: true
{{ if $mounts_aodh_listener.volumeMounts }}{{ toYaml $mounts_aodh_listener.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-aodh
emptyDir: {}
- name: aodh-etc
diff --git a/aodh/templates/deployment-notifier.yaml b/aodh/templates/deployment-notifier.yaml
index 860944432b..9a28c144bb 100644
--- a/aodh/templates/deployment-notifier.yaml
+++ b/aodh/templates/deployment-notifier.yaml
@@ -69,6 +69,8 @@ spec:
- /tmp/aodh-notifier.sh
- stop
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-aodh
mountPath: /etc/aodh
- name: aodh-etc
@@ -89,6 +91,8 @@ spec:
readOnly: true
{{ if $mounts_aodh_notifier.volumeMounts }}{{ toYaml $mounts_aodh_notifier.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-aodh
emptyDir: {}
- name: aodh-etc
diff --git a/aodh/templates/pod-aodh-test.yaml b/aodh/templates/pod-aodh-test.yaml
index bb029b58c6..6e627b83f7 100644
--- a/aodh/templates/pod-aodh-test.yaml
+++ b/aodh/templates/pod-aodh-test.yaml
@@ -50,6 +50,8 @@ spec:
command:
- /tmp/aodh-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: aodh-etc
mountPath: /etc/aodh/aodh.conf
subPath: aodh.conf
@@ -60,6 +62,8 @@ spec:
readOnly: true
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: aodh-etc
secret:
secretName: aodh-etc
diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml
index 27a6c8f16f..1b1a5f4e14 100644
--- a/barbican/templates/deployment-api.yaml
+++ b/barbican/templates/deployment-api.yaml
@@ -75,6 +75,8 @@ spec:
tcpSocket:
port: {{ tuple "key_manager" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcbarbican
mountPath: /etc/barbican
- name: barbican-etc
@@ -107,6 +109,8 @@ spec:
readOnly: true
{{ if $mounts_barbican_api.volumeMounts }}{{ toYaml $mounts_barbican_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcbarbican
emptyDir: {}
- name: barbican-etc
diff --git a/barbican/templates/pod-test.yaml b/barbican/templates/pod-test.yaml
index 0124613f4b..b4605c8fed 100644
--- a/barbican/templates/pod-test.yaml
+++ b/barbican/templates/pod-test.yaml
@@ -50,12 +50,16 @@ spec:
command:
- /tmp/barbican-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: barbican-bin
mountPath: /tmp/barbican-test.sh
subPath: barbican-test.sh
readOnly: true
{{ if $mounts_barbican_tests.volumeMounts }}{{ toYaml $mounts_barbican_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: barbican-bin
configMap:
name: barbican-bin
diff --git a/ceilometer/templates/daemonset-compute.yaml b/ceilometer/templates/daemonset-compute.yaml
index db51482ab6..7e5bc9cacd 100644
--- a/ceilometer/templates/daemonset-compute.yaml
+++ b/ceilometer/templates/daemonset-compute.yaml
@@ -62,6 +62,8 @@ spec:
command:
- /tmp/ceilometer-compute.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -113,6 +115,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_compute.volumeMounts }}{{ toYaml $mounts_ceilometer_compute.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: ceilometer-etc
diff --git a/ceilometer/templates/daemonset-ipmi.yaml b/ceilometer/templates/daemonset-ipmi.yaml
index 15e58f302e..65bd609c3e 100644
--- a/ceilometer/templates/daemonset-ipmi.yaml
+++ b/ceilometer/templates/daemonset-ipmi.yaml
@@ -63,6 +63,8 @@ spec:
command:
- /tmp/ceilometer-ipmi.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -106,6 +108,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_ipmi.volumeMounts }}{{ toYaml $mounts_ceilometer_ipmi.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: ceilometer-etc
diff --git a/ceilometer/templates/deployment-api.yaml b/ceilometer/templates/deployment-api.yaml
index d1e97115aa..a54e769459 100644
--- a/ceilometer/templates/deployment-api.yaml
+++ b/ceilometer/templates/deployment-api.yaml
@@ -74,6 +74,8 @@ spec:
tcpSocket:
port: {{ tuple "metering" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -124,6 +126,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_api.volumeMounts }}{{ toYaml $mounts_ceilometer_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: ceilometer-etc
diff --git a/ceilometer/templates/deployment-central.yaml b/ceilometer/templates/deployment-central.yaml
index b546e1add7..c6259612d0 100644
--- a/ceilometer/templates/deployment-central.yaml
+++ b/ceilometer/templates/deployment-central.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/ceilometer-central.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -100,6 +102,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_central.volumeMounts }}{{ toYaml $mounts_ceilometer_central.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: ceilometer-etc
diff --git a/ceilometer/templates/deployment-collector.yaml b/ceilometer/templates/deployment-collector.yaml
index 54bf288f97..f1e6d707f0 100644
--- a/ceilometer/templates/deployment-collector.yaml
+++ b/ceilometer/templates/deployment-collector.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/ceilometer-collector.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -96,6 +98,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_collector.volumeMounts }}{{ toYaml $mounts_ceilometer_collector.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: ceilometer-etc
diff --git a/ceilometer/templates/deployment-notification.yaml b/ceilometer/templates/deployment-notification.yaml
index c6adca2fc7..bb1ea13121 100644
--- a/ceilometer/templates/deployment-notification.yaml
+++ b/ceilometer/templates/deployment-notification.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/ceilometer-notification.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-ceilometer
mountPath: /etc/ceilometer
- name: ceilometer-etc
@@ -102,6 +104,8 @@ spec:
readOnly: true
{{ if $mounts_ceilometer_notification.volumeMounts }}{{ toYaml $mounts_ceilometer_notification.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-ceilometer
emptyDir: {}
- name: etc-ceilometer-meters
diff --git a/ceilometer/templates/job-db-init-mongodb.yaml b/ceilometer/templates/job-db-init-mongodb.yaml
index 692d0c49bf..1f822576b4 100644
--- a/ceilometer/templates/job-db-init-mongodb.yaml
+++ b/ceilometer/templates/job-db-init-mongodb.yaml
@@ -53,11 +53,15 @@ spec:
command:
- /tmp/db-init-mongodb.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ceilometer-bin
mountPath: /tmp/db-init-mongodb.sh
subPath: db-init-mongodb.sh
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ceilometer-bin
configMap:
name: ceilometer-bin
diff --git a/ceilometer/templates/pod-rally-test.yaml b/ceilometer/templates/pod-rally-test.yaml
index 9cbf2fdd3a..726d8a70fa 100644
--- a/ceilometer/templates/pod-rally-test.yaml
+++ b/ceilometer/templates/pod-rally-test.yaml
@@ -43,6 +43,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ceilometer-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -74,6 +76,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ceilometer-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -86,6 +90,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ceilometer-etc
secret:
secretName: ceilometer-etc
diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
index a15d064f27..f7ecb3fecc 100644
--- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
@@ -60,31 +60,35 @@ spec:
command:
- /tmp/volume-usage-audit.sh
volumeMounts:
- - name: etccinder
- mountPath: /etc/cinder
- - name: cinder-etc
- mountPath: /etc/cinder/cinder.conf
- subPath: cinder.conf
- readOnly: true
- - name: cinder-etc
- mountPath: {{ .Values.conf.cinder.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.cinder.DEFAULT.log_config_append }}
- readOnly: true
- - name: cinder-bin
- mountPath: /tmp/volume-usage-audit.sh
- subPath: volume-usage-audit.sh
- readOnly: true
- {{ if $mounts_cinder_volume_usage_audit.volumeMounts }}{{ toYaml $mounts_cinder_volume_usage_audit.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etccinder
+ mountPath: /etc/cinder
+ - name: cinder-etc
+ mountPath: /etc/cinder/cinder.conf
+ subPath: cinder.conf
+ readOnly: true
+ - name: cinder-etc
+ mountPath: {{ .Values.conf.cinder.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.cinder.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: cinder-bin
+ mountPath: /tmp/volume-usage-audit.sh
+ subPath: volume-usage-audit.sh
+ readOnly: true
+{{ if $mounts_cinder_volume_usage_audit.volumeMounts }}{{ toYaml $mounts_cinder_volume_usage_audit.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: etccinder
- emptyDir: {}
- - name: cinder-etc
- secret:
- secretName: cinder-etc
- defaultMode: 0444
- - name: cinder-bin
- configMap:
- name: cinder-bin
- defaultMode: 0555
- {{ if $mounts_cinder_volume_usage_audit.volumes }}{{ toYaml $mounts_cinder_volume_usage_audit.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etccinder
+ emptyDir: {}
+ - name: cinder-etc
+ secret:
+ secretName: cinder-etc
+ defaultMode: 0444
+ - name: cinder-bin
+ configMap:
+ name: cinder-bin
+ defaultMode: 0555
+{{ if $mounts_cinder_volume_usage_audit.volumes }}{{ toYaml $mounts_cinder_volume_usage_audit.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
index aef21a4df3..3692903852 100644
--- a/cinder/templates/deployment-api.yaml
+++ b/cinder/templates/deployment-api.yaml
@@ -66,6 +66,8 @@ spec:
- "cinder:"
- {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-coordination
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
{{ end }}
@@ -98,6 +100,8 @@ spec:
successThreshold: 1
timeoutSeconds: 1
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/cinder-api.sh
subPath: cinder-api.sh
@@ -132,6 +136,8 @@ spec:
{{- end }}
{{ if $mounts_cinder_api.volumeMounts }}{{ toYaml $mounts_cinder_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml
index fdce03a9b6..0d67b7c020 100644
--- a/cinder/templates/deployment-backup.yaml
+++ b/cinder/templates/deployment-backup.yaml
@@ -65,6 +65,8 @@ spec:
- name: RBD_USER
value: {{ .Values.conf.cinder.DEFAULT.backup_ceph_user | quote }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: cinder-bin
@@ -87,6 +89,8 @@ spec:
- name: RBD_USER
value: {{ index (index .Values.conf.backends (include "cinder.utils.ceph_volume_section_name" $envAll)) "rbd_user" | quote }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: cinder-bin
@@ -109,6 +113,8 @@ spec:
- "cinder:"
- {{ .Values.conf.cinder.DEFAULT.backup_posix_path }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-backup
mountPath: {{ .Values.conf.cinder.DEFAULT.backup_posix_path }}
{{ end }}
@@ -123,6 +129,8 @@ spec:
- "cinder:"
- {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-coordination
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
{{ end }}
@@ -138,6 +146,8 @@ spec:
command:
- /tmp/cinder-backup.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/cinder-backup.sh
