Ironic: chart and initial gate scripts
This PS adds a chart, and checks, for OpenStack Ironic. Change-Id: I9632885e5a0ca18e4e425c6b163f73d0d1e5649d
This commit is contained in:
parent
cdaa02ef38
commit
70d010d63a
12
.zuul.yaml
12
.zuul.yaml
@ -45,6 +45,12 @@
|
|||||||
- ^.*\.rst$
|
- ^.*\.rst$
|
||||||
- ^doc/.*$
|
- ^doc/.*$
|
||||||
- ^releasenotes/.*$
|
- ^releasenotes/.*$
|
||||||
|
- openstack-helm-ironic-ubuntu:
|
||||||
|
voting: false
|
||||||
|
irrelevant-files:
|
||||||
|
- ^.*\.rst$
|
||||||
|
- ^doc/.*$
|
||||||
|
- ^releasenotes/.*$
|
||||||
gate:
|
gate:
|
||||||
jobs:
|
jobs:
|
||||||
- openstack-helm-linter:
|
- openstack-helm-linter:
|
||||||
@ -124,3 +130,9 @@
|
|||||||
name: openstack-helm-multinode-fedora
|
name: openstack-helm-multinode-fedora
|
||||||
parent: openstack-helm-multinode
|
parent: openstack-helm-multinode
|
||||||
nodeset: openstack-helm-five-node-fedora
|
nodeset: openstack-helm-five-node-fedora
|
||||||
|
|
||||||
|
- job:
|
||||||
|
name: openstack-helm-ironic-ubuntu
|
||||||
|
parent: openstack-helm-multinode
|
||||||
|
nodeset: openstack-helm-ubuntu
|
||||||
|
run: tools/gate/playbooks/ironic-deploy.yaml
|
||||||
|
25
ironic/Chart.yaml
Normal file
25
ironic/Chart.yaml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
apiVersion: v1
|
||||||
|
description: OpenStack-Helm Ironic
|
||||||
|
name: ironic
|
||||||
|
version: 0.1.0
|
||||||
|
home: https://docs.openstack.org/developer/ironic
|
||||||
|
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Ironic/OpenStack_Project_Ironic_vertical.png
|
||||||
|
sources:
|
||||||
|
- https://git.openstack.org/cgit/openstack/ironic
|
||||||
|
- https://git.openstack.org/cgit/openstack/openstack-helm
|
||||||
|
maintainers:
|
||||||
|
- name: OpenStack-Helm Authors
|
18
ironic/requirements.yaml
Normal file
18
ironic/requirements.yaml
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
- name: helm-toolkit
|
||||||
|
repository: http://localhost:8879/charts
|
||||||
|
version: 0.1.0
|
20
ironic/templates/bin/_bootstrap.sh.tpl
Normal file
20
ironic/templates/bin/_bootstrap.sh.tpl
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
|
21
ironic/templates/bin/_db-sync.sh.tpl
Normal file
21
ironic/templates/bin/_db-sync.sh.tpl
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
ironic-dbsync upgrade
|
31
ironic/templates/bin/_ironic-api.sh.tpl
Normal file
31
ironic/templates/bin/_ironic-api.sh.tpl
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
COMMAND="${@:-start}"
|
||||||
|
|
||||||
|
function start () {
|
||||||
|
exec ironic-api \
|
||||||
|
--config-file /etc/ironic/ironic.conf
|
||||||
|
}
|
||||||
|
|
||||||
|
function stop () {
|
||||||
|
kill -TERM 1
|
||||||
|
}
|
||||||
|
|
||||||
|
$COMMAND
|
39
ironic/templates/bin/_ironic-conductor-http-init.sh.tpl
Normal file
39
ironic/templates/bin/_ironic-conductor-http-init.sh.tpl
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
if [ "x" == "x${PROVISIONER_INTERFACE}" ]; then
|
||||||
|
echo "Provisioner interface is not set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
function net_pxe_addr {
|
||||||
|
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
|
||||||
|
}
|
||||||
|
function net_pxe_ip {
|
||||||
|
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
|
||||||
|
}
|
||||||
|
PXE_IP=$(net_pxe_ip)
|
||||||
|
|
||||||
|
if [ "x" == "x${PXE_IP}" ]; then
|
||||||
|
echo "Could not find IP for pxe to bind to"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
sed "s|OSH_PXE_IP|${PXE_IP}|g" /etc/nginx/nginx.conf > /tmp/pod-shared/nginx.conf
|
23
ironic/templates/bin/_ironic-conductor-http.sh.tpl
Normal file
23
ironic/templates/bin/_ironic-conductor-http.sh.tpl
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
mkdir -p /var/lib/openstack-helm/httpboot
|
||||||
|
cp -v /tmp/pod-shared/nginx.conf /etc/nginx/nginx.conf
|
||||||
|
exec nginx -g 'daemon off;'
|
57
ironic/templates/bin/_ironic-conductor-init.sh.tpl
Normal file
57
ironic/templates/bin/_ironic-conductor-init.sh.tpl
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
if [ "x" == "x${PROVISIONER_INTERFACE}" ]; then
|
||||||
|
echo "Provisioner interface is not set"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
function net_pxe_addr {
|
||||||
|
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
|
||||||
|
}
|
||||||
|
function net_pxe_ip {
|
||||||
|
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
|
||||||
|
}
|
||||||
|
PXE_IP=$(net_pxe_ip)
|
||||||
|
|
||||||
|
if [ "x" == "x${PXE_IP}" ]; then
|
||||||
|
echo "Could not find IP for pxe to bind to"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat <<EOF>/tmp/pod-shared/conductor-local-ip.conf
|
||||||
|
[DEFAULT]
|
||||||
|
|
||||||
|
# IP address of this host. If unset, will determine the IP
|
||||||
|
# programmatically. If unable to do so, will use "127.0.0.1".
|
||||||
|
# (string value)
|
||||||
|
my_ip = ${PXE_IP}
|
||||||
|
|
||||||
|
[pxe]
|
||||||
|
# IP address of ironic-conductor node's TFTP server. (string
|
||||||
|
# value)
|
||||||
|
tftp_server = ${PXE_IP}
|
||||||
|
|
||||||
|
[deploy]
|
||||||
|
# ironic-conductor node's HTTP server URL. Example:
|
||||||
|
# http://192.1.2.3:8080 (string value)
|
||||||
|
# from .deploy.ironic.http_url
|
||||||
|
http_url = http://${PXE_IP}:{{ tuple "baremetal" "internal" "pxe_http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
EOF
|
31
ironic/templates/bin/_ironic-conductor-pxe-init.sh.tpl
Normal file
31
ironic/templates/bin/_ironic-conductor-pxe-init.sh.tpl
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
apt-get update
|
||||||
|
apt-get install ipxe -y
|
||||||
|
|
||||||
|
mkdir -p /var/lib/openstack-helm/tftpboot
|
||||||
|
mkdir -p /var/lib/openstack-helm/tftpboot/master_images
|
||||||
|
|
||||||
|
for FILE in undionly.kpxe ipxe.efi; do
|
||||||
|
if [ -f /usr/lib/ipxe/$FILE ]; then
|
||||||
|
cp -v /usr/lib/ipxe/$FILE /var/lib/openstack-helm/tftpboot
|
||||||
|
fi
|
||||||
|
done
|
39
ironic/templates/bin/_ironic-conductor-pxe.sh.tpl
Normal file
39
ironic/templates/bin/_ironic-conductor-pxe.sh.tpl
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
function net_pxe_addr {
|
||||||
|
ip addr | awk "/inet / && /${PROVISIONER_INTERFACE}/{print \$2; exit }"
|
||||||
|
}
|
||||||
|
function net_pxe_ip {
|
||||||
|
echo $(net_pxe_addr) | awk -F '/' '{ print $1; exit }'
|
||||||
|
}
|
||||||
|
PXE_IP=$(net_pxe_ip)
|
||||||
|
|
||||||
|
if [ "x" == "x${PXE_IP}" ]; then
|
||||||
|
echo "Could not find IP for pxe to bind to"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
ln -s /var/lib/openstack-helm/tftpboot /tftpboot
|
||||||
|
exec /usr/sbin/in.tftpd \
|
||||||
|
--verbose \
|
||||||
|
--foreground \
|
||||||
|
--user root \
|
||||||
|
--address ${PXE_IP}:69 \
|
||||||
|
--map-file /tftp-map-file /tftpboot
|
26
ironic/templates/bin/_ironic-conductor.sh.tpl
Normal file
26
ironic/templates/bin/_ironic-conductor.sh.tpl
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
mkdir -p /var/lib/openstack-helm/ironic/images
|
||||||
|
mkdir -p /var/lib/openstack-helm/ironic/master_images
|
||||||
|
|
||||||
|
exec ironic-conductor \
|
||||||
|
--config-file /etc/ironic/ironic.conf \
|
||||||
|
--config-file /tmp/pod-shared/conductor-local-ip.conf
|
53
ironic/templates/configmap-bin.yaml
Normal file
53
ironic/templates/configmap-bin.yaml
Normal file
@ -0,0 +1,53 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.configmap_bin }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: ironic-bin
|
||||||
|
data:
|
||||||
|
{{- if .Values.bootstrap.enabled }}
|
||||||
|
bootstrap.sh: |+
|
||||||
|
{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
db-init.py: |
|
||||||
|
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
|
||||||
|
db-sync.sh: |
|
||||||
|
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ks-service.sh: |+
|
||||||
|
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
|
||||||
|
ks-endpoints.sh: |+
|
||||||
|
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
|
||||||
|
ks-user.sh: |+
|
||||||
|
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
|
||||||
|
ironic-api.sh: |
|
||||||
|
{{ tuple "bin/_ironic-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor-init.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor-pxe.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor-pxe.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor-pxe-init.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor-pxe-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor-http.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor-http.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
ironic-conductor-http-init.sh: |
|
||||||
|
{{ tuple "bin/_ironic-conductor-http-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
212
ironic/templates/configmap-etc.yaml
Normal file
212
ironic/templates/configmap-etc.yaml
Normal file