subPath: cinder-backup.sh
@@ -205,6 +215,8 @@ spec:
readOnly: true
{{ if $mounts_cinder_backup.volumeMounts }}{{ toYaml $mounts_cinder_backup.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-etc
secret:
secretName: cinder-etc
diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml
index 992883bb51..7aa9898c6b 100644
--- a/cinder/templates/deployment-scheduler.yaml
+++ b/cinder/templates/deployment-scheduler.yaml
@@ -65,6 +65,8 @@ spec:
- "cinder:"
- {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-coordination
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
{{ end }}
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/cinder-scheduler.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/cinder-scheduler.sh
subPath: cinder-scheduler.sh
@@ -102,6 +106,8 @@ spec:
{{- end }}
{{ if $mounts_cinder_scheduler.volumeMounts }}{{ toYaml $mounts_cinder_scheduler.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml
index 17902c0296..711cf76f66 100644
--- a/cinder/templates/deployment-volume.yaml
+++ b/cinder/templates/deployment-volume.yaml
@@ -65,6 +65,8 @@ spec:
- name: RBD_USER
value: {{ index (index .Values.conf.backends (include "cinder.utils.ceph_volume_section_name" $envAll)) "rbd_user" | quote }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: cinder-bin
@@ -87,6 +89,8 @@ spec:
- "cinder:"
- {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-coordination
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
{{ end }}
@@ -98,6 +102,8 @@ spec:
command:
- /tmp/retrieve-internal-tenant.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/retrieve-internal-tenant.sh
subPath: retrieve-internal-tenant.sh
@@ -125,6 +131,8 @@ spec:
command:
- /tmp/cinder-volume.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/cinder-volume.sh
subPath: cinder-volume.sh
@@ -186,6 +194,8 @@ spec:
{{- end }}
{{ if $mounts_cinder_volume.volumeMounts }}{{ toYaml $mounts_cinder_volume.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/job-backup-storage-init.yaml b/cinder/templates/job-backup-storage-init.yaml
index a073940c6e..dd833ba3f5 100644
--- a/cinder/templates/job-backup-storage-init.yaml
+++ b/cinder/templates/job-backup-storage-init.yaml
@@ -75,6 +75,8 @@ spec:
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
{{- if not .Values.backup.external_ceph_rbd.enabled }}
@@ -123,6 +125,8 @@ spec:
command:
- /tmp/backup-storage-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/backup-storage-init.sh
subPath: backup-storage-init.sh
@@ -149,6 +153,8 @@ spec:
{{- end }}
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/job-clean.yaml b/cinder/templates/job-clean.yaml
index d85234ed91..db44085871 100644
--- a/cinder/templates/job-clean.yaml
+++ b/cinder/templates/job-clean.yaml
@@ -82,6 +82,8 @@ spec:
command:
- /tmp/clean-secrets.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/clean-secrets.sh
subPath: clean-secrets.sh
@@ -101,12 +103,16 @@ spec:
command:
- /tmp/clean-secrets.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/clean-secrets.sh
subPath: clean-secrets.sh
readOnly: true
{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/job-create-internal-tenant.yaml b/cinder/templates/job-create-internal-tenant.yaml
index 2371a922b3..920e3d6393 100644
--- a/cinder/templates/job-create-internal-tenant.yaml
+++ b/cinder/templates/job-create-internal-tenant.yaml
@@ -50,6 +50,8 @@ spec:
command:
- /tmp/create-internal-tenant.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: create-internal-tenant-sh
mountPath: /tmp/create-internal-tenant.sh
subPath: create-internal-tenant.sh
@@ -76,6 +78,8 @@ spec:
value: {{ $serviceOsRoles | quote }}
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: create-internal-tenant-sh
configMap:
name: {{ $configMapBin | quote }}
diff --git a/cinder/templates/job-storage-init.yaml b/cinder/templates/job-storage-init.yaml
index 1d4819c203..796de5b3e5 100644
--- a/cinder/templates/job-storage-init.yaml
+++ b/cinder/templates/job-storage-init.yaml
@@ -73,6 +73,8 @@ spec:
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: cinder-bin
@@ -114,6 +116,8 @@ spec:
command:
- /tmp/storage-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/storage-init.sh
subPath: storage-init.sh
@@ -133,6 +137,8 @@ spec:
{{- end }}
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml
index f24e5aa4e8..4d1d098609 100644
--- a/cinder/templates/pod-rally-test.yaml
+++ b/cinder/templates/pod-rally-test.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cinder-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -88,6 +92,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cinder-etc
secret:
secretName: cinder-etc
diff --git a/congress/templates/deployment-api.yaml b/congress/templates/deployment-api.yaml
index 71e0124c8b..c5f44a6d42 100644
--- a/congress/templates/deployment-api.yaml
+++ b/congress/templates/deployment-api.yaml
@@ -65,6 +65,8 @@ spec:
tcpSocket:
port: {{ tuple "policy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etccongress
mountPath: /etc/congress
- name: congress-bin
@@ -88,6 +90,8 @@ spec:
subPath: policy.json
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etccongress
emptyDir: {}
- name: congress-bin
diff --git a/congress/templates/deployment-datasource.yaml b/congress/templates/deployment-datasource.yaml
index 85b097d46d..ffe0389e25 100644
--- a/congress/templates/deployment-datasource.yaml
+++ b/congress/templates/deployment-datasource.yaml
@@ -59,6 +59,8 @@ spec:
- /tmp/congress-datasource.sh
- start
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etccongress
mountPath: /etc/congress
- name: congress-bin
@@ -82,6 +84,8 @@ spec:
subPath: policy.json
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etccongress
emptyDir: {}
- name: congress-bin
diff --git a/congress/templates/deployment-policy-engine.yaml b/congress/templates/deployment-policy-engine.yaml
index 0021a2f7d7..6fdb04a057 100644
--- a/congress/templates/deployment-policy-engine.yaml
+++ b/congress/templates/deployment-policy-engine.yaml
@@ -59,6 +59,8 @@ spec:
- /tmp/congress-policy-engine.sh
- start
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etccongress
mountPath: /etc/congress
- name: congress-bin
@@ -82,6 +84,8 @@ spec:
subPath: policy.json
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etccongress
emptyDir: {}
- name: congress-bin
diff --git a/congress/templates/job-ds-create.yaml b/congress/templates/job-ds-create.yaml
index 710870afe1..81aa7b511e 100644
--- a/congress/templates/job-ds-create.yaml
+++ b/congress/templates/job-ds-create.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ds-create.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ds-create-sh
mountPath: /tmp/ds-create.sh
subPath: ds-create.sh
@@ -56,6 +58,8 @@ spec:
- name: SERVICE_OS_SERVICE_NAME
value: "congress"
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ds-create-sh
configMap:
name: congress-bin
diff --git a/congress/templates/pod-test.yaml b/congress/templates/pod-test.yaml
index bad66b8275..7e9b35378b 100644
--- a/congress/templates/pod-test.yaml
+++ b/congress/templates/pod-test.yaml
@@ -43,11 +43,15 @@ spec:
command:
- /tmp/congress-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: congress-bin
mountPath: /tmp/congress-test.sh
subPath: congress-test.sh
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: congress-bin
configMap:
name: congress-bin
diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml
index 21172f40e2..5655c3159b 100644
--- a/glance/templates/deployment-api.yaml
+++ b/glance/templates/deployment-api.yaml
@@ -66,6 +66,8 @@ spec:
- "glance:"
- {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-images
mountPath: {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
{{ if eq .Values.storage "rbd" }}
@@ -77,6 +79,8 @@ spec:
command:
- /tmp/ceph-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: glance-bin
@@ -113,6 +117,8 @@ spec:
port: {{ tuple "image" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcglance
mountPath: /etc/glance
- name: glance-bin
@@ -159,6 +165,8 @@ spec:
{{- end }}
{{ if $mounts_glance_api.volumeMounts }}{{ toYaml $mounts_glance_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcglance
emptyDir: {}
- name: glance-bin
diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml
index c83962dcd1..fa444f9b91 100644
--- a/glance/templates/deployment-registry.yaml
+++ b/glance/templates/deployment-registry.yaml
@@ -80,6 +80,8 @@ spec:
port: {{ tuple "image_registry" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcglance
mountPath: /etc/glance
- name: glance-bin
@@ -108,6 +110,8 @@ spec:
readOnly: true
{{ if $mounts_glance_registry.volumeMounts }}{{ toYaml $mounts_glance_registry.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcglance
emptyDir: {}
- name: glance-bin
diff --git a/glance/templates/job-clean.yaml b/glance/templates/job-clean.yaml
index 9db6c734e1..f228c4499d 100644
--- a/glance/templates/job-clean.yaml
+++ b/glance/templates/job-clean.yaml
@@ -82,6 +82,8 @@ spec:
command:
- /tmp/clean-secrets.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-bin
mountPath: /tmp/clean-secrets.sh
subPath: clean-secrets.sh
@@ -97,11 +99,15 @@ spec:
command:
- /tmp/clean-image.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-bin
mountPath: /tmp/clean-image.sh
subPath: clean-image.sh
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: glance-bin
configMap:
name: glance-bin
diff --git a/glance/templates/job-storage-init.yaml b/glance/templates/job-storage-init.yaml
index f9e1123951..fd11cc11c3 100644
--- a/glance/templates/job-storage-init.yaml
+++ b/glance/templates/job-storage-init.yaml
@@ -75,6 +75,8 @@ spec:
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: glance-bin
@@ -131,6 +133,8 @@ spec:
command:
- /tmp/storage-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-bin
mountPath: /tmp/storage-init.sh
subPath: storage-init.sh
@@ -154,6 +158,8 @@ spec:
mountPath: {{ .Values.conf.glance.glance_store.filesystem_store_datadir }}
{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: glance-bin
configMap:
name: glance-bin
diff --git a/glance/templates/pod-rally-test.yaml b/glance/templates/pod-rally-test.yaml
index a0f992fbee..a0d99590ee 100644
--- a/glance/templates/pod-rally-test.yaml
+++ b/glance/templates/pod-rally-test.yaml
@@ -44,6 +44,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -75,6 +77,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: glance-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -87,6 +91,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: glance-etc
secret:
secretName: glance-etc