@ -0,0 +1,212 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.configmap_etc }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.auth_uri -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.keystone_authtoken "auth_uri" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.keystone_authtoken "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.region_name -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "region_name" .Values.endpoints.identity.auth.ironic.region_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.username -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.password -}}
|
||||||
|
{{- set .Values.conf.ironic.keystone_authtoken "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.keystone_authtoken.memcached_servers -}}
|
||||||
|
{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ironic.keystone_authtoken "memcached_servers" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.database.connection -}}
|
||||||
|
{{- tuple "oslo_db" "internal" "ironic" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ironic.database "connection" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.DEFAULT.transport_url -}}
|
||||||
|
{{- tuple "oslo_messaging" "internal" "ironic" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ironic.DEFAULT "transport_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.glance.glance_host -}}
|
||||||
|
{{- tuple "image" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup"| set .Values.conf.ironic.glance "glance_host" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.glance_port -}}
|
||||||
|
{{- tuple "image" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup"| set .Values.conf.ironic.glance "glance_port" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.glance.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.glance "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.username -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.glance.password -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.inspector "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.inspector "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.inspector "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.inspector "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.username -}}
|
||||||
|
{{- set .Values.conf.ironic.inspector "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.inspector.password -}}
|
||||||
|
{{- set .Values.conf.ironic.inspector "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.url -}}
|
||||||
|
{{- tuple "network" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.neutron "url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.neutron "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.neutron "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.neutron "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.neutron "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.username -}}
|
||||||
|
{{- set .Values.conf.ironic.neutron "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.neutron.password -}}
|
||||||
|
{{- set .Values.conf.ironic.neutron "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.service_catalog "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.service_catalog "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.service_catalog "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.service_catalog "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.username -}}
|
||||||
|
{{- set .Values.conf.ironic.service_catalog "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.service_catalog.password -}}
|
||||||
|
{{- set .Values.conf.ironic.service_catalog "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.swift.auth_url -}}
|
||||||
|
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.swift "auth_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.swift.project_name -}}
|
||||||
|
{{- set .Values.conf.ironic.swift "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.swift.project_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.swift "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.swift.user_domain_name -}}
|
||||||
|
{{- set .Values.conf.ironic.swift "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.swift.username -}}
|
||||||
|
{{- set .Values.conf.ironic.swift "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- if empty .Values.conf.ironic.swift.password -}}
|
||||||
|
{{- set .Values.conf.ironic.swift "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.conductor.api_url -}}
|
||||||
|
{{- tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.conductor "api_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.api.public_endpoint -}}
|
||||||
|
{{- tuple "baremetal" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.ironic.api "public_endpoint" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.glance.swift_endpoint_url -}}
|
||||||
|
{{- tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| trimSuffix .Values.endpoints.ceph_object_store.path.default | set .Values.conf.ironic.glance "swift_endpoint_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.glance.swift_temp_url_key -}}
|
||||||
|
{{- set .Values.conf.ironic.glance "swift_temp_url_key" .Values.endpoints.ceph_object_store.auth.glance.tmpurlkey | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.ironic.api.port -}}
|
||||||
|
{{- set .Values.conf.ironic.api "port" (tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup") | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: ironic-etc
|
||||||
|
data:
|
||||||
|
ironic.conf: |+
|
||||||
|
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | indent 4 }}
|
||||||
|
policy.json: |+
|
||||||
|
{{ toJson .Values.conf.policy | indent 4 }}
|
||||||
|
tftp-map-file: |+
|
||||||
|
{{ if .Values.conf.tftp_map_file.override -}}
|
||||||
|
{{ .Values.conf.tftp_map_file.override | indent 4 }}
|
||||||
|
{{- else -}}
|
||||||
|
{{ tuple "etc/_tftp-map-file.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.conf.tftp_map_file.append -}}
|
||||||
|
{{ .Values.conf.tftp_map_file.append | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
nginx.conf: |+
|
||||||
|
{{ if .Values.conf.nginx.override -}}
|
||||||
|
{{ .Values.conf.nginx.override | indent 4 }}
|
||||||
|
{{- else -}}
|
||||||
|
{{ tuple "etc/_nginx.conf.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.conf.nginx.append -}}
|
||||||
|
{{ .Values.conf.nginx.append | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
93
ironic/templates/deployment-api.yaml
Normal file
93
ironic/templates/deployment-api.yaml
Normal file
@ -0,0 +1,93 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.deployment_api }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.api }}
|
||||||
|
|
||||||
|
{{- $mounts_ironic_api := .Values.pod.mounts.ironic_api.ironic_api }}
|
||||||
|
{{- $mounts_ironic_api_init := .Values.pod.mounts.ironic_api.init_container }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-api" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1beta1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: ironic-api
|
||||||
|
spec:
|
||||||
|
replicas: {{ .Values.pod.replicas.api }}
|
||||||
|
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
annotations:
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
affinity:
|
||||||
|
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $mounts_ironic_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ironic-api
|
||||||
|
image: {{ .Values.images.tags.ironic_api }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-api.sh
|
||||||
|
- start
|
||||||
|
lifecycle:
|
||||||
|
preStop:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-api.sh
|
||||||
|
- stop
|
||||||
|
ports:
|
||||||
|
- containerPort: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
readinessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-api.sh
|
||||||
|
subPath: ironic-api.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/ironic.conf
|
||||||
|
subPath: ironic.conf
|
||||||
|
readOnly: true
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/policy.json
|
||||||
|
subPath: policy.json
|
||||||
|
readOnly: true
|
||||||
|
{{- if $mounts_ironic_api.volumeMounts }}{{ toYaml $mounts_ironic_api.volumeMounts | indent 12 }}{{ end }}
|
||||||
|
volumes:
|
||||||
|
- name: ironic-bin
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: ironic-etc
|
||||||
|
configMap:
|
||||||
|
name: ironic-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
{{- if $mounts_ironic_api.volumes }}{{ toYaml $mounts_ironic_api.volumes | indent 8 }}{{ end }}
|
||||||
|
{{- end }}
|
41
ironic/templates/etc/_nginx.conf.tpl
Normal file
41
ironic/templates/etc/_nginx.conf.tpl
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
user nginx;
|
||||||
|
worker_processes 1;
|
||||||
|
|
||||||
|
error_log /var/log/nginx/error.log warn;
|
||||||
|
pid /var/run/nginx.pid;
|
||||||
|
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
http {
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/access.log main;
|
||||||
|
|
||||||
|
sendfile on;
|
||||||
|
#tcp_nopush on;
|
||||||
|
|
||||||
|
keepalive_timeout 65;
|
||||||
|
|
||||||
|
#gzip on;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen OSH_PXE_IP:{{ tuple "baremetal" "internal" "pxe_http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }};
|
||||||
|
server_name localhost;
|
||||||
|
|
||||||
|
#charset koi8-r;
|
||||||
|
#access_log /var/log/nginx/host.access.log main;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
root /var/lib/openstack-helm/httpboot;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
4
ironic/templates/etc/_tftp-map-file.tpl
Normal file
4
ironic/templates/etc/_tftp-map-file.tpl
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
re ^(/tftpboot/) /tftpboot/\2
|
||||||
|
re ^/tftpboot/ /tftpboot/
|
||||||
|
re ^(^/) /tftpboot/\1
|
||||||
|
re ^([^/]) /tftpboot/\1
|
57
ironic/templates/ingress-api.yaml
Normal file
57
ironic/templates/ingress-api.yaml
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $backendServiceType := "baremetal" }}
|
||||||
|
{{- $backendPort := "m-api" }}
|
||||||
|
{{- $ingressName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
{{- $backendName := tuple $backendServiceType "internal" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
{{- $hostName := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
{{- $hostNameNamespaced := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
|
||||||
|
{{- $hostNameFull := tuple $backendServiceType "public" $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }}
|
||||||
|
---
|
||||||
|
apiVersion: extensions/v1beta1
|
||||||
|
kind: Ingress
|
||||||
|
metadata:
|
||||||
|
name: {{ $ingressName }}
|
||||||
|
annotations:
|
||||||
|
kubernetes.io/ingress.class: "nginx"
|
||||||
|
ingress.kubernetes.io/rewrite-target: /
|
||||||
|
spec:
|
||||||
|
rules:
|
||||||
|
{{ if ne $hostNameNamespaced $hostNameFull }}
|
||||||
|
{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced $hostNameFull }}
|
||||||
|
- host: {{ $vHost }}
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: {{ $backendName }}
|
||||||
|
servicePort: {{ $backendPort }}
|
||||||
|
{{- end }}
|
||||||
|
{{- else }}
|
||||||
|
{{- range $key1, $vHost := tuple $hostName $hostNameNamespaced }}
|
||||||
|
- host: {{ $vHost }}
|
||||||
|
http:
|
||||||
|
paths:
|
||||||
|
- path: /
|
||||||
|
backend:
|
||||||
|
serviceName: {{ $backendName }}
|
||||||
|
servicePort: {{ $backendPort }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
66
ironic/templates/job-bootstrap.yaml
Normal file
66
ironic/templates/job-bootstrap.yaml
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.bootstrap }}
|
||||||
|
|
||||||
|
{{- $mounts_ironic_bootstrap := .Values.pod.mounts.ironic_bootstrap.ironic_bootstrap }}
|
||||||
|
{{- $mounts_ironic_bootstrap_init := .Values.pod.mounts.ironic_bootstrap.init_container }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-bootstrap" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-bootstrap
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $mounts_ironic_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ironic-bootstrap
|
||||||
|
image: {{ .Values.images.tags.bootstrap }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
command:
|
||||||
|
- /tmp/bootstrap.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/bootstrap.sh
|
||||||
|
subPath: bootstrap.sh
|
||||||
|
readOnly: true
|
||||||
|
{{- if $mounts_ironic_bootstrap.volumeMounts }}{{ toYaml $mounts_ironic_bootstrap.volumeMounts | indent 10 }}{{ end }}
|
||||||
|
volumes:
|
||||||
|
- name: ironic-bin
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- if $mounts_ironic_bootstrap.volumes }}{{ toYaml $mounts_ironic_bootstrap.volumes | indent 6 }}{{ end }}
|
||||||
|
{{- end }}
|
81
ironic/templates/job-db-init.yaml
Normal file
81
ironic/templates/job-db-init.yaml
Normal file
@ -0,0 +1,81 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.job_db_init }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.db_init }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-db-init" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-db-init
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ironic-db-init
|
||||||
|
image: {{ .Values.images.tags.db_init | quote }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
- name: ROOT_DB_CONNECTION
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.oslo_db.admin }}
|
||||||
|
key: DB_CONNECTION
|
||||||
|
- name: OPENSTACK_CONFIG_FILE
|
||||||
|
value: /etc/ironic/ironic.conf
|
||||||
|
- name: OPENSTACK_CONFIG_DB_SECTION
|
||||||
|
value: database
|
||||||
|
- name: OPENSTACK_CONFIG_DB_KEY
|
||||||
|
value: connection
|
||||||
|
command:
|
||||||
|
- /tmp/db-init.py
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/db-init.py
|
||||||
|
subPath: db-init.py
|
||||||
|
readOnly: true
|
||||||
|
- name: etcironic
|
||||||
|
mountPath: /etc/ironic
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/ironic.conf
|
||||||
|
subPath: ironic.conf
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: etcironic
|
||||||
|
emptyDir: {}
|
||||||
|
- name: ironic-etc
|
||||||
|
configMap:
|
||||||
|
name: ironic-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
- name: ironic-bin
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- end }}
|
69
ironic/templates/job-db-sync.yaml
Normal file
69
ironic/templates/job-db-sync.yaml
Normal file
@ -0,0 +1,69 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.job_db_sync }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.db_sync }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-db-sync" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-db-sync
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ironic-db-sync
|
||||||
|
image: {{ .Values.images.tags.ironic_db_sync }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/db-sync.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/db-sync.sh
|
||||||
|
subPath: db-sync.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: etcironic
|
||||||
|
mountPath: /etc/ironic
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/ironic.conf
|
||||||
|
subPath: ironic.conf
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: etcironic
|
||||||
|
emptyDir: {}
|
||||||
|
- name: ironic-etc
|
||||||
|
configMap:
|
||||||
|
name: ironic-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
- name: ironic-bin
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- end }}
|
73
ironic/templates/job-ks-endpoints.yaml
Normal file
73
ironic/templates/job-ks-endpoints.yaml
Normal file
@ -0,0 +1,73 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.job_ks_endpoints }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.ks_endpoints }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-ks-endpoints" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-ks-endpoints
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
{{- range $key1, $osServiceType := tuple "baremetal" }}
|
||||||
|
{{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }}
|
||||||
|
- name: {{ $osServiceType }}-ks-endpoints-{{ $osServiceEndPoint }}
|
||||||
|
image: {{ $envAll.Values.images.tags.ks_endpoints }}
|
||||||
|
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ks-endpoints.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ks-endpoints-sh
|
||||||
|
mountPath: /tmp/ks-endpoints.sh
|
||||||
|
subPath: ks-endpoints.sh
|
||||||
|
readOnly: true
|
||||||
|
env:
|
||||||
|
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
- name: OS_SVC_ENDPOINT
|
||||||
|
value: {{ $osServiceEndPoint }}
|
||||||
|
- name: OS_SERVICE_NAME
|
||||||
|
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
|
||||||
|
- name: OS_SERVICE_TYPE
|
||||||
|
value: {{ $osServiceType }}
|
||||||
|
- name: OS_SERVICE_ENDPOINT
|
||||||
|
value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
volumes:
|
||||||
|
- name: ks-endpoints-sh
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- end }}
|
67
ironic/templates/job-ks-service.yaml
Normal file
67
ironic/templates/job-ks-service.yaml
Normal file
@ -0,0 +1,67 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.job_ks_service }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.ks_service }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-ks-service" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-ks-service
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "ks-service" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
{{- range $key1, $osServiceType := tuple "baremetal" }}
|
||||||
|
- name: {{ $osServiceType }}-ks-service-registration
|
||||||
|
image: {{ $envAll.Values.images.tags.ks_service }}
|
||||||
|
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ks-service.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ks-service-sh
|
||||||
|
mountPath: /tmp/ks-service.sh
|
||||||
|
subPath: ks-service.sh
|
||||||
|
readOnly: true
|
||||||
|
env:
|
||||||
|
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
- name: OS_SERVICE_NAME
|
||||||
|
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
|
||||||