diff --git a/heat/templates/cron-job-engine-cleaner.yaml b/heat/templates/cron-job-engine-cleaner.yaml
index 1a71a372d8..130f38df92 100644
--- a/heat/templates/cron-job-engine-cleaner.yaml
+++ b/heat/templates/cron-job-engine-cleaner.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/heat-engine-cleaner.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: heat-bin
mountPath: /tmp/heat-engine-cleaner.sh
subPath: heat-engine-cleaner.sh
@@ -78,15 +80,17 @@ spec:
{{ end }}
{{ if $mounts_heat_engine_cleaner.volumeMounts }}{{ toYaml $mounts_heat_engine_cleaner.volumeMounts | indent 14 }}{{ end }}
volumes:
- - name: etcheat
- emptyDir: {}
- - name: heat-etc
- secret:
- secretName: heat-etc
- defaultMode: 0444
- - name: heat-bin
- configMap:
- name: heat-bin
- defaultMode: 0555
-{{ if $mounts_heat_engine_cleaner.volumes }}{{ toYaml $mounts_heat_engine_cleaner.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etcheat
+ emptyDir: {}
+ - name: heat-etc
+ secret:
+ secretName: heat-etc
+ defaultMode: 0444
+ - name: heat-bin
+ configMap:
+ name: heat-bin
+ defaultMode: 0555
+{{ if $mounts_heat_engine_cleaner.volumes }}{{ toYaml $mounts_heat_engine_cleaner.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/heat/templates/cron-job-purge-deleted.yaml b/heat/templates/cron-job-purge-deleted.yaml
index 0e0c2ce180..f76bb1a178 100644
--- a/heat/templates/cron-job-purge-deleted.yaml
+++ b/heat/templates/cron-job-purge-deleted.yaml
@@ -58,6 +58,8 @@ spec:
- /tmp/heat-purge-deleted-active.sh
- {{ quote .Values.jobs.purge_deleted.purge_age }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: heat-bin
mountPath: /tmp/heat-purge-deleted-active.sh
subPath: heat-purge-deleted-active.sh
@@ -76,15 +78,17 @@ spec:
{{ end }}
{{ if $mounts_heat_purge_deleted.volumeMounts }}{{ toYaml $mounts_heat_purge_deleted.volumeMounts | indent 14 }}{{ end }}
volumes:
- - name: etcheat
- emptyDir: {}
- - name: heat-etc
- secret:
- secretName: heat-etc
- defaultMode: 0444
- - name: heat-bin
- configMap:
- name: heat-bin
- defaultMode: 0555
-{{ if $mounts_heat_purge_deleted.volumes }}{{ toYaml $mounts_heat_purge_deleted.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etcheat
+ emptyDir: {}
+ - name: heat-etc
+ secret:
+ secretName: heat-etc
+ defaultMode: 0444
+ - name: heat-bin
+ configMap:
+ name: heat-bin
+ defaultMode: 0555
+{{ if $mounts_heat_purge_deleted.volumes }}{{ toYaml $mounts_heat_purge_deleted.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml
index ff022d13ec..36834ee6d0 100644
--- a/heat/templates/deployment-api.yaml
+++ b/heat/templates/deployment-api.yaml
@@ -80,6 +80,8 @@ spec:
port: {{ tuple "orchestration" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-heat
mountPath: /etc/heat
- name: heat-bin
@@ -110,6 +112,8 @@ spec:
readOnly: true
{{ if $mounts_heat_api.volumeMounts }}{{ toYaml $mounts_heat_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-heat
emptyDir: {}
- name: heat-bin
diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml
index 817233612b..e21a48040b 100644
--- a/heat/templates/deployment-cfn.yaml
+++ b/heat/templates/deployment-cfn.yaml
@@ -80,6 +80,8 @@ spec:
port: {{ tuple "cloudformation" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-heat
mountPath: /etc/heat
- name: heat-bin
@@ -110,6 +112,8 @@ spec:
readOnly: true
{{ if $mounts_heat_cfn.volumeMounts }}{{ toYaml $mounts_heat_cfn.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-heat
emptyDir: {}
- name: heat-bin
diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml
index 837f11afb1..3794709d8e 100644
--- a/heat/templates/deployment-cloudwatch.yaml
+++ b/heat/templates/deployment-cloudwatch.yaml
@@ -76,6 +76,8 @@ spec:
tcpSocket:
port: {{ tuple "cloudwatch" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-heat
mountPath: /etc/heat
- name: heat-bin
@@ -106,6 +108,8 @@ spec:
readOnly: true
{{ if $mounts_heat_cloudwatch.volumeMounts }}{{ toYaml $mounts_heat_cloudwatch.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-heat
emptyDir: {}
- name: heat-bin
diff --git a/heat/templates/deployment-engine.yaml b/heat/templates/deployment-engine.yaml
index b595b088e7..43b4f30cdb 100644
--- a/heat/templates/deployment-engine.yaml
+++ b/heat/templates/deployment-engine.yaml
@@ -78,6 +78,8 @@ spec:
- /tmp/heat-engine.sh
- stop
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-heat
mountPath: /etc/heat
- name: heat-bin
@@ -100,6 +102,8 @@ spec:
readOnly: true
{{ if $mounts_heat_engine.volumeMounts }}{{ toYaml $mounts_heat_engine.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-heat
emptyDir: {}
- name: heat-bin
diff --git a/heat/templates/job-ks-user-domain.yaml b/heat/templates/job-ks-user-domain.yaml
index b443a86c33..f8b685b86c 100644
--- a/heat/templates/job-ks-user-domain.yaml
+++ b/heat/templates/job-ks-user-domain.yaml
@@ -44,6 +44,8 @@ spec:
command:
- /tmp/ks-domain-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ks-user-sh
mountPath: /tmp/ks-domain-user.sh
subPath: ks-domain-user.sh
@@ -77,6 +79,8 @@ spec:
- name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.heat_stack_user.role | quote }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ks-user-sh
configMap:
name: heat-bin
diff --git a/heat/templates/job-trusts.yaml b/heat/templates/job-trusts.yaml
index f8ece8dab4..cff432ca22 100644
--- a/heat/templates/job-trusts.yaml
+++ b/heat/templates/job-trusts.yaml
@@ -48,6 +48,8 @@ spec:
- bash
- /tmp/trusts.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: heat-bin
mountPath: /tmp/trusts.sh
subPath: trusts.sh
@@ -64,6 +66,8 @@ spec:
- name: SERVICE_OS_TRUSTEE_DOMAIN
value: {{ .Values.endpoints.identity.auth.heat_trustee.user_domain_name }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: heat-bin
configMap:
name: heat-bin
diff --git a/heat/templates/pod-rally-test.yaml b/heat/templates/pod-rally-test.yaml
index 2db25a300e..0fbb968073 100644
--- a/heat/templates/pod-rally-test.yaml
+++ b/heat/templates/pod-rally-test.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: heat-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: heat-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -94,6 +98,8 @@ spec:
{{- end }}
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: heat-etc
secret:
secretName: heat-etc
diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml
index 3baf1e294c..a0e0042a28 100644
--- a/horizon/templates/deployment.yaml
+++ b/horizon/templates/deployment.yaml
@@ -90,6 +90,8 @@ spec:
periodSeconds: 60
timeoutSeconds: 5
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: static-horizon
mountPath: /var/www/html/
- name: horizon-bin
@@ -127,6 +129,8 @@ spec:
{{- end }}
{{ if $mounts_horizon.volumeMounts }}{{ toYaml $mounts_horizon.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: wsgi-horizon
emptyDir: {}
- name: static-horizon
diff --git a/ironic/templates/deployment-api.yaml b/ironic/templates/deployment-api.yaml
index 2f20d5d246..453d4acb00 100644
--- a/ironic/templates/deployment-api.yaml
+++ b/ironic/templates/deployment-api.yaml
@@ -67,6 +67,8 @@ spec:
command:
- /tmp/retreive-swift-config.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/retreive-swift-config.sh
subPath: retreive-swift-config.sh
@@ -86,6 +88,8 @@ spec:
command:
- /tmp/retreive-cleaning-network.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/retreive-cleaning-network.sh
subPath: retreive-cleaning-network.sh
@@ -112,6 +116,8 @@ spec:
tcpSocket:
port: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-api.sh
subPath: ironic-api.sh
@@ -132,6 +138,8 @@ spec:
mountPath: /tmp/pod-shared
{{ if $mounts_ironic_api.volumeMounts }}{{ toYaml $mounts_ironic_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ironic-bin
configMap:
name: ironic-bin
diff --git a/ironic/templates/job-manage-cleaning-network.yaml b/ironic/templates/job-manage-cleaning-network.yaml
index b79bca47e1..f2f77a9596 100644
--- a/ironic/templates/job-manage-cleaning-network.yaml
+++ b/ironic/templates/job-manage-cleaning-network.yaml
@@ -50,11 +50,15 @@ spec:
command:
- /tmp/manage-cleaning-network.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/manage-cleaning-network.sh
subPath: manage-cleaning-network.sh
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ironic-bin
configMap:
name: ironic-bin
diff --git a/ironic/templates/statefulset-conductor.yaml b/ironic/templates/statefulset-conductor.yaml
index 1fca3ea73d..2a4eff35d9 100644
--- a/ironic/templates/statefulset-conductor.yaml
+++ b/ironic/templates/statefulset-conductor.yaml
@@ -62,6 +62,8 @@ spec:
command:
- /tmp/ironic-conductor-pxe-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor-pxe-init.sh
subPath: ironic-conductor-pxe-init.sh
@@ -77,6 +79,8 @@ spec:
command:
- /tmp/ironic-conductor-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor-init.sh
subPath: ironic-conductor-init.sh
@@ -92,6 +96,8 @@ spec:
command:
- /tmp/ironic-conductor-http-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor-http-init.sh
subPath: ironic-conductor-http-init.sh
@@ -115,6 +121,8 @@ spec:
command:
- /tmp/retreive-swift-config.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/retreive-swift-config.sh
subPath: retreive-swift-config.sh
@@ -134,6 +142,8 @@ spec:
command:
- /tmp/retreive-cleaning-network.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/retreive-cleaning-network.sh
subPath: retreive-cleaning-network.sh
@@ -150,6 +160,8 @@ spec:
command:
- /tmp/ironic-conductor.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor.sh
subPath: ironic-conductor.sh
@@ -191,6 +203,8 @@ spec:
command:
- /tmp/ironic-conductor-pxe.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor-pxe.sh
subPath: ironic-conductor-pxe.sh
@@ -207,6 +221,8 @@ spec:
command:
- /tmp/ironic-conductor-http.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ironic-bin
mountPath: /tmp/ironic-conductor-http.sh
subPath: ironic-conductor-http.sh
@@ -218,6 +234,8 @@ spec:
mountPath: /var/lib/openstack-helm
{{ if $mounts_ironic_conductor.volumeMounts }}{{ toYaml $mounts_ironic_conductor.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-shared
emptyDir: {}
- name: pod-var-cache-ironic
diff --git a/keystone/templates/cron-job-credential-rotate.yaml b/keystone/templates/cron-job-credential-rotate.yaml
index 9249675e99..6330c1abeb 100644
--- a/keystone/templates/cron-job-credential-rotate.yaml
+++ b/keystone/templates/cron-job-credential-rotate.yaml
@@ -80,46 +80,50 @@ spec:
{{ tuple $envAll "keystone_credential_rotate" | include "helm-toolkit.snippets.image" | indent 14 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.credential_rotate | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