|
- name: OS_SERVICE_TYPE
|
||||||
|
value: {{ $osServiceType }}
|
||||||
|
{{- end }}
|
||||||
|
volumes:
|
||||||
|
- name: ks-service-sh
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- end }}
|
68
ironic/templates/job-ks-user.yaml
Normal file
68
ironic/templates/job-ks-user.yaml
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.job_ks_user }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.ks_user }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-ks-user" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: ironic-ks-user
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "ks-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: ironic-ks-user
|
||||||
|
image: {{ .Values.images.tags.ks_user }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ks-user.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ks-user-sh
|
||||||
|
mountPath: /tmp/ks-user.sh
|
||||||
|
subPath: ks-user.sh
|
||||||
|
readOnly: true
|
||||||
|
env:
|
||||||
|
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
- name: SERVICE_OS_SERVICE_NAME
|
||||||
|
value: "ironic"
|
||||||
|
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
- name: SERVICE_OS_ROLE
|
||||||
|
value: {{ .Values.endpoints.identity.auth.ironic.role | quote }}
|
||||||
|
volumes:
|
||||||
|
- name: ks-user-sh
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
{{- end }}
|
29
ironic/templates/pdb-api.yaml
Normal file
29
ironic/templates/pdb-api.yaml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.pdb_api }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: policy/v1beta1
|
||||||
|
kind: PodDisruptionBudget
|
||||||
|
metadata:
|
||||||
|
name: ironic-api
|
||||||
|
spec:
|
||||||
|
minAvailable: {{ .Values.pod.lifecycle.disruption_budget.api.min_available }}
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||||
|
{{- end }}
|
30
ironic/templates/secret-db.yaml
Normal file
30
ironic/templates/secret-db.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.secret_db }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- range $key1, $userClass := tuple "admin" "ironic" }}
|
||||||
|
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: {{ $secretName }}
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
30
ironic/templates/secret-keystone.yaml
Normal file
30
ironic/templates/secret-keystone.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.secret_keystone }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- range $key1, $userClass := tuple "admin" "ironic" }}
|
||||||
|
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: {{ $secretName }}
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
36
ironic/templates/service-api.yaml
Normal file
36
ironic/templates/service-api.yaml
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.service_api }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: {{ tuple "baremetal" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: m-api
|
||||||
|
port: {{ tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||||
|
{{ if .Values.network.api.node_port.enabled }}
|
||||||
|
nodePort: {{ .Values.network.api.node_port.port }}
|
||||||
|
{{ end }}
|
||||||
|
selector:
|
||||||
|
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||||
|
{{ if .Values.network.api.node_port.enabled }}
|
||||||
|
type: NodePort
|
||||||
|
{{ end }}
|
||||||
|
{{- end }}
|
30
ironic/templates/service-ingress-api.yaml
Normal file
30
ironic/templates/service-ingress-api.yaml
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.service_ingress_api .Values.network.api.ingress.public }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: {{ tuple "baremetal" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
port: 80
|
||||||
|
selector:
|
||||||
|
app: ingress-api
|
||||||
|
{{- end }}
|
203
ironic/templates/statefulset-conductor.yaml
Normal file
203
ironic/templates/statefulset-conductor.yaml
Normal file
@ -0,0 +1,203 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if .Values.manifests.statefulset_conductor }}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.conductor }}
|
||||||
|
|
||||||
|
{{- $mounts_ironic_conductor := .Values.pod.mounts.ironic_conductor.ironic_conductor }}
|
||||||
|
{{- $mounts_ironic_conductor_init := .Values.pod.mounts.ironic_conductor.init_container }}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := "ironic-conductor" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1beta1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: ironic-conductor
|
||||||
|
spec:
|
||||||
|
serviceName: ironic-conductor
|
||||||
|
replicas: {{ .Values.pod.replicas.conductor }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
affinity:
|
||||||
|
{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||||
|
securityContext:
|
||||||
|
runAsUser: 0
|
||||||
|
hostNetwork: True
|
||||||
|
hostIPC: True
|
||||||
|
dnsPolicy: ClusterFirstWithHostNet
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $mounts_ironic_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
- name: ironic-conductor-pxe-init
|
||||||
|
image: {{ .Values.images.tags.ironic_pxe_init }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor-pxe-init.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor-pxe-init.sh
|
||||||
|
subPath: ironic-conductor-pxe-init.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-data
|
||||||
|
mountPath: /var/lib/openstack-helm
|
||||||
|
- name: ironic-conductor-init
|
||||||
|
image: {{ .Values.images.tags.ironic_conductor }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
- name: PROVISIONER_INTERFACE
|
||||||
|
value: {{ .Values.network.interface.provisioner }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor-init.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor-init.sh
|
||||||
|
subPath: ironic-conductor-init.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-shared
|
||||||
|
mountPath: /tmp/pod-shared
|
||||||
|
- name: ironic-conductor-http-init
|
||||||
|
image: {{ .Values.images.tags.ironic_conductor }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
- name: PROVISIONER_INTERFACE
|
||||||
|
value: {{ .Values.network.interface.provisioner }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor-http-init.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor-http-init.sh
|
||||||
|
subPath: ironic-conductor-http-init.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/nginx/nginx.conf
|
||||||
|
subPath: nginx.conf
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-shared
|
||||||
|
mountPath: /tmp/pod-shared
|
||||||
|
containers:
|
||||||
|
- name: ironic-conductor
|
||||||
|
image: {{ .Values.images.tags.ironic_conductor }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor.sh
|
||||||
|
subPath: ironic-conductor.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-shared
|
||||||
|
mountPath: /tmp/pod-shared
|
||||||
|
- name: pod-var-cache-ironic
|
||||||
|
mountPath: /var/cache/ironic
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/ironic.conf
|
||||||
|
subPath: ironic.conf
|
||||||
|
readOnly: true
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /etc/ironic/policy.json
|
||||||
|
subPath: policy.json
|
||||||
|
readOnly: true
|
||||||
|
- name: host-var-lib-ironic
|
||||||
|
mountPath: /var/lib/ironic
|
||||||
|
- name: host-run
|
||||||
|
mountPath: /var/run
|
||||||
|
- name: host-dev
|
||||||
|
mountPath: /dev
|
||||||
|
- name: host-sys
|
||||||
|
mountPath: /sys
|
||||||
|
- name: pod-data
|
||||||
|
mountPath: /var/lib/openstack-helm
|
||||||
|
- name: ironic-conductor-pxe
|
||||||
|
image: {{ .Values.images.tags.ironic_pxe }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
env:
|
||||||
|
- name: PROVISIONER_INTERFACE
|
||||||
|
value: {{ .Values.network.interface.provisioner }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor-pxe.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor-pxe.sh
|
||||||
|
subPath: ironic-conductor-pxe.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: ironic-etc
|
||||||
|
mountPath: /tftp-map-file
|
||||||
|
subPath: tftp-map-file
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-data
|
||||||
|
mountPath: /var/lib/openstack-helm
|
||||||
|
- name: ironic-conductor-http
|
||||||
|
image: {{ .Values.images.tags.ironic_pxe_http }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/ironic-conductor-http.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: ironic-bin
|
||||||
|
mountPath: /tmp/ironic-conductor-http.sh
|
||||||
|
subPath: ironic-conductor-http.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-shared
|
||||||
|
mountPath: /tmp/pod-shared
|
||||||
|
readOnly: true
|
||||||
|
- name: pod-data
|
||||||
|
mountPath: /var/lib/openstack-helm
|
||||||
|
{{- if $mounts_ironic_conductor.volumeMounts }}{{ toYaml $mounts_ironic_conductor.volumeMounts | indent 12 }}{{ end }}
|
||||||
|
volumes:
|
||||||
|
- name: pod-shared
|
||||||
|
emptyDir: {}
|
||||||
|
- name: pod-var-cache-ironic
|
||||||
|
emptyDir: {}
|
||||||
|
- name: ironic-bin
|
||||||
|
configMap:
|
||||||
|
name: ironic-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: ironic-etc
|
||||||
|
configMap:
|
||||||
|
name: ironic-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
- name: host-var-lib-ironic
|
||||||
|
hostPath:
|
||||||
|
path: /var/lib/ironic
|
||||||
|
- name: host-run
|
||||||
|
hostPath:
|
||||||
|
path: /var/run
|
||||||
|
- name: host-dev
|
||||||
|
hostPath:
|
||||||
|
path: /dev
|
||||||
|
- name: host-sys
|
||||||
|
hostPath:
|
||||||
|
path: /sys
|
||||||
|
- name: pod-data
|
||||||
|
emptyDir: {}
|
||||||
|
{{- if $mounts_ironic_conductor.volumes }}{{ toYaml $mounts_ironic_conductor.volumes | indent 8 }}{{ end }}
|
||||||
|
{{- end }}
|
459
ironic/values.yaml
Normal file
459
ironic/values.yaml
Normal file
@ -0,0 +1,459 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Default values for keystone.
|
||||||
|
# This is a YAML-formatted file.
|
||||||
|
# Declare name/value pairs to be passed into your templates.
|
||||||
|
# name: value
|
||||||
|
|
||||||
|
labels:
|
||||||
|
node_selector_key: openstack-control-plane
|
||||||
|
node_selector_value: enabled
|
||||||
|
|
||||||
|
images:
|
||||||
|
tags:
|
||||||
|
bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||||
|
db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||||
|
ironic_db_sync: docker.io/kolla/ubuntu-source-ironic-api:3.0.3
|
||||||
|
ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||||
|
ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||||
|
ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||||
|
ironic_api: docker.io/kolla/ubuntu-source-ironic-api:3.0.3
|
||||||
|
ironic_conductor: docker.io/kolla/ubuntu-source-ironic-conductor:3.0.3
|
||||||
|
ironic_pxe: docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3
|
||||||
|
ironic_pxe_init: docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3
|
||||||
|
ironic_pxe_http: docker.io/nginx:1.13.3
|
||||||
|
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
||||||
|
pull_policy: "IfNotPresent"
|
||||||
|
|
||||||
|
conf:
|
||||||
|
paste:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
policy: {}
|
||||||
|
tftp_map_file:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
nginx:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
ironic:
|
||||||
|
DEFAULT:
|
||||||
|
enabled_drivers: agent_ipmitool
|
||||||
|
api:
|
||||||
|
port: null
|
||||||
|
conductor:
|
||||||
|
api_url: null
|
||||||
|
database:
|
||||||
|
connection: null
|
||||||
|
deploy:
|
||||||
|
http_root: /var/lib/openstack-helm/httpboot
|
||||||
|
glance:
|
||||||
|
auth_type: password
|
||||||
|
swift_temp_url_duration: 86400
|
||||||
|
temp_url_endpoint_type: radosgw
|
||||||
|
inspector:
|
||||||
|
auth_type: password
|
||||||
|
keystone_authtoken:
|
||||||
|
auth_type: password
|
||||||
|
auth_version: v3
|
||||||
|
neutron:
|
||||||
|
auth_type: password
|
||||||
|
cleaning_network_uuid: null
|
||||||
|
pxe:
|
||||||
|
pxe_append_params: "nofb nomodeset vga=normal ipa-debug=1"
|
||||||
|
images_path: /var/lib/openstack-helm/ironic/images
|
||||||
|
instance_master_path: /var/lib/openstack-helm/ironic/master_images
|
||||||
|
pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
|
||||||
|
uefi_pxe_config_template: $pybasedir/drivers/modules/ipxe_config.template
|
||||||
|
tftp_root: /var/lib/openstack-helm/tftpboot
|
||||||
|
tftp_master_path: /var/lib/openstack-helm/tftpboot/master_images
|
||||||
|
pxe_bootfile_name: undionly.kpxe
|
||||||
|
uefi_pxe_bootfile_name: ipxe.efi
|
||||||
|
ipxe_enabled: true
|
||||||
|
service_catalog:
|
||||||
|
auth_type: password
|
||||||
|
swift:
|
||||||
|
auth_url: null
|
||||||
|
|
||||||
|
network:
|
||||||
|
interface:
|
||||||
|
provisioner: null
|
||||||
|
api:
|
||||||
|
ingress:
|
||||||
|
public: true
|
||||||
|
node_port:
|
||||||
|
enabled: false
|
||||||
|
port: 30511
|
||||||
|
|
||||||
|
bootstrap:
|
||||||
|
enabled: true
|
||||||
|
script: |
|
||||||
|
RELEASE="newton"
|
||||||
|
IMAGE_URL_BASE="http://tarballs.openstack.org/ironic-python-agent/tinyipa/files"
|
||||||
|
IMAGE_INITRAMFS="ironic-agent.initramfs"
|
||||||
|
IMAGE_INITRAMFS_URL="${IMAGE_URL_BASE}/tinyipa-stable-${RELEASE}.gz"
|
||||||
|
IMAGE_KERNEL="ironic-agent.kernel"
|
||||||
|
IMAGE_KERNEL_URL="${IMAGE_URL_BASE}/tinyipa-stable-${RELEASE}.vmlinuz"
|
||||||
|
openstack image show ${IMAGE_INITRAMFS} || (
|
||||||
|
IMAGE_LOC=$(mktemp)
|
||||||
|
curl -L ${IMAGE_INITRAMFS_URL} -o ${IMAGE_LOC}
|
||||||
|
openstack image create \
|
||||||
|
--file ${IMAGE_LOC} \
|
||||||
|
--disk-format ari \
|
||||||
|
--container-format ari \
|
||||||
|
--public \
|
||||||
|
${IMAGE_INITRAMFS}
|
||||||
|
rm -f ${IMAGE_LOC}
|
||||||
|
)
|
||||||
|
openstack image show ${IMAGE_KERNEL} || (
|
||||||
|
IMAGE_LOC=$(mktemp)
|
||||||
|
curl -L ${IMAGE_KERNEL_URL} -o ${IMAGE_LOC}
|
||||||
|
openstack image create \
|
||||||
|
--file ${IMAGE_LOC} \
|
||||||
|
--disk-format aki \
|
||||||
|
--container-format aki \
|
||||||
|
--public \
|
||||||
|
${IMAGE_KERNEL}
|
||||||
|
rm -f ${IMAGE_LOC}
|
||||||
|
)
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
db_init:
|
||||||
|
services:
|
||||||
|
- service: oslo_db
|
||||||
|
endpoint: internal
|
||||||
|
db_sync:
|
||||||
|
jobs:
|
||||||
|
- ironic-db-init
|
||||||
|
services:
|
||||||
|
- service: oslo_db
|
||||||
|
endpoint: internal
|
||||||
|
ks_user:
|
||||||
|
services:
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
ks_service:
|
||||||
|
services:
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
ks_endpoints:
|
||||||
|
jobs:
|
||||||
|
- ironic-ks-service
|
||||||
|
services:
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
bootstrap:
|
||||||
|
jobs:
|
||||||
|
- ironic-db-sync
|
||||||
|
- ironic-ks-user
|
||||||
|
- ironic-ks-endpoints
|
||||||
|
services:
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
- service: image
|
||||||
|
endpoint: internal
|
||||||
|
- service: baremetal
|
||||||
|
endpoint: internal
|
||||||
|
api:
|
||||||
|
jobs:
|
||||||
|
- ironic-db-sync
|
||||||
|
- ironic-ks-user
|
||||||
|
- ironic-ks-endpoints
|
||||||
|
services:
|
||||||
|
- service: oslo_db
|
||||||
|
endpoint: internal
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
conductor:
|
||||||
|
jobs:
|
||||||
|
- ironic-db-sync
|
||||||
|
- ironic-ks-user
|
||||||
|
- ironic-ks-endpoints
|
||||||
|
services:
|
||||||
|
- service: oslo_db
|
||||||
|
endpoint: internal
|
||||||
|
- service: identity
|
||||||
|
endpoint: internal
|
||||||
|
- service: baremetal
|
||||||
|
endpoint: internal
|
||||||
|
|
||||||
|
# Names of secrets used by bootstrap and environmental checks
|
||||||
|
secrets:
|
||||||
|
identity:
|
||||||
|
admin: ironic-keystone-admin
|
||||||
|
ironic: ironic-keystone-user
|
||||||
|
oslo_db:
|
||||||
|
admin: ironic-db-admin
|
||||||
|
ironic: ironic-db-user
|
||||||
|
|
||||||
|
# typically overriden by environmental
|
||||||
|
# values, but should include all endpoints
|
||||||
|
# required by this chart
|
||||||
|
endpoints:
|
||||||
|
cluster_domain_suffix: cluster.local
|
||||||
|
identity:
|
||||||
|
name: keystone
|
||||||
|
auth:
|
||||||
|
admin:
|
||||||
|
region_name: RegionOne
|
||||||
|
username: admin
|
||||||
|
password: password
|
||||||
|
project_name: admin
|
||||||
|
user_domain_name: default
|
||||||
|
project_domain_name: default
|
||||||
|
ironic:
|
||||||
|
role: admin
|
||||||
|
region_name: RegionOne
|
||||||
|
username: ironic
|
||||||
|
password: password
|
||||||
|
project_name: service
|
||||||
|
user_domain_name: default
|
||||||
|
project_domain_name: default
|
||||||
|
hosts:
|
||||||
|
default: keystone-api
|
||||||
|
public: keystone
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path:
|
||||||
|
default: /v3
|
||||||
|
scheme:
|
||||||
|
default: http
|
||||||
|
port:
|
||||||
|
admin:
|
||||||
|
default: 35357
|
||||||
|
api:
|
||||||
|
default: 80
|
||||||
|
baremetal:
|
||||||
|
name: ironic
|
||||||
|
hosts:
|
||||||
|
default: ironic-api
|
||||||
|
public: ironic
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path:
|
||||||
|
default: null
|
||||||
|
scheme:
|
||||||
|
default: http
|
||||||
|
port:
|
||||||
|
api:
|
||||||
|
default: 6385
|
||||||
|
public: 80
|
||||||
|
pxe_http:
|
||||||
|
default: 8080
|
||||||
|
image:
|
||||||
|
name: glance
|
||||||
|
hosts:
|
||||||
|
default: glance-api
|
||||||
|
public: glance
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path:
|
||||||
|
default: null
|
||||||
|
scheme:
|
||||||
|
default: http
|
||||||
|
port:
|
||||||
|
api:
|
||||||
|
default: 9292
|
||||||
|
public: 80
|
||||||
|
ceph_object_store:
|
||||||
|
name: radosgw
|
||||||
|
namespace: ceph
|
||||||
|
auth:
|
||||||
|
glance:
|
||||||
|
tmpurlkey: supersecret
|
||||||
|
hosts:
|
||||||
|
default: ceph-rgw
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path:
|
||||||
|
default: /auth/v1.0
|
||||||
|
scheme:
|
||||||
|
default: http
|
||||||
|
port:
|
||||||
|
api:
|
||||||
|
default: 8088
|
||||||