env:
- - name: KEYSTONE_USER
- value: {{ .Values.jobs.credential_rotate.user | quote }}
- - name: KEYSTONE_GROUP
- value: {{ .Values.jobs.credential_rotate.group | quote }}
- - name: KUBERNETES_NAMESPACE
- value: {{ .Release.Namespace | quote }}
- - name: KEYSTONE_KEYS_REPOSITORY
- value: {{ .Values.conf.keystone.credential.key_repository | quote }}
- - name: KEYSTONE_CREDENTIAL_MIGRATE_WAIT
- value: {{ .Values.jobs.credential_rotate.migrate_wait | quote }}
+ - name: KEYSTONE_USER
+ value: {{ .Values.jobs.credential_rotate.user | quote }}
+ - name: KEYSTONE_GROUP
+ value: {{ .Values.jobs.credential_rotate.group | quote }}
+ - name: KUBERNETES_NAMESPACE
+ value: {{ .Release.Namespace | quote }}
+ - name: KEYSTONE_KEYS_REPOSITORY
+ value: {{ .Values.conf.keystone.credential.key_repository | quote }}
+ - name: KEYSTONE_CREDENTIAL_MIGRATE_WAIT
+ value: {{ .Values.jobs.credential_rotate.migrate_wait | quote }}
command:
- python
- /tmp/fernet-manage.py
- credential_rotate
volumeMounts:
- - name: etckeystone
- mountPath: /etc/keystone
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
- readOnly: true
- - name: keystone-bin
- mountPath: /tmp/fernet-manage.py
- subPath: fernet-manage.py
- readOnly: true
- {{ if $mounts_keystone_credential_rotate.volumeMounts }}{{ toYaml $mounts_keystone_credential_rotate.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etckeystone
+ mountPath: /etc/keystone
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone.conf
+ subPath: keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: keystone-bin
+ mountPath: /tmp/fernet-manage.py
+ subPath: fernet-manage.py
+ readOnly: true
+{{ if $mounts_keystone_credential_rotate.volumeMounts }}{{ toYaml $mounts_keystone_credential_rotate.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: etckeystone
- emptyDir: {}
- - name: keystone-etc
- secret:
- secretName: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
- {{ if $mounts_keystone_credential_rotate.volumes }}{{ toYaml $mounts_keystone_credential_rotate.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etckeystone
+ emptyDir: {}
+ - name: keystone-etc
+ secret:
+ secretName: keystone-etc
+ defaultMode: 0444
+ - name: keystone-bin
+ configMap:
+ name: keystone-bin
+ defaultMode: 0555
+{{ if $mounts_keystone_credential_rotate.volumes }}{{ toYaml $mounts_keystone_credential_rotate.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/keystone/templates/cron-job-fernet-rotate.yaml b/keystone/templates/cron-job-fernet-rotate.yaml
index a61339ef85..ca2d41358f 100644
--- a/keystone/templates/cron-job-fernet-rotate.yaml
+++ b/keystone/templates/cron-job-fernet-rotate.yaml
@@ -81,45 +81,49 @@ spec:
{{ tuple $envAll "keystone_fernet_rotate" | include "helm-toolkit.snippets.image" | indent 14 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.fernet_rotate | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
env:
- - name: KEYSTONE_USER
- value: {{ .Values.jobs.fernet_rotate.user | quote }}
- - name: KEYSTONE_GROUP
- value: {{ .Values.jobs.fernet_rotate.group | quote }}
- - name: KUBERNETES_NAMESPACE
- value: {{ .Release.Namespace | quote }}
- - name: KEYSTONE_KEYS_REPOSITORY
- value: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
+ - name: KEYSTONE_USER
+ value: {{ .Values.jobs.fernet_rotate.user | quote }}
+ - name: KEYSTONE_GROUP
+ value: {{ .Values.jobs.fernet_rotate.group | quote }}
+ - name: KUBERNETES_NAMESPACE
+ value: {{ .Release.Namespace | quote }}
+ - name: KEYSTONE_KEYS_REPOSITORY
+ value: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
command:
- python
- /tmp/fernet-manage.py
- fernet_rotate
volumeMounts:
- - name: etckeystone
- mountPath: /etc/keystone
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
- readOnly: true
- - name: keystone-bin
- mountPath: /tmp/fernet-manage.py
- subPath: fernet-manage.py
- readOnly: true
- {{ if $mounts_keystone_fernet_rotate.volumeMounts }}{{ toYaml $mounts_keystone_fernet_rotate.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etckeystone
+ mountPath: /etc/keystone
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone.conf
+ subPath: keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: keystone-bin
+ mountPath: /tmp/fernet-manage.py
+ subPath: fernet-manage.py
+ readOnly: true
+{{ if $mounts_keystone_fernet_rotate.volumeMounts }}{{ toYaml $mounts_keystone_fernet_rotate.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: etckeystone
- emptyDir: {}
- - name: keystone-etc
- secret:
- secretName: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
- {{ if $mounts_keystone_fernet_rotate.volumes }}{{ toYaml $mounts_keystone_fernet_rotate.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etckeystone
+ emptyDir: {}
+ - name: keystone-etc
+ secret:
+ secretName: keystone-etc
+ defaultMode: 0444
+ - name: keystone-bin
+ configMap:
+ name: keystone-bin
+ defaultMode: 0555
+{{ if $mounts_keystone_fernet_rotate.volumes }}{{ toYaml $mounts_keystone_fernet_rotate.volumes | indent 12 }}{{ end }}
{{- end }}
{{- end }}
diff --git a/keystone/templates/deployment-api.yaml b/keystone/templates/deployment-api.yaml
index 3069a2ad41..28ec10f9ef 100644
--- a/keystone/templates/deployment-api.yaml
+++ b/keystone/templates/deployment-api.yaml
@@ -89,98 +89,102 @@ spec:
periodSeconds: 20
timeoutSeconds: 5
volumeMounts:
- - name: etckeystone
- mountPath: /etc/keystone
- - name: logs-apache
- mountPath: /var/log/apache2
- - name: run-apache
- mountPath: /var/run/apache2
- - name: wsgi-keystone
- mountPath: /var/www/cgi-bin/keystone
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: /etc/apache2/ports.conf
- subPath: ports.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
- readOnly: true
- - name: keystone-etc
- mountPath: /etc/keystone/keystone-paste.ini
- subPath: keystone-paste.ini
- readOnly: true
- - name: keystone-etc
- mountPath: /etc/keystone/policy.json
- subPath: policy.json
- readOnly: true
- - name: keystone-etc
- mountPath: /etc/keystone/sso_callback_template.html
- subPath: sso_callback_template.html
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.software.apache2.conf_dir }}/wsgi-keystone.conf
- subPath: wsgi-keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.software.apache2.mods_dir }}/mpm_event.conf
- subPath: mpm_event.conf
- readOnly: true
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etckeystone
+ mountPath: /etc/keystone
+ - name: logs-apache
+ mountPath: /var/log/apache2
+ - name: run-apache
+ mountPath: /var/run/apache2
+ - name: wsgi-keystone
+ mountPath: /var/www/cgi-bin/keystone
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone.conf
+ subPath: keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: /etc/apache2/ports.conf
+ subPath: ports.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone-paste.ini
+ subPath: keystone-paste.ini
+ readOnly: true
+ - name: keystone-etc
+ mountPath: /etc/keystone/policy.json
+ subPath: policy.json
+ readOnly: true
+ - name: keystone-etc
+ mountPath: /etc/keystone/sso_callback_template.html
+ subPath: sso_callback_template.html
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.software.apache2.conf_dir }}/wsgi-keystone.conf
+ subPath: wsgi-keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.software.apache2.mods_dir }}/mpm_event.conf
+ subPath: mpm_event.conf
+ readOnly: true
{{- if .Values.conf.security }}
- - name: keystone-etc
- mountPath: {{ .Values.conf.software.apache2.conf_dir }}/security.conf
- subPath: security.conf
- readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.software.apache2.conf_dir }}/security.conf
+ subPath: security.conf
+ readOnly: true
{{- end }}
- - name: keystone-bin
- mountPath: /tmp/keystone-api.sh
- subPath: keystone-api.sh
- readOnly: true
+ - name: keystone-bin
+ mountPath: /tmp/keystone-api.sh
+ subPath: keystone-api.sh
+ readOnly: true
{{- if .Values.endpoints.ldap.auth.client.tls.ca }}
- - name: keystone-ldap-tls
- mountPath: /etc/keystone/ldap/tls.ca
- subPath: tls.ca
- readOnly: true
+ - name: keystone-ldap-tls
+ mountPath: /etc/keystone/ldap/tls.ca
+ subPath: tls.ca
+ readOnly: true
{{- end }}
{{- if eq .Values.conf.keystone.token.provider "fernet" }}
- - name: keystone-fernet-keys
- mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
+ - name: keystone-fernet-keys
+ mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
{{- end }}
- - name: keystone-credential-keys
- mountPath: {{ .Values.conf.keystone.credential.key_repository }}
-{{ if $mounts_keystone_api.volumeMounts }}{{ toYaml $mounts_keystone_api.volumeMounts | indent 10 }}{{ end }}
+ - name: keystone-credential-keys
+ mountPath: {{ .Values.conf.keystone.credential.key_repository }}
+{{ if $mounts_keystone_api.volumeMounts }}{{ toYaml $mounts_keystone_api.volumeMounts | indent 12 }}{{ end }}
volumes:
- - name: etckeystone
- emptyDir: {}
- - name: wsgi-keystone
- emptyDir: {}
- - name: logs-apache
- emptyDir: {}
- - name: run-apache
- emptyDir: {}
- - name: keystone-etc
- secret:
- secretName: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etckeystone
+ emptyDir: {}
+ - name: wsgi-keystone
+ emptyDir: {}
+ - name: logs-apache
+ emptyDir: {}
+ - name: run-apache
+ emptyDir: {}
+ - name: keystone-etc
+ secret:
+ secretName: keystone-etc
+ defaultMode: 0444
+ - name: keystone-bin
+ configMap:
+ name: keystone-bin
+ defaultMode: 0555
{{- if .Values.endpoints.ldap.auth.client.tls.ca }}
- - name: keystone-ldap-tls
- secret:
- secretName: keystone-ldap-tls
+ - name: keystone-ldap-tls
+ secret:
+ secretName: keystone-ldap-tls
{{- end }}
{{- if eq .Values.conf.keystone.token.provider "fernet" }}
- - name: keystone-fernet-keys
- secret:
- secretName: keystone-fernet-keys
+ - name: keystone-fernet-keys
+ secret:
+ secretName: keystone-fernet-keys
{{- end }}
- - name: keystone-credential-keys
- secret:
- secretName: keystone-credential-keys
-{{ if $mounts_keystone_api.volumes }}{{ toYaml $mounts_keystone_api.volumes | indent 6 }}{{ end }}
+ - name: keystone-credential-keys
+ secret:
+ secretName: keystone-credential-keys
+{{ if $mounts_keystone_api.volumes }}{{ toYaml $mounts_keystone_api.volumes | indent 8 }}{{ end }}
{{- end }}
diff --git a/keystone/templates/job-credential-cleanup.yaml b/keystone/templates/job-credential-cleanup.yaml
index 11fed66477..aad01bf842 100644
--- a/keystone/templates/job-credential-cleanup.yaml
+++ b/keystone/templates/job-credential-cleanup.yaml
@@ -69,6 +69,8 @@ spec:
- python
- /tmp/cred-clean.py
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: cred-clean-sh
mountPath: /tmp/cred-clean.py
subPath: cred-clean.py