|
oslo_db:
|
||||||
|
auth:
|
||||||
|
admin:
|
||||||
|
username: root
|
||||||
|
password: password
|
||||||
|
ironic:
|
||||||
|
username: ironic
|
||||||
|
password: password
|
||||||
|
hosts:
|
||||||
|
default: mariadb
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path: /ironic
|
||||||
|
scheme: mysql+pymysql
|
||||||
|
port:
|
||||||
|
mysql:
|
||||||
|
default: 3306
|
||||||
|
oslo_cache:
|
||||||
|
hosts:
|
||||||
|
default: memcached
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
port:
|
||||||
|
memcache:
|
||||||
|
default: 11211
|
||||||
|
oslo_messaging:
|
||||||
|
auth:
|
||||||
|
ironic:
|
||||||
|
username: rabbitmq
|
||||||
|
password: password
|
||||||
|
hosts:
|
||||||
|
default: rabbitmq
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path: /
|
||||||
|
scheme: rabbit
|
||||||
|
port:
|
||||||
|
amqp:
|
||||||
|
default: 5672
|
||||||
|
network:
|
||||||
|
name: neutron
|
||||||
|
hosts:
|
||||||
|
default: neutron-server
|
||||||
|
public: neutron
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
path:
|
||||||
|
default: null
|
||||||
|
scheme:
|
||||||
|
default: 'http'
|
||||||
|
port:
|
||||||
|
api:
|
||||||
|
default: 9696
|
||||||
|
public: 80
|
||||||
|
|
||||||
|
pod:
|
||||||
|
affinity:
|
||||||
|
anti:
|
||||||
|
type:
|
||||||
|
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||||
|
topologyKey:
|
||||||
|
default: kubernetes.io/hostname
|
||||||
|
mounts:
|
||||||
|
ironic_api:
|
||||||
|
init_container: null
|
||||||
|
ironic_api:
|
||||||
|
ironic_conductor:
|
||||||
|
init_container: null
|
||||||
|
ironic_conductor:
|
||||||
|
ironic_bootstrap:
|
||||||
|
init_container: null
|
||||||
|
ironic_bootstrap:
|
||||||
|
replicas:
|
||||||
|
api: 1
|
||||||
|
conductor: 1
|
||||||
|
lifecycle:
|
||||||
|
upgrades:
|
||||||
|
deployments:
|
||||||
|
revision_history: 3
|
||||||
|
pod_replacement_strategy: RollingUpdate
|
||||||
|
rolling_update:
|
||||||
|
max_unavailable: 1
|
||||||
|
max_surge: 3
|
||||||
|
disruption_budget:
|
||||||
|
api:
|
||||||
|
min_available: 0
|
||||||
|
termination_grace_period:
|
||||||
|
api:
|
||||||
|
timeout: 30
|
||||||
|
resources:
|
||||||
|
enabled: false
|
||||||
|
api:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
conductor:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
jobs:
|
||||||
|
bootstrap:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
db_init:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
db_sync:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
ks_endpoints:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
ks_service:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
ks_user:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
tests:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
|
||||||
|
manifests:
|
||||||
|
configmap_bin: true
|
||||||
|
configmap_etc: true
|
||||||
|
deployment_api: true
|
||||||
|
ingress_api: true
|
||||||
|
job_bootstrap: true
|
||||||
|
job_db_init: true
|
||||||
|
job_db_sync: true
|
||||||
|
job_ks_endpoints: true
|
||||||
|
job_ks_service: true
|
||||||
|
job_ks_user: true
|
||||||
|
pdb_api: true
|
||||||
|
secret_db: true
|
||||||
|
secret_keystone: true
|
||||||
|
service_api: true
|
||||||
|
service_ingress_api: true
|
||||||
|
statefulset_conductor: true
|
@ -16,6 +16,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
set -x
|
set -xe
|
||||||
|
|
||||||
exec nova-scheduler \
|
exec nova-scheduler \
|
||||||
--config-file /etc/nova/nova.conf
|
--config-file /etc/nova/nova.conf
|
||||||
|
1
tools/deployment/baremetal/000-install-packages.sh
Symbolic link
1
tools/deployment/baremetal/000-install-packages.sh
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../developer/common/000-install-packages.sh
|
117
tools/deployment/baremetal/005-setup-nodes.sh
Executable file
117
tools/deployment/baremetal/005-setup-nodes.sh
Executable file
@ -0,0 +1,117 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Build charts
|
||||||
|
make all
|
||||||
|
|
||||||
|
#NOTE: Deploy libvirt with vbmc then define domains to use as baremetal nodes
|
||||||
|
helm install ./libvirt \
|
||||||
|
--namespace=libvirt \
|
||||||
|
--name=libvirt \
|
||||||
|
--set ceph.enabled=false \
|
||||||
|
--set images.tags.libvirt=docker.io/openstackhelm/vbmc:centos
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
sleep 5 #NOTE(portdirect): work around k8s not immedately assigning pods to nodes
|
||||||
|
./tools/deployment/common/wait-for-pods.sh libvirt
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status libvirt
|
||||||
|
|
||||||
|
#NOTE: Create domains and start vbmc for ironic to manage as baremetal nodes
|
||||||
|
LIBVIRT_PODS=$(kubectl get --namespace libvirt pods \
|
||||||
|
-l application=libvirt,component=libvirt \
|
||||||
|
--no-headers -o name | awk -F '/' '{ print $NF }')
|
||||||
|
rm -f /tmp/bm-hosts.txt || true
|
||||||
|
for LIBVIRT_POD in ${LIBVIRT_PODS}; do
|
||||||
|
TEMPLATE_MAC_ADDR="00:01:DE:AD:BE:EF"
|
||||||
|
MAC_ADDR=$(printf '00:01:DE:%02X:%02X:%02X\n' $[RANDOM%256] $[RANDOM%256] $[RANDOM%256])
|
||||||
|
LIBVIRT_POD_NODE=$(kubectl get -n libvirt pod ${LIBVIRT_POD} -o json | jq -r '.spec.nodeName')
|
||||||
|
LIBVIRT_NODE_IP=$(kubectl get node ${LIBVIRT_POD_NODE} -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- mkdir -p /var/lib/libvirt/images
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- rm -f /var/lib/libvirt/images/vm-1.qcow2 || true
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- qemu-img create -f qcow2 /var/lib/libvirt/images/vm-1.qcow2 5G
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- chown -R qemu: /var/lib/libvirt/images/vm-1.qcow2
|
||||||
|
VM_DEF="$(sed "s|${TEMPLATE_MAC_ADDR}|${MAC_ADDR}|g" ./tools/gate/files/fake-baremetal-1.xml | base64 -w0)"
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "echo "${VM_DEF}" | base64 -d > /tmp/fake-baremetal-1.xml"
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "virsh undefine fake-baremetal-1 || true"
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- virsh define /tmp/fake-baremetal-1.xml
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "vbmc delete fake-baremetal-1 || true"
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- vbmc add fake-baremetal-1
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- sh -c "nohup vbmc start fake-baremetal-1 &>/dev/null &"
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- virsh list --all
|
||||||
|
kubectl exec -n libvirt ${LIBVIRT_POD} -- vbmc show fake-baremetal-1
|
||||||
|
echo "${LIBVIRT_NODE_IP} ${MAC_ADDR}" >> /tmp/bm-hosts.txt
|
||||||
|
done
|
||||||
|
|
||||||
|
#NOTE: Deploy OvS to connect nodes to the deployment host
|
||||||
|
helm install ./openvswitch \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=openvswitch
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status openvswitch
|
||||||
|
|
||||||
|
#NOTE: Setup GRE tunnels between deployment node and libvirt hosts
|
||||||
|
OSH_IRONIC_PXE_DEV="${OSH_IRONIC_PXE_DEV:="ironic-pxe"}"
|
||||||
|
OSH_IRONIC_PXE_ADDR="${OSH_IRONIC_PXE_ADDR:="172.24.6.1/24"}"
|
||||||
|
MASTER_IP=$(kubectl get node $(hostname -f) -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
|
||||||
|
NODE_IPS=$(kubectl get nodes -o json | jq -r '.items[].status.addresses[] | select(.type=="InternalIP").address' | sort -V)
|
||||||
|
OVS_VSWITCHD_PODS=$(kubectl get --namespace openstack pods \
|
||||||
|
-l application=openvswitch,component=openvswitch-vswitchd \
|
||||||
|
--no-headers -o name | awk -F '/' '{ print $NF }')
|
||||||
|
for OVS_VSWITCHD_POD in ${OVS_VSWITCHD_PODS}; do
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ovs-vsctl add-br "${OSH_IRONIC_PXE_DEV}"
|
||||||
|
if [ "x$(kubectl --namespace openstack get pod ${OVS_VSWITCHD_POD} -o wide --no-headers | awk '{ print $NF }')" == "x$(hostname -f)" ] ; then
|
||||||
|
COUNTER=0
|
||||||
|
for NODE_IP in ${NODE_IPS}; do
|
||||||
|
if ! [ "x${MASTER_IP}" == "x${NODE_IP}" ]; then
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ovs-vsctl add-port ${OSH_IRONIC_PXE_DEV} gre${COUNTER} \
|
||||||
|
-- set interface gre${COUNTER} type=gre options:remote_ip=${NODE_IP}
|
||||||
|
let COUNTER=COUNTER+1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ip addr add "${OSH_IRONIC_PXE_ADDR}" dev "${OSH_IRONIC_PXE_DEV}"
|
||||||
|
#NOTE(portdirect): for simplity assume we are using the default dev
|
||||||
|
# for tunnels, and a MTU overhead of 50
|
||||||
|
MASTER_NODE_DEV="$(kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ip -4 route list 0/0 | awk '{ print $5; exit }')"
|
||||||
|
MASTER_NODE_MTU="$(kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- cat /sys/class/net/${MASTER_NODE_DEV}/mtu)"
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ip link set dev ${OSH_IRONIC_PXE_DEV} mtu $((${MASTER_NODE_MTU} - 50))
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ip link set "${OSH_IRONIC_PXE_DEV}" up
|
||||||
|
else
|
||||||
|
kubectl exec --namespace openstack "${OVS_VSWITCHD_POD}" \
|
||||||
|
-- ovs-vsctl add-port ${OSH_IRONIC_PXE_DEV} gre0 \
|
||||||
|
-- set interface gre0 type=gre options:remote_ip=${MASTER_IP}
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
#NOTE: Set up the ${OSH_IRONIC_PXE_DEV} to forward traffic
|
||||||
|
DEFAULT_ROUTE_DEV="$(sudo ip -4 route list 0/0 | awk '{ print $5; exit }')"
|
||||||
|
sudo iptables -t nat -A POSTROUTING -o ${DEFAULT_ROUTE_DEV} -j MASQUERADE
|
||||||
|
sudo iptables -A FORWARD -i ${DEFAULT_ROUTE_DEV} -o ${OSH_IRONIC_PXE_DEV} -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||||
|
sudo iptables -A FORWARD -i ${OSH_IRONIC_PXE_DEV} -o ${DEFAULT_ROUTE_DEV} -j ACCEPT
|
38
tools/deployment/baremetal/010-setup-client.sh
Executable file
38
tools/deployment/baremetal/010-setup-client.sh
Executable file
@ -0,0 +1,38 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
sudo -H -E pip install python-openstackclient python-heatclient python-ironicclient
|
||||||
|
|
||||||
|
sudo -H mkdir -p /etc/openstack
|
||||||
|
cat << EOF | sudo -H tee -a /etc/openstack/clouds.yaml
|
||||||
|
clouds:
|
||||||
|
openstack_helm:
|
||||||
|
region_name: RegionOne
|
||||||
|
identity_api_version: 3
|
||||||
|
auth:
|
||||||
|
username: 'admin'
|
||||||
|
password: 'password'
|
||||||
|
project_name: 'admin'
|
||||||
|
project_domain_name: 'default'
|
||||||
|
user_domain_name: 'default'
|
||||||
|
auth_url: 'http://keystone.openstack.svc.cluster.local/v3'
|
||||||
|
EOF
|
||||||
|
sudo -H chown -R $(id -un): /etc/openstack
|
||||||
|
|
||||||
|
#NOTE: Build charts
|
||||||
|
make all
|
48
tools/deployment/baremetal/020-ingress.sh
Executable file
48
tools/deployment/baremetal/020-ingress.sh
Executable file
@ -0,0 +1,48 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images ingress
|
||||||
|
|
||||||
|
#NOTE: Deploy global ingress
|
||||||
|
helm install ./ingress \
|
||||||
|
--namespace=kube-system \
|
||||||
|
--name=ingress-kube-system \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary \
|
||||||
|
--set deployment.mode=cluster \
|
||||||
|
--set deployment.type=DaemonSet \
|
||||||
|
--set network.host_namespace=true \
|
||||||
|
--set network.vip.manage=false \
|
||||||
|
--set network.vip.addr=172.18.0.1/32 \
|
||||||
|
--set conf.services.udp.53='kube-system/kube-dns:53'
|
||||||
|
|
||||||
|
#NOTE: Deploy namespace ingress
|
||||||
|
helm install ./ingress \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=ingress-openstack \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh kube-system
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Display info
|
||||||
|
helm status ingress-kube-system
|
||||||
|
helm status ingress-openstack
|
91
tools/deployment/baremetal/030-ceph.sh
Executable file
91
tools/deployment/baremetal/030-ceph.sh
Executable file
@ -0,0 +1,91 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images ceph
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
uuidgen > /tmp/ceph-fs-uuid.txt
|
||||||
|
tee /tmp/ceph.yaml <<EOF
|
||||||
|
labels:
|
||||||
|
jobs:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
provisioner:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
mon:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
mds:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
osd:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
rgw:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
mgr:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
endpoints:
|
||||||
|
identity:
|
||||||
|
namespace: openstack
|
||||||
|
object_store:
|
||||||
|
namespace: ceph
|
||||||
|
ceph_mon:
|
||||||
|
namespace: ceph
|
||||||
|
network:
|
||||||
|
public: 172.17.0.1/16
|
||||||
|
cluster: 172.17.0.1/16
|
||||||
|
deployment:
|
||||||
|
storage_secrets: true
|
||||||
|
ceph: true
|
||||||
|
rbd_provisioner: true
|
||||||
|
cephfs_provisioner: true
|
||||||
|
client_secrets: false
|
||||||
|
rgw_keystone_user_and_endpoints: false
|
||||||
|
bootstrap:
|
||||||
|
enabled: true
|
||||||
|
conf:
|
||||||
|
rgw_ks:
|
||||||
|
enabled: true
|
||||||
|
ceph:
|
||||||
|
config:
|
||||||
|
global:
|
||||||
|
fsid: "$(cat /tmp/ceph-fs-uuid.txt)"
|
||||||
|
osd_pool_default_size: 1
|
||||||
|
osd:
|
||||||
|
osd_crush_chooseleaf_type: 0
|
||||||
|
EOF
|
||||||
|
helm install ./ceph \
|
||||||
|
--namespace=ceph \
|
||||||
|
--name=ceph \
|
||||||
|
--values=/tmp/ceph.yaml
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh ceph
|
||||||
|
|
||||||
|
#NOTE: Validate deploy
|
||||||
|
MON_POD=$(kubectl get pods \
|
||||||
|
--namespace=ceph \
|
||||||
|
--selector="application=ceph" \
|
||||||
|
--selector="component=mon" \
|
||||||
|
--no-headers | awk '{ print $1; exit }')
|
||||||
|
kubectl exec -n ceph ${MON_POD} -- ceph -s
|
69
tools/deployment/baremetal/035-ceph-ns-activate.sh
Executable file
69
tools/deployment/baremetal/035-ceph-ns-activate.sh
Executable file
@ -0,0 +1,69 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images ceph
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
tee /tmp/ceph-openstack-config.yaml <<EOF
|
||||||
|
labels:
|
||||||
|
jobs:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
endpoints:
|
||||||
|
identity:
|
||||||
|
namespace: openstack
|
||||||
|
object_store:
|
||||||
|
namespace: ceph
|
||||||
|
ceph_mon:
|
||||||
|
namespace: ceph
|
||||||
|
network:
|
||||||
|
public: 172.17.0.1/16
|
||||||
|
cluster: 172.17.0.1/16
|
||||||
|
deployment:
|
||||||
|
storage_secrets: false
|
||||||
|
ceph: false
|
||||||
|
rbd_provisioner: false
|
||||||
|
cephfs_provisioner: false
|
||||||
|
client_secrets: true
|
||||||
|
rgw_keystone_user_and_endpoints: false
|
||||||
|
bootstrap:
|
||||||
|
enabled: false
|
||||||
|
conf:
|
||||||
|
rgw_ks:
|
||||||
|
enabled: true
|
||||||
|
ceph:
|
||||||
|
config:
|
||||||
|
global:
|
||||||
|
osd_pool_default_size: 1
|
||||||
|
fsid: "$(cat /tmp/ceph-fs-uuid.txt)"
|
||||||
|
osd:
|
||||||
|
osd_crush_chooseleaf_type: 0
|
||||||
|
EOF
|
||||||
|
helm install ./ceph \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=ceph-openstack-config \
|
||||||
|
--values=/tmp/ceph-openstack-config.yaml
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
kubectl get -n openstack jobs --show-all
|
||||||
|
kubectl get -n openstack secrets
|
||||||
|
kubectl get -n openstack configmaps
|
34
tools/deployment/baremetal/040-mariadb.sh
Executable file
34
tools/deployment/baremetal/040-mariadb.sh
Executable file
@ -0,0 +1,34 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images mariadb
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./mariadb \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=mariadb \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary \
|
||||||
|
--set pod.replicas.server=1
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status mariadb
|
34
tools/deployment/baremetal/050-rabbitmq.sh
Executable file
34
tools/deployment/baremetal/050-rabbitmq.sh
Executable file
@ -0,0 +1,34 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images rabbitmq
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./rabbitmq \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=rabbitmq \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary \
|
||||||
|
--set pod.replicas.server=1
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status rabbitmq
|
33
tools/deployment/baremetal/060-memcached.sh
Executable file
33
tools/deployment/baremetal/060-memcached.sh
Executable file
@ -0,0 +1,33 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images memcached
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./memcached \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=memcached \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status memcached
|
36
tools/deployment/baremetal/080-keystone.sh
Executable file
36
tools/deployment/baremetal/080-keystone.sh
Executable file
@ -0,0 +1,36 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images keystone
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./keystone \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=keystone \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status keystone
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||||
|
openstack endpoint list
|
39
tools/deployment/baremetal/090-glance.sh
Executable file
39
tools/deployment/baremetal/090-glance.sh
Executable file
@ -0,0 +1,39 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images glance
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./glance \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=glance \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary \
|
||||||
|
--set storage=radosgw
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
helm status glance
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
openstack service list
|
||||||
|
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||||
|
openstack image list
|
||||||
|
openstack image show 'Cirros 0.3.5 64-bit'
|
35
tools/deployment/baremetal/100-heat.sh
Executable file
35