@@ -86,6 +88,8 @@ spec:
readOnly: true
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: cred-clean-sh
configMap:
name: "keystone-bin"
diff --git a/keystone/templates/job-credential-setup.yaml b/keystone/templates/job-credential-setup.yaml
index 4a212dcb5b..e53b0c1f57 100644
--- a/keystone/templates/job-credential-setup.yaml
+++ b/keystone/templates/job-credential-setup.yaml
@@ -74,48 +74,52 @@ spec:
{{ tuple $envAll "keystone_credential_setup" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.credential_setup | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- - name: KEYSTONE_USER
- value: {{ .Values.jobs.credential_setup.user | quote }}
- - name: KEYSTONE_GROUP
- value: {{ .Values.jobs.credential_setup.group | quote }}
- - name: KUBERNETES_NAMESPACE
- value: {{ .Release.Namespace | quote }}
- - name: KEYSTONE_KEYS_REPOSITORY
- value: {{ .Values.conf.keystone.credential.key_repository | quote }}
+ - name: KEYSTONE_USER
+ value: {{ .Values.jobs.credential_setup.user | quote }}
+ - name: KEYSTONE_GROUP
+ value: {{ .Values.jobs.credential_setup.group | quote }}
+ - name: KUBERNETES_NAMESPACE
+ value: {{ .Release.Namespace | quote }}
+ - name: KEYSTONE_KEYS_REPOSITORY
+ value: {{ .Values.conf.keystone.credential.key_repository | quote }}
command:
- python
- /tmp/fernet-manage.py
- credential_setup
volumeMounts:
- - name: etckeystone
- mountPath: /etc/keystone
- - name: credential-keys
- mountPath: {{ .Values.conf.keystone.credential.key_repository | quote }}
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
- readOnly: true
- - name: keystone-bin
- mountPath: /tmp/fernet-manage.py
- subPath: fernet-manage.py
- readOnly: true
-{{ if $mounts_keystone_credential_setup.volumeMounts }}{{ toYaml $mounts_keystone_credential_setup.volumeMounts | indent 10 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etckeystone
+ mountPath: /etc/keystone
+ - name: credential-keys
+ mountPath: {{ .Values.conf.keystone.credential.key_repository | quote }}
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone.conf
+ subPath: keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: keystone-bin
+ mountPath: /tmp/fernet-manage.py
+ subPath: fernet-manage.py
+ readOnly: true
+{{ if $mounts_keystone_credential_setup.volumeMounts }}{{ toYaml $mounts_keystone_credential_setup.volumeMounts | indent 12 }}{{ end }}
volumes:
- - name: etckeystone
- emptyDir: {}
- - name: credential-keys
- emptyDir: {}
- - name: keystone-etc
- secret:
- secretName: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
-{{ if $mounts_keystone_credential_setup.volumes }}{{ toYaml $mounts_keystone_credential_setup.volumes | indent 6 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etckeystone
+ emptyDir: {}
+ - name: credential-keys
+ emptyDir: {}
+ - name: keystone-etc
+ secret:
+ secretName: keystone-etc
+ defaultMode: 0444
+ - name: keystone-bin
+ configMap:
+ name: keystone-bin
+ defaultMode: 0555
+{{ if $mounts_keystone_credential_setup.volumes }}{{ toYaml $mounts_keystone_credential_setup.volumes | indent 8 }}{{ end }}
{{- end }}
diff --git a/keystone/templates/job-domain-manage.yaml b/keystone/templates/job-domain-manage.yaml
index a2c8be84d2..86ee64763a 100644
--- a/keystone/templates/job-domain-manage.yaml
+++ b/keystone/templates/job-domain-manage.yaml
@@ -49,6 +49,8 @@ spec:
command:
- /tmp/domain-manage-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: keystone-bin
mountPath: /tmp/domain-manage-init.sh
subPath: domain-manage-init.sh
@@ -64,6 +66,8 @@ spec:
command:
- /tmp/domain-manage.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etckeystonedomains
mountPath: {{ .Values.conf.keystone.identity.domain_config_dir | default "/etc/keystonedomains" }}
- name: etckeystone
@@ -98,6 +102,8 @@ spec:
mountPath: {{ .Values.conf.keystone.credential.key_repository }}
{{ if $mounts_keystone_domain_manage.volumeMounts }}{{ toYaml $mounts_keystone_domain_manage.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etckeystone
emptyDir: {}
- name: etckeystonedomains
diff --git a/keystone/templates/job-fernet-setup.yaml b/keystone/templates/job-fernet-setup.yaml
index ebe9f2184f..81093720e9 100644
--- a/keystone/templates/job-fernet-setup.yaml
+++ b/keystone/templates/job-fernet-setup.yaml
@@ -73,49 +73,53 @@ spec:
{{ tuple $envAll "keystone_fernet_setup" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.fernet_setup | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- - name: KEYSTONE_USER
- value: {{ .Values.jobs.fernet_setup.user | quote }}
- - name: KEYSTONE_GROUP
- value: {{ .Values.jobs.fernet_setup.group | quote }}
- - name: KUBERNETES_NAMESPACE
- value: {{ .Release.Namespace | quote }}
- - name: KEYSTONE_KEYS_REPOSITORY
- value: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
+ - name: KEYSTONE_USER
+ value: {{ .Values.jobs.fernet_setup.user | quote }}
+ - name: KEYSTONE_GROUP
+ value: {{ .Values.jobs.fernet_setup.group | quote }}
+ - name: KUBERNETES_NAMESPACE
+ value: {{ .Release.Namespace | quote }}
+ - name: KEYSTONE_KEYS_REPOSITORY
+ value: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
command:
- python
- /tmp/fernet-manage.py
- fernet_setup
volumeMounts:
- - name: etckeystone
- mountPath: /etc/keystone
- - name: fernet-keys
- mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
- - name: keystone-etc
- mountPath: /etc/keystone/keystone.conf
- subPath: keystone.conf
- readOnly: true
- - name: keystone-etc
- mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
- readOnly: true
- - name: keystone-bin
- mountPath: /tmp/fernet-manage.py
- subPath: fernet-manage.py
- readOnly: true
-{{ if $mounts_keystone_fernet_setup.volumeMounts }}{{ toYaml $mounts_keystone_fernet_setup.volumeMounts | indent 10 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etckeystone
+ mountPath: /etc/keystone
+ - name: fernet-keys
+ mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }}
+ - name: keystone-etc
+ mountPath: /etc/keystone/keystone.conf
+ subPath: keystone.conf
+ readOnly: true
+ - name: keystone-etc
+ mountPath: {{ .Values.conf.keystone.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.keystone.DEFAULT.log_config_append }}
+ readOnly: true
+ - name: keystone-bin
+ mountPath: /tmp/fernet-manage.py
+ subPath: fernet-manage.py
+ readOnly: true
+{{ if $mounts_keystone_fernet_setup.volumeMounts }}{{ toYaml $mounts_keystone_fernet_setup.volumeMounts | indent 12 }}{{ end }}
volumes:
- - name: etckeystone
- emptyDir: {}
- - name: fernet-keys
- emptyDir: {}
- - name: keystone-etc
- secret:
- secretName: keystone-etc
- defaultMode: 0444
- - name: keystone-bin
- configMap:
- name: keystone-bin
- defaultMode: 0555
-{{ if $mounts_keystone_fernet_setup.volumes }}{{ toYaml $mounts_keystone_fernet_setup.volumes | indent 6 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etckeystone
+ emptyDir: {}
+ - name: fernet-keys
+ emptyDir: {}
+ - name: keystone-etc
+ secret:
+ secretName: keystone-etc
+ defaultMode: 0444
+ - name: keystone-bin
+ configMap:
+ name: keystone-bin
+ defaultMode: 0555
+{{ if $mounts_keystone_fernet_setup.volumes }}{{ toYaml $mounts_keystone_fernet_setup.volumes | indent 8 }}{{ end }}
{{- end }}
{{- end }}
diff --git a/keystone/templates/pod-rally-test.yaml b/keystone/templates/pod-rally-test.yaml
index d29bc0eb69..49501e98b0 100644
--- a/keystone/templates/pod-rally-test.yaml
+++ b/keystone/templates/pod-rally-test.yaml
@@ -43,6 +43,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: keystone-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -74,6 +76,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: keystone-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -86,6 +90,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: keystone-etc
secret:
secretName: keystone-etc
diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml
index d5d4d4828f..bc28b58c2c 100644
--- a/magnum/templates/deployment-api.yaml
+++ b/magnum/templates/deployment-api.yaml
@@ -80,6 +80,8 @@ spec:
initialDelaySeconds: 15
periodSeconds: 10
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: magnum-bin
mountPath: /tmp/magnum-api.sh
subPath: magnum-api.sh
@@ -108,6 +110,8 @@ spec:
mountPath: {{ .Values.conf.magnum.oslo_concurrency.lock_path }}
{{ if $mounts_magnum_api.volumeMounts }}{{ toYaml $mounts_magnum_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-magnum
emptyDir: {}
- name: pod-var-cache-magnum
diff --git a/magnum/templates/job-ks-user-domain.yaml b/magnum/templates/job-ks-user-domain.yaml
index 3705e060a5..2e6f20a173 100644
--- a/magnum/templates/job-ks-user-domain.yaml
+++ b/magnum/templates/job-ks-user-domain.yaml
@@ -44,6 +44,8 @@ spec:
command:
- /tmp/ks-domain-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ks-user-sh
mountPath: /tmp/ks-domain-user.sh
subPath: ks-domain-user.sh
@@ -77,6 +79,8 @@ spec:
- name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.identity.auth.magnum_stack_user.role | quote }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ks-user-sh
configMap:
name: magnum-bin
diff --git a/magnum/templates/statefulset-conductor.yaml b/magnum/templates/statefulset-conductor.yaml
index 10f1cb288d..20a6c9541e 100644
--- a/magnum/templates/statefulset-conductor.yaml
+++ b/magnum/templates/statefulset-conductor.yaml
@@ -65,6 +65,8 @@ spec:
command:
- /tmp/magnum-conductor-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: magnum-bin
mountPath: /tmp/magnum-conductor-init.sh
subPath: magnum-conductor-init.sh
@@ -80,6 +82,8 @@ spec:
command:
- /tmp/magnum-conductor.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: magnum-bin
mountPath: /tmp/magnum-conductor.sh
subPath: magnum-conductor.sh
@@ -104,6 +108,8 @@ spec:
mountPath: {{ .Values.conf.magnum.oslo_concurrency.lock_path }}
{{ if $mounts_magnum_conductor.volumeMounts }}{{ toYaml $mounts_magnum_conductor.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-magnum
emptyDir: {}
- name: pod-shared
diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml
index 65a9e844ef..9eb8029b95 100644
--- a/mistral/templates/deployment-api.yaml
+++ b/mistral/templates/deployment-api.yaml
@@ -76,6 +76,8 @@ spec:
tcpSocket:
port: {{ tuple "workflowv2" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-mistral
mountPath: /etc/mistral
- name: mistral-bin
@@ -96,6 +98,8 @@ spec:
readOnly: true
{{ if $mounts_mistral_api.volumeMounts }}{{ toYaml $mounts_mistral_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-mistral
emptyDir: {}
- name: mistral-bin
diff --git a/mistral/templates/deployment-executor.yaml b/mistral/templates/deployment-executor.yaml
index 27bc70a0d9..0ea1a39744 100644
--- a/mistral/templates/deployment-executor.yaml
+++ b/mistral/templates/deployment-executor.yaml
@@ -62,6 +62,8 @@ spec:
command:
- /tmp/mistral-executor.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-mistral
mountPath: /etc/mistral
- name: mistral-bin
@@ -78,6 +80,8 @@ spec:
readOnly: true
{{ if $mounts_mistral_executor.volumeMounts }}{{ toYaml $mounts_mistral_executor.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-mistral
emptyDir: {}
- name: mistral-bin
diff --git a/mistral/templates/pod-rally-test.yaml b/mistral/templates/pod-rally-test.yaml
index 70f85d96ec..d8c5121fc3 100644
--- a/mistral/templates/pod-rally-test.yaml
+++ b/mistral/templates/pod-rally-test.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: mistral-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: mistral-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -94,6 +98,8 @@ spec:
{{- end }}
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: mistral-etc
secret:
secretName: mistral-etc
diff --git a/mistral/templates/statefulset-engine.yaml b/mistral/templates/statefulset-engine.yaml
index 008e5afb0b..a63126ce8d 100644
--- a/mistral/templates/statefulset-engine.yaml
+++ b/mistral/templates/statefulset-engine.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/mistral-engine.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-mistral
mountPath: /etc/mistral
- name: mistral-bin
@@ -76,6 +78,8 @@ spec:
readOnly: true
{{ if $mounts_mistral_engine.volumeMounts }}{{ toYaml $mounts_mistral_engine.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-mistral
emptyDir: {}
- name: mistral-bin
diff --git a/mistral/templates/statefulset-event-engine.yaml b/mistral/templates/statefulset-event-engine.yaml
index 16bb8fac5d..7013be126b 100644
--- a/mistral/templates/statefulset-event-engine.yaml
+++ b/mistral/templates/statefulset-event-engine.yaml
@@ -60,6 +60,8 @@ spec:
command:
- /tmp/mistral-event-engine.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: pod-etc-mistral
mountPath: /etc/mistral
- name: mistral-bin
@@ -76,6 +78,8 @@ spec:
readOnly: true
{{ if $mounts_mistral_event_engine.volumeMounts }}{{ toYaml $mounts_mistral_event_engine.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-mistral
emptyDir: {}
- name: mistral-bin
diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml
index 49866f2aa5..f60bf03f54 100644
--- a/neutron/templates/daemonset-dhcp-agent.yaml
+++ b/neutron/templates/daemonset-dhcp-agent.yaml
@@ -69,35 +69,37 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/dhcp_agent.ini
- - --agent-queue-name
- - dhcp_agent
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/dhcp_agent.ini
+ - --agent-queue-name
+ - dhcp_agent
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 65
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/dhcp_agent.ini
- - --agent-queue-name
- - dhcp_agent
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/dhcp_agent.ini
+ - --agent-queue-name
+ - dhcp_agent
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/neutron-dhcp-agent.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-dhcp-agent.sh
subPath: neutron-dhcp-agent.sh
@@ -166,6 +168,8 @@ spec:
{{- end }}
{{ if $mounts_neutron_dhcp_agent.volumeMounts }}{{ toYaml $mounts_neutron_dhcp_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml
index 5e0ec19437..cd5f2495fa 100644
--- a/neutron/templates/daemonset-l3-agent.yaml
+++ b/neutron/templates/daemonset-l3-agent.yaml
@@ -69,35 +69,37 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/l3_agent.ini
- - --agent-queue-name
- - l3_agent
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/l3_agent.ini
+ - --agent-queue-name
+ - l3_agent
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 65
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/l3_agent.ini
- - --agent-queue-name
- - l3_agent
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/l3_agent.ini
+ - --agent-queue-name
+ - l3_agent
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/neutron-l3-agent.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-l3-agent.sh
subPath: neutron-l3-agent.sh
@@ -165,6 +167,8 @@ spec:
{{- end }}
{{ if $mounts_neutron_l3_agent.volumeMounts }}{{ toYaml $mounts_neutron_l3_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
diff --git a/neutron/templates/daemonset-lb-agent.yaml b/neutron/templates/daemonset-lb-agent.yaml
index c2b432f799..69050e2bec 100644
--- a/neutron/templates/daemonset-lb-agent.yaml
+++ b/neutron/templates/daemonset-lb-agent.yaml
@@ -86,6 +86,8 @@ spec:
command:
- /tmp/neutron-linuxbridge-agent-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent-init.sh
subPath: neutron-linuxbridge-agent-init.sh
@@ -147,6 +149,8 @@ spec:
- -c
- 'brctl show'
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-linuxbridge-agent.sh
subPath: neutron-linuxbridge-agent.sh
@@ -194,6 +198,8 @@ spec:
mountPath: /run
{{ if $mounts_neutron_lb_agent.volumeMounts }}{{ toYaml $mounts_neutron_lb_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-shared
emptyDir: {}
- name: neutron-bin
diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml
index 8e92a675d6..69c4a68d74 100644
--- a/neutron/templates/daemonset-metadata-agent.yaml
+++ b/neutron/templates/daemonset-metadata-agent.yaml
@@ -71,6 +71,8 @@ spec:
command:
- /tmp/neutron-metadata-agent-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-metadata-agent-init.sh
subPath: neutron-metadata-agent-init.sh
@@ -90,31 +92,33 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/metadata_agent.ini
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/metadata_agent.ini
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 35
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/metadata_agent.ini
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/metadata_agent.ini
+ - --liveness-probe
initialDelaySeconds: 90
periodSeconds: 60
timeoutSeconds: 45
command:
- /tmp/neutron-metadata-agent.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-metadata-agent.sh
subPath: neutron-metadata-agent.sh
@@ -175,6 +179,8 @@ spec:
{{- end }}
{{ if $mounts_neutron_metadata_agent.volumeMounts }}{{ toYaml $mounts_neutron_metadata_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml
index 56061e6325..5a4384815e 100644
--- a/neutron/templates/daemonset-ovs-agent.yaml
+++ b/neutron/templates/daemonset-ovs-agent.yaml
@@ -70,6 +70,8 @@ spec:
command:
- /tmp/neutron-openvswitch-agent-init-modules.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-openvswitch-agent-init-modules.sh
subPath: neutron-openvswitch-agent-init-modules.sh
@@ -86,6 +88,8 @@ spec:
command:
- /tmp/neutron-openvswitch-agent-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-openvswitch-agent-init.sh
subPath: neutron-openvswitch-agent-init.sh
@@ -165,19 +169,21 @@ spec:
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/plugins/ml2/openvswitch_agent.ini
- - --agent-queue-name
- - q-agent-notifier-tunnel-update
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/plugins/ml2/openvswitch_agent.ini
+ - --agent-queue-name
+ - q-agent-notifier-tunnel-update
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-openvswitch-agent.sh
subPath: neutron-openvswitch-agent.sh
@@ -239,6 +245,8 @@ spec:
mountPath: /run
{{ if $mounts_neutron_ovs_agent.volumeMounts }}{{ toYaml $mounts_neutron_ovs_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: varlibopenvswitch
emptyDir: {}
- name: pod-shared
diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml
index a59e4100db..63471b06e0 100644
--- a/neutron/templates/daemonset-sriov-agent.yaml
+++ b/neutron/templates/daemonset-sriov-agent.yaml
@@ -69,6 +69,8 @@ spec:
command:
- /tmp/neutron-sriov-agent-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-sriov-agent-init.sh
subPath: neutron-sriov-agent-init.sh
@@ -132,16 +134,18 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/neutron/neutron.conf
- - --config-file
- - /etc/neutron/sriov_agent.ini
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/neutron/neutron.conf
+ - --config-file
+ - /etc/neutron/sriov_agent.ini
initialDelaySeconds: 30
periodSeconds: 15
timeoutSeconds: 10
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-sriov-agent.sh
subPath: neutron-sriov-agent.sh
@@ -203,6 +207,8 @@ spec:
mountPath: /run
{{ if $mounts_neutron_sriov_agent.volumeMounts }}{{ toYaml $mounts_neutron_sriov_agent.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-shared
emptyDir: {}
- name: neutron-bin
diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml
index 56a9a41c04..9dea3a925a 100644
--- a/neutron/templates/deployment-server.yaml
+++ b/neutron/templates/deployment-server.yaml
@@ -84,6 +84,8 @@ spec:
port: {{ tuple "network" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 60
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/neutron-server.sh
subPath: neutron-server.sh
@@ -126,6 +128,8 @@ spec:
readOnly: true
{{ if $mounts_neutron_server.volumeMounts }}{{ toYaml $mounts_neutron_server.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: neutron-bin
configMap:
name: neutron-bin
diff --git a/neutron/templates/pod-rally-test.yaml b/neutron/templates/pod-rally-test.yaml
index 15633d1871..374039af40 100644
--- a/neutron/templates/pod-rally-test.yaml
+++ b/neutron/templates/pod-rally-test.yaml
@@ -46,6 +46,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -77,6 +79,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: neutron-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -89,6 +93,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: neutron-etc
secret:
secretName: neutron-etc
diff --git a/nova/templates/cron-job-cell-setup.yaml b/nova/templates/cron-job-cell-setup.yaml
index ee86ca321f..0bc457bb6e 100644
--- a/nova/templates/cron-job-cell-setup.yaml
+++ b/nova/templates/cron-job-cell-setup.yaml
@@ -57,6 +57,8 @@ spec:
command:
- /tmp/cell-setup.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/cell-setup.sh
subPath: cell-setup.sh
@@ -76,6 +78,8 @@ spec:
subPath: policy.yaml
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcnova
emptyDir: {}
- name: nova-etc
diff --git a/nova/templates/cron-job-service-cleaner.yaml b/nova/templates/cron-job-service-cleaner.yaml
index 47fdad96ad..f23bd7105f 100644
--- a/nova/templates/cron-job-service-cleaner.yaml
+++ b/nova/templates/cron-job-service-cleaner.yaml
@@ -61,21 +61,25 @@ spec:
command:
- /tmp/nova-service-cleaner.sh
volumeMounts:
- - name: nova-bin
- mountPath: /tmp/nova-service-cleaner.sh
- subPath: nova-service-cleaner.sh
- readOnly: true
- - name: etcnova
- mountPath: /etc/nova
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: nova-bin
+ mountPath: /tmp/nova-service-cleaner.sh
+ subPath: nova-service-cleaner.sh
+ readOnly: true
+ - name: etcnova
+ mountPath: /etc/nova
volumes:
- - name: etcnova
- emptyDir: {}
- - name: nova-etc
- secret:
- secretName: nova-etc
- defaultMode: 0444
- - name: nova-bin
- configMap:
- name: nova-bin
- defaultMode: 0555
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etcnova
+ emptyDir: {}
+ - name: nova-etc
+ secret:
+ secretName: nova-etc
+ defaultMode: 0444
+ - name: nova-bin
+ configMap:
+ name: nova-bin
+ defaultMode: 0555
{{- end }}
diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml
index 4a7b90b58c..8677f3fe80 100644
--- a/nova/templates/daemonset-compute.yaml
+++ b/nova/templates/daemonset-compute.yaml
@@ -66,6 +66,8 @@ spec:
command:
- /tmp/nova-compute-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-compute-init.sh
subPath: nova-compute-init.sh
@@ -85,6 +87,8 @@ spec:
- "nova:"
- /etc/ceph
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
{{- if empty .Values.conf.ceph.cinder.keyring }}
@@ -93,6 +97,8 @@ spec:
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: nova-bin
@@ -122,6 +128,8 @@ spec:
command:
- /tmp/ceph-keyring.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: etcceph
mountPath: /etc/ceph
- name: nova-bin
@@ -141,6 +149,8 @@ spec:
command:
- /tmp/nova-console-compute-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-compute-init.sh
subPath: nova-console-compute-init.sh
@@ -157,6 +167,8 @@ spec:
command:
- /tmp/nova-console-compute-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-compute-init.sh
subPath: nova-console-compute-init.sh
@@ -184,31 +196,33 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - compute
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - compute
initialDelaySeconds: 80
periodSeconds: 90
timeoutSeconds: 70
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - compute
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - compute
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/nova-compute.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-compute.sh
subPath: nova-compute.sh
@@ -313,6 +327,8 @@ spec:
command:
- /tmp/ssh-start.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: varlibnova
mountPath: /var/lib/nova
- name: varliblibvirt
@@ -328,6 +344,8 @@ spec:
subPath: ssh-start.sh
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml
index 66927b727e..8a125a5afb 100644
--- a/nova/templates/deployment-api-metadata.yaml
+++ b/nova/templates/deployment-api-metadata.yaml
@@ -63,6 +63,8 @@ spec:
command:
- /tmp/nova-api-metadata-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-api-metadata-init.sh
subPath: nova-api-metadata-init.sh
@@ -98,6 +100,8 @@ spec:
port: {{ .Values.network.metadata.port }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-api-metadata.sh
subPath: nova-api-metadata.sh
@@ -160,6 +164,8 @@ spec:
readOnly: true
{{ if $mounts_nova_api_metadata.volumeMounts }}{{ toYaml $mounts_nova_api_metadata.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml
index ee6e18ea23..0f6ea37178 100644
--- a/nova/templates/deployment-api-osapi.yaml
+++ b/nova/templates/deployment-api-osapi.yaml
@@ -81,6 +81,8 @@ spec:
port: {{ tuple "compute" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-api.sh
subPath: nova-api.sh
@@ -107,6 +109,8 @@ spec:
readOnly: true
{{ if $mounts_nova_api_osapi.volumeMounts }}{{ toYaml $mounts_nova_api_osapi.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml
index 1e66e41932..900ff238a4 100644
--- a/nova/templates/deployment-conductor.yaml
+++ b/nova/templates/deployment-conductor.yaml
@@ -63,31 +63,33 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - conductor
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - conductor
initialDelaySeconds: 80
periodSeconds: 90
timeoutSeconds: 70
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - conductor
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - conductor
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/nova-conductor.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-conductor.sh
subPath: nova-conductor.sh
@@ -110,6 +112,8 @@ spec:
readOnly: true
{{ if $mounts_nova_conductor.volumeMounts }}{{ toYaml $mounts_nova_conductor.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml
index 75b66e7939..dc15eadce2 100644
--- a/nova/templates/deployment-consoleauth.yaml
+++ b/nova/templates/deployment-consoleauth.yaml
@@ -63,31 +63,33 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - consoleauth
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - consoleauth
initialDelaySeconds: 80
periodSeconds: 90
timeoutSeconds: 70
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - consoleauth
- - --liveness-probe
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - consoleauth
+ - --liveness-probe
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/nova-consoleauth.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-consoleauth.sh
subPath: nova-consoleauth.sh
@@ -110,6 +112,8 @@ spec:
readOnly: true
{{ if $mounts_nova_consoleauth.volumeMounts }}{{ toYaml $mounts_nova_consoleauth.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-novncproxy.yaml b/nova/templates/deployment-novncproxy.yaml
index cf9fda0243..943156de10 100644
--- a/nova/templates/deployment-novncproxy.yaml
+++ b/nova/templates/deployment-novncproxy.yaml
@@ -64,6 +64,8 @@ spec:
command:
- /tmp/nova-console-proxy-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy-init.sh
subPath: nova-console-proxy-init.sh
@@ -84,6 +86,8 @@ spec:
command:
- /tmp/nova-console-proxy-init-assets.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy-init-assets.sh
subPath: nova-console-proxy-init-assets.sh
@@ -108,6 +112,8 @@ spec:
- name: n-novnc
containerPort: {{ tuple "compute_novnc_proxy" "internal" "novnc_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy.sh
subPath: nova-console-proxy.sh
@@ -127,6 +133,8 @@ spec:
mountPath: /tmp/pod-shared
{{ if $mounts_nova_novncproxy.volumeMounts }}{{ toYaml $mounts_nova_novncproxy.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-placement.yaml b/nova/templates/deployment-placement.yaml
index 64a4941244..555afd1ef6 100644
--- a/nova/templates/deployment-placement.yaml
+++ b/nova/templates/deployment-placement.yaml
@@ -82,6 +82,8 @@ spec:
initialDelaySeconds: 50
periodSeconds: 10
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: wsgi-nova
mountPath: /var/www/cgi-bin/nova
- name: nova-bin
@@ -116,6 +118,8 @@ spec:
{{- end }}
{{ if $mounts_nova_placement.volumeMounts }}{{ toYaml $mounts_nova_placement.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: wsgi-nova
emptyDir: {}
- name: nova-bin
diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml
index c75eb02482..5a4c205a8f 100644
--- a/nova/templates/deployment-scheduler.yaml
+++ b/nova/templates/deployment-scheduler.yaml
@@ -63,33 +63,35 @@ spec:
readinessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - scheduler
- - --check-all-pids
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - scheduler
+ - --check-all-pids
initialDelaySeconds: 80
periodSeconds: 90
timeoutSeconds: 70
livenessProbe:
exec:
command:
- - python
- - /tmp/health-probe.py
- - --config-file
- - /etc/nova/nova.conf
- - --service-queue-name
- - scheduler
- - --liveness-probe
- - --check-all-pids
+ - python
+ - /tmp/health-probe.py
+ - --config-file
+ - /etc/nova/nova.conf
+ - --service-queue-name
+ - scheduler
+ - --liveness-probe
+ - --check-all-pids
initialDelaySeconds: 120
periodSeconds: 90
timeoutSeconds: 70
command:
- /tmp/nova-scheduler.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-scheduler.sh
subPath: nova-scheduler.sh
@@ -112,6 +114,8 @@ spec:
readOnly: true
{{ if $mounts_nova_scheduler.volumeMounts }}{{ toYaml $mounts_nova_scheduler.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/deployment-spiceproxy.yaml b/nova/templates/deployment-spiceproxy.yaml
index 4507bde4ce..396dfef732 100644
--- a/nova/templates/deployment-spiceproxy.yaml
+++ b/nova/templates/deployment-spiceproxy.yaml
@@ -64,6 +64,8 @@ spec:
command:
- /tmp/nova-console-proxy-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy-init.sh
subPath: nova-console-proxy-init.sh
@@ -84,6 +86,8 @@ spec:
command:
- /tmp/nova-console-proxy-init-assets.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy-init-assets.sh
subPath: nova-console-proxy-init-assets.sh
@@ -108,6 +112,8 @@ spec:
- name: n-spice
containerPort: {{ tuple "compute_spice_proxy" "internal" "spice_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-console-proxy.sh
subPath: nova-console-proxy.sh
@@ -127,6 +133,8 @@ spec:
mountPath: /tmp/pod-shared
{{ if $mounts_nova_spiceproxy.volumeMounts }}{{ toYaml $mounts_nova_spiceproxy.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/nova/templates/job-cell-setup.yaml b/nova/templates/job-cell-setup.yaml
index 4ad9509a19..be42b6f8a1 100644
--- a/nova/templates/job-cell-setup.yaml
+++ b/nova/templates/job-cell-setup.yaml
@@ -48,6 +48,8 @@ spec:
command:
- /tmp/cell-setup-init.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/cell-setup-init.sh
subPath: cell-setup-init.sh
@@ -59,6 +61,8 @@ spec:
command:
- /tmp/cell-setup.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/cell-setup.sh
subPath: cell-setup.sh
@@ -78,6 +82,8 @@ spec:
subPath: policy.yaml
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcnova
emptyDir: {}
- name: nova-etc
diff --git a/nova/templates/pod-rally-test.yaml b/nova/templates/pod-rally-test.yaml
index f7b2e1b778..c445e4eedd 100644
--- a/nova/templates/pod-rally-test.yaml
+++ b/nova/templates/pod-rally-test.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -88,6 +92,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-etc
secret:
secretName: nova-etc
diff --git a/nova/templates/statefulset-compute-ironic.yaml b/nova/templates/statefulset-compute-ironic.yaml
index d9a5ebc570..1814536abe 100644
--- a/nova/templates/statefulset-compute-ironic.yaml
+++ b/nova/templates/statefulset-compute-ironic.yaml
@@ -67,6 +67,8 @@ spec:
command:
- /tmp/nova-compute-ironic.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: nova-bin
mountPath: /tmp/nova-compute-ironic.sh
subPath: nova-compute-ironic.sh
@@ -95,6 +97,8 @@ spec:
mountPath: /var/lib/ironic
{{ if $mounts_nova_compute_ironic.volumeMounts }}{{ toYaml $mounts_nova_compute_ironic.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: nova-bin
configMap:
name: nova-bin
diff --git a/panko/templates/cron-job-events-cleaner.yaml b/panko/templates/cron-job-events-cleaner.yaml
index 8c07ea723a..ac7a47ad9e 100644
--- a/panko/templates/cron-job-events-cleaner.yaml
+++ b/panko/templates/cron-job-events-cleaner.yaml
@@ -54,31 +54,35 @@ spec:
command:
- /tmp/panko-events-cleaner.sh
volumeMounts:
- - name: panko-bin
- mountPath: /tmp/panko-events-cleaner.sh
- subPath: panko-events-cleaner.sh
- readOnly: true
- - name: etcpanko
- mountPath: /etc/panko
- - name: panko-etc
- mountPath: /etc/panko/panko.conf
- subPath: panko.conf
- readOnly: true
- - name: panko-etc
- mountPath: {{ .Values.conf.panko.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.panko.DEFAULT.log_config_append }}
- readOnly: true
-{{ if $mounts_panko_events_cleaner.volumeMounts }}{{ toYaml $mounts_panko_events_cleaner.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: panko-bin
+ mountPath: /tmp/panko-events-cleaner.sh
+ subPath: panko-events-cleaner.sh
+ readOnly: true
+ - name: etcpanko
+ mountPath: /etc/panko
+ - name: panko-etc
+ mountPath: /etc/panko/panko.conf
+ subPath: panko.conf
+ readOnly: true
+ - name: panko-etc
+ mountPath: {{ .Values.conf.panko.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.panko.DEFAULT.log_config_append }}
+ readOnly: true
+{{ if $mounts_panko_events_cleaner.volumeMounts }}{{ toYaml $mounts_panko_events_cleaner.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: etcpanko
- emptyDir: {}
- - name: panko-etc
- secret:
- secretName: panko-etc
- defaultMode: 0444
- - name: panko-bin
- configMap:
- name: panko-bin
- defaultMode: 0555
-{{ if $mounts_panko_events_cleaner.volumes }}{{ toYaml $mounts_panko_events_cleaner.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: etcpanko
+ emptyDir: {}
+ - name: panko-etc
+ secret:
+ secretName: panko-etc
+ defaultMode: 0444
+ - name: panko-bin
+ configMap:
+ name: panko-bin
+ defaultMode: 0555
+{{ if $mounts_panko_events_cleaner.volumes }}{{ toYaml $mounts_panko_events_cleaner.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/panko/templates/deployment-api.yaml b/panko/templates/deployment-api.yaml
index 06e6baf8a4..b1556d28ec 100644
--- a/panko/templates/deployment-api.yaml
+++ b/panko/templates/deployment-api.yaml
@@ -76,6 +76,8 @@ spec:
tcpSocket:
port: {{ tuple "event" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: wsgi-panko
mountPath: /var/www/cgi-bin/panko
- name: etcpanko
@@ -110,6 +112,8 @@ spec:
readOnly: true
{{ if $mounts_panko_api.volumeMounts }}{{ toYaml $mounts_panko_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: wsgi-panko
emptyDir: {}
- name: etcpanko
diff --git a/panko/templates/pod-rally-test.yaml b/panko/templates/pod-rally-test.yaml
index ac6b27862f..55f3fd8be0 100644
--- a/panko/templates/pod-rally-test.yaml
+++ b/panko/templates/pod-rally-test.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/ks-user.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: panko-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
@@ -76,6 +78,8 @@ spec:
command:
- /tmp/rally-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: panko-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
@@ -88,6 +92,8 @@ spec:
mountPath: /var/lib/rally
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: panko-etc
secret:
secretName: panko-etc
diff --git a/rally/templates/job-bootstrap.yaml b/rally/templates/job-bootstrap.yaml
index 2c892c9dfd..7b30bc295c 100644
--- a/rally/templates/job-bootstrap.yaml
+++ b/rally/templates/job-bootstrap.yaml
@@ -53,12 +53,16 @@ spec:
command:
- /tmp/bootstrap.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: rally-bin
mountPath: /tmp/bootstrap.sh
subPath: bootstrap.sh
readOnly: true
{{ if $mounts_rally_bootstrap.volumeMounts }}{{ toYaml $mounts_rally_bootstrap.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: rally-bin
configMap:
name: rally-bin
diff --git a/rally/templates/job-ks-endpoints.yaml b/rally/templates/job-ks-endpoints.yaml
index e258734c85..18340ddbfd 100644
--- a/rally/templates/job-ks-endpoints.yaml
+++ b/rally/templates/job-ks-endpoints.yaml
@@ -47,6 +47,8 @@ spec:
command:
- /tmp/ks-endpoints.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
@@ -66,6 +68,8 @@ spec:
{{- end }}
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ks-endpoints-sh
configMap:
name: rally-bin
diff --git a/rally/templates/job-ks-service.yaml b/rally/templates/job-ks-service.yaml
index fa449bda3b..e3385c7ce6 100644
--- a/rally/templates/job-ks-service.yaml
+++ b/rally/templates/job-ks-service.yaml
@@ -46,6 +46,8 @@ spec:
command:
- /tmp/ks-service.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: ks-service-sh
mountPath: /tmp/ks-service.sh
subPath: ks-service.sh
@@ -60,6 +62,8 @@ spec:
value: {{ $osServiceType }}
{{- end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: ks-service-sh
configMap:
name: rally-bin
diff --git a/rally/templates/job-manage-db.yaml b/rally/templates/job-manage-db.yaml
index 7510e6962d..d23036dc05 100644
--- a/rally/templates/job-manage-db.yaml
+++ b/rally/templates/job-manage-db.yaml
@@ -45,6 +45,8 @@ spec:
command:
- /tmp/manage-db.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: rally-bin
mountPath: /tmp/manage-db.sh
subPath: manage-db.sh
@@ -56,6 +58,8 @@ spec:
subPath: rally.conf
readOnly: true
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcrally
emptyDir: {}
- name: rally-etc
diff --git a/rally/templates/job-run-task.yaml b/rally/templates/job-run-task.yaml
index ed147573e2..ff213ce7a1 100644
--- a/rally/templates/job-run-task.yaml
+++ b/rally/templates/job-run-task.yaml
@@ -49,6 +49,8 @@ spec:
- "rally:"
- /var/lib/rally/data
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: rally-reports
mountPath: /var/lib/rally/data
containers:
@@ -64,6 +66,8 @@ spec:
- name: ENABLED_TESTS
value: {{ include "helm-toolkit.utils.joinListWithComma" .Values.enabled_tasks }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: rally-bin
mountPath: /tmp/run-task.sh
subPath: run-task.sh
@@ -83,6 +87,8 @@ spec:
- name: rally-reports
mountPath: /var/lib/rally/data
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etcrally
emptyDir: {}
- name: rally-etc
diff --git a/senlin/templates/cron-job-engine-cleaner.yaml b/senlin/templates/cron-job-engine-cleaner.yaml
index 18883e4338..cede0dbd40 100644
--- a/senlin/templates/cron-job-engine-cleaner.yaml
+++ b/senlin/templates/cron-job-engine-cleaner.yaml
@@ -57,31 +57,35 @@ spec:
command:
- /tmp/senlin-engine-cleaner.sh
volumeMounts:
- - name: senlin-bin
- mountPath: /tmp/senlin-engine-cleaner.sh
- subPath: senlin-engine-cleaner.sh
- readOnly: true
- - name: etcsenlin
- mountPath: /etc/senlin
- - name: senlin-etc
- mountPath: /etc/senlin/senlin.conf
- subPath: senlin.conf
- readOnly: true
- - name: senlin-etc
- mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
- subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
- readOnly: true
-{{ if $mounts_senlin_engine_cleaner.volumeMounts }}{{ toYaml $mounts_senlin_engine_cleaner.volumeMounts | indent 14 }}{{ end }}
+ - name: pod-tmp
+ mountPath: /tmp
+ - name: senlin-bin
+ mountPath: /tmp/senlin-engine-cleaner.sh
+ subPath: senlin-engine-cleaner.sh
+ readOnly: true
+ - name: etcsenlin
+ mountPath: /etc/senlin
+ - name: senlin-etc
+ mountPath: /etc/senlin/senlin.conf
+ subPath: senlin.conf
+ readOnly: true
+ - name: senlin-etc
+ mountPath: {{ .Values.conf.senlin.DEFAULT.log_config_append }}
+ subPath: {{ base .Values.conf.senlin.DEFAULT.log_config_append }}
+ readOnly: true
+{{ if $mounts_senlin_engine_cleaner.volumeMounts }}{{ toYaml $mounts_senlin_engine_cleaner.volumeMounts | indent 16 }}{{ end }}
volumes:
- - name: etcsenlin
- emptyDir: {}
- - name: senlin-etc
- secret:
- secretName: senlin-etc
- defaultMode: 0444
- - name: senlin-bin
- configMap:
- name: senlin-bin
- defaultMode: 0555
-{{ if $mounts_senlin_engine_cleaner.volumes }}{{ toYaml $mounts_senlin_engine_cleaner.volumes | indent 10 }}{{ end }}
+ - name: pod-tmp
+ emptyDir: {}
+ - name: etcsenlin
+ emptyDir: {}
+ - name: senlin-etc
+ secret:
+ secretName: senlin-etc
+ defaultMode: 0444
+ - name: senlin-bin
+ configMap:
+ name: senlin-bin
+ defaultMode: 0555
+{{ if $mounts_senlin_engine_cleaner.volumes }}{{ toYaml $mounts_senlin_engine_cleaner.volumes | indent 12 }}{{ end }}
{{- end }}
diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml
index 0ad2de6980..b0319c0b29 100644
--- a/senlin/templates/deployment-api.yaml
+++ b/senlin/templates/deployment-api.yaml
@@ -80,6 +80,8 @@ spec:
initialDelaySeconds: 15
periodSeconds: 10
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: senlin-bin
mountPath: /tmp/senlin-api.sh
subPath: senlin-api.sh
@@ -106,6 +108,8 @@ spec:
readOnly: true
{{ if $mounts_senlin_api.volumeMounts }}{{ toYaml $mounts_senlin_api.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-senlin
emptyDir: {}
- name: pod-var-cache-senlin
diff --git a/senlin/templates/deployment-engine.yaml b/senlin/templates/deployment-engine.yaml
index 3140398222..0cc6518d9f 100644
--- a/senlin/templates/deployment-engine.yaml
+++ b/senlin/templates/deployment-engine.yaml
@@ -61,6 +61,8 @@ spec:
command:
- /tmp/senlin-engine.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: senlin-bin
mountPath: /tmp/senlin-engine.sh
subPath: senlin-engine.sh
@@ -81,6 +83,8 @@ spec:
readOnly: true
{{ if $mounts_senlin_engine.volumeMounts }}{{ toYaml $mounts_senlin_engine.volumeMounts | indent 12 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: pod-etc-senlin
emptyDir: {}
- name: senlin-bin
diff --git a/senlin/templates/pod-test.yaml b/senlin/templates/pod-test.yaml
index 4ef78029d4..f39276034e 100644
--- a/senlin/templates/pod-test.yaml
+++ b/senlin/templates/pod-test.yaml
@@ -49,12 +49,16 @@ spec:
command:
- /tmp/senlin-test.sh
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: senlin-bin
mountPath: /tmp/senlin-test.sh
subPath: senlin-test.sh
readOnly: true
{{ if $mounts_senlin_tests.volumeMounts }}{{ toYaml $mounts_senlin_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: senlin-bin
configMap:
name: senlin-bin
diff --git a/tempest/templates/job-run-tests.yaml b/tempest/templates/job-run-tests.yaml
index 3f5458a2c0..f2ed054d7a 100644
--- a/tempest/templates/job-run-tests.yaml
+++ b/tempest/templates/job-run-tests.yaml
@@ -50,6 +50,8 @@ spec:
- "root:"
- /var/lib/tempest/data
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: tempest-reports
mountPath: /var/lib/tempest/data
containers:
@@ -63,6 +65,8 @@ spec:
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
volumeMounts:
+ - name: pod-tmp
+ mountPath: /tmp
- name: tempest-bin
mountPath: /tmp/run-tests.sh
subPath: run-tests.sh
@@ -92,6 +96,8 @@ spec:
- name: tempest-reports
mountPath: /var/lib/tempest/data
volumes:
+ - name: pod-tmp
+ emptyDir: {}
- name: etctempest
emptyDir: {}
- name: tempest-etc