tools/deployment/baremetal/100-heat.sh
Executable file
@ -0,0 +1,35 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images heat
|
||||||
|
|
||||||
|
#NOTE: Deploy command
|
||||||
|
helm install ./heat \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=heat \
|
||||||
|
--set labels.node_selector_key=openstack-helm-node-class \
|
||||||
|
--set labels.node_selector_value=primary
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
openstack service list
|
||||||
|
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||||
|
openstack orchestration service list
|
204
tools/deployment/baremetal/110-compute-kit.sh
Executable file
204
tools/deployment/baremetal/110-compute-kit.sh
Executable file
@ -0,0 +1,204 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Pull images and lint chart
|
||||||
|
make pull-images neutron
|
||||||
|
make pull-images ironic
|
||||||
|
make pull-images nova
|
||||||
|
|
||||||
|
#NOTE: Deploy neutron
|
||||||
|
#NOTE(portdirect): for simplicity we will assume the default route device
|
||||||
|
# should be used for tunnels
|
||||||
|
NETWORK_TUNNEL_DEV="$(sudo ip -4 route list 0/0 | awk '{ print $5; exit }')"
|
||||||
|
tee /tmp/neutron.yaml << EOF
|
||||||
|
network:
|
||||||
|
interface:
|
||||||
|
tunnel: "${NETWORK_TUNNEL_DEV}"
|
||||||
|
labels:
|
||||||
|
ovs:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
agent:
|
||||||
|
dhcp:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
l3:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
metadata:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
server:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
pod:
|
||||||
|
replicas:
|
||||||
|
server: 1
|
||||||
|
conf:
|
||||||
|
neutron:
|
||||||
|
DEFAULT:
|
||||||
|
l3_ha: False
|
||||||
|
min_l3_agents_per_router: 1
|
||||||
|
max_l3_agents_per_router: 1
|
||||||
|
l3_ha_network_type: vxlan
|
||||||
|
dhcp_agents_per_network: 1
|
||||||
|
plugins:
|
||||||
|
ml2_conf:
|
||||||
|
ml2_type_flat:
|
||||||
|
flat_networks: public,physnet2
|
||||||
|
openvswitch_agent:
|
||||||
|
agent:
|
||||||
|
tunnel_types: vxlan
|
||||||
|
ovs:
|
||||||
|
bridge_mappings: "external:br-ex,physnet2:ironic-pxe"
|
||||||
|
manifests:
|
||||||
|
daemonset_dhcp_agent: false
|
||||||
|
daemonset_metadata_agent: false
|
||||||
|
daemonset_l3_agent: false
|
||||||
|
EOF
|
||||||
|
helm install ./neutron \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=neutron \
|
||||||
|
--values=/tmp/neutron.yaml
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
openstack service list
|
||||||
|
sleep 30 #NOTE(portdirect): Wait for ingress controller to update rules and restart Nginx
|
||||||
|
|
||||||
|
export OSH_IRONIC_PXE_NET_NAME="${OSH_IRONIC_PXE_NET_NAME:="baremetal"}"
|
||||||
|
IRONIC_NEUTRON_CLEANING_NET_ID=$(openstack network create -f value -c id --share --provider-network-type flat \
|
||||||
|
--provider-physical-network physnet2 ${OSH_IRONIC_PXE_NET_NAME})
|
||||||
|
|
||||||
|
export OSH_IRONIC_PXE_DEV=${OSH_IRONIC_PXE_DEV:="ironic-pxe"}
|
||||||
|
export OSH_IRONIC_PXE_ADDR="${OSH_IRONIC_PXE_ADDR:="172.24.6.1/24"}"
|
||||||
|
export OSH_IRONIC_PXE_SUBNET="${OSH_IRONIC_PXE_SUBNET:="172.24.6.0/24"}"
|
||||||
|
export OSH_IRONIC_PXE_ALOC_START="${OSH_IRONIC_PXE_ALOC_START:="172.24.6.100"}"
|
||||||
|
export OSH_IRONIC_PXE_ALOC_END="${OSH_IRONIC_PXE_ALOC_END:="172.24.6.200"}"
|
||||||
|
export OSH_IRONIC_PXE_SUBNET_NAME="${OSH_IRONIC_PXE_SUBNET_NAME:="baremetal"}"
|
||||||
|
openstack subnet create \
|
||||||
|
--gateway ${OSH_IRONIC_PXE_ADDR%/*} \
|
||||||
|
--allocation-pool start=${OSH_IRONIC_PXE_ALOC_START},end=${OSH_IRONIC_PXE_ALOC_END} \
|
||||||
|
--dns-nameserver $(kubectl get -n kube-system svc kube-dns -o json | jq -r '.spec.clusterIP') \
|
||||||
|
--subnet-range ${OSH_IRONIC_PXE_SUBNET} \
|
||||||
|
--network ${OSH_IRONIC_PXE_NET_NAME} \
|
||||||
|
${OSH_IRONIC_PXE_SUBNET_NAME}
|
||||||
|
|
||||||
|
tee /tmp/ironic.yaml << EOF
|
||||||
|
labels:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
network:
|
||||||
|
interface:
|
||||||
|
provisioner: "${OSH_IRONIC_PXE_DEV}"
|
||||||
|
conf:
|
||||||
|
ironic:
|
||||||
|
conductor:
|
||||||
|
automated_clean: "false"
|
||||||
|
deploy:
|
||||||
|
shred_final_overwrite_with_zeros: "false"
|
||||||
|
neutron:
|
||||||
|
cleaning_network_uuid: "${IRONIC_NEUTRON_CLEANING_NET_ID}"
|
||||||
|
EOF
|
||||||
|
helm install ./ironic \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=ironic \
|
||||||
|
--values=/tmp/ironic.yaml
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
tee /tmp/nova.yaml << EOF
|
||||||
|
labels:
|
||||||
|
agent:
|
||||||
|
compute:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
compute_ironic:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
conductor:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
consoleauth:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
scheduler:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
osapi:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
api_metadata:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
placement:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
job:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
novncproxy:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
spiceproxy:
|
||||||
|
node_selector_key: openstack-helm-node-class
|
||||||
|
node_selector_value: primary
|
||||||
|
conf:
|
||||||
|
nova:
|
||||||
|
DEFAULT:
|
||||||
|
force_config_drive: false
|
||||||
|
scheduler_host_manager: ironic_host_manager
|
||||||
|
compute_driver: ironic.IronicDriver
|
||||||
|
ram_allocation_ratio: 1.0
|
||||||
|
reserved_host_memory_mb: 0
|
||||||
|
scheduler_use_baremetal_filters: true
|
||||||
|
baremetal_scheduler_default_filters: "RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter"
|
||||||
|
scheduler_tracks_instance_changes: false
|
||||||
|
scheduler_host_subset_size: 9999
|
||||||
|
manifests:
|
||||||
|
daemonset_compute: false
|
||||||
|
daemonset_libvirt: false
|
||||||
|
statefulset_compute_ironic: true
|
||||||
|
job_cell_setup: false
|
||||||
|
EOF
|
||||||
|
# Deploy Nova and enable the neutron agents
|
||||||
|
helm install ./nova \
|
||||||
|
--namespace=openstack \
|
||||||
|
--name=nova \
|
||||||
|
--values=/tmp/nova.yaml
|
||||||
|
|
||||||
|
helm upgrade neutron ./neutron \
|
||||||
|
--values=/tmp/neutron.yaml \
|
||||||
|
--set=manifests.daemonset_dhcp_agent=true \
|
||||||
|
--set=manifests.daemonset_metadata_agent=true \
|
||||||
|
--set=manifests.daemonset_l3_agent=true
|
||||||
|
|
||||||
|
#NOTE: Wait for deploy
|
||||||
|
./tools/deployment/common/wait-for-pods.sh openstack
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
openstack service list
|
||||||
|
sleep 30
|
||||||
|
openstack network agent list
|
||||||
|
openstack baremetal driver list
|
||||||
|
openstack compute service list
|
30
tools/deployment/baremetal/800-create-baremetal-host-aggregate.sh
Executable file
30
tools/deployment/baremetal/800-create-baremetal-host-aggregate.sh
Executable file
@ -0,0 +1,30 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
|
||||||
|
|
||||||
|
#NOTE: setup a host aggregate for baremetal nodes to use
|
||||||
|
openstack aggregate create \
|
||||||
|
--property baremetal=true \
|
||||||
|
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
|
||||||
|
baremetal-hosts
|
||||||
|
IRONIC_COMPUTES=$(openstack compute service list | grep compute | grep $(hostname) | grep -v down | awk '{print $6}')
|
||||||
|
for COMPUTE in $IRONIC_COMPUTES; do
|
||||||
|
openstack aggregate add host baremetal-hosts ${COMPUTE}
|
||||||
|
done
|
77
tools/deployment/baremetal/810-register-baremetal-nodes.sh
Executable file
77
tools/deployment/baremetal/810-register-baremetal-nodes.sh
Executable file
@ -0,0 +1,77 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
export OSH_IRONIC_NODE_DISC=${OSH_IRONIC_NODE_DISC:="5"}
|
||||||
|
export OSH_IRONIC_NODE_RAM=${OSH_IRONIC_NODE_RAM:="4096"}
|
||||||
|
export OSH_IRONIC_NODE_CPU=${OSH_IRONIC_NODE_CPU:="2"}
|
||||||
|
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
|
||||||
|
|
||||||
|
#NOTE: Register the baremetal nodes with ironic
|
||||||
|
DEPLOY_VMLINUZ_UUID=$(openstack image show ironic-agent.kernel -f value -c id)
|
||||||
|
DEPLOY_INITRD_UUID=$(openstack image show ironic-agent.initramfs -f value -c id)
|
||||||
|
MASTER_IP=$(kubectl get node $(hostname -f) -o json | jq -r '.status.addresses[] | select(.type=="InternalIP").address')
|
||||||
|
while read NODE_DETAIL_RAW; do
|
||||||
|
NODE_DETAIL=($(echo ${NODE_DETAIL_RAW}))
|
||||||
|
NODE_BMC_IP=${NODE_DETAIL[0]}
|
||||||
|
NODE_MAC=${NODE_DETAIL[1]}
|
||||||
|
if ! [ "x${MASTER_IP}" == "x${NODE_BMC_IP}" ]; then
|
||||||
|
BM_NODE=$(openstack baremetal node create \
|
||||||
|
--driver agent_ipmitool \
|
||||||
|
--driver-info ipmi_username=admin \
|
||||||
|
--driver-info ipmi_password=password \
|
||||||
|
--driver-info ipmi_address="${NODE_BMC_IP}" \
|
||||||
|
--driver-info ipmi_port=623 \
|
||||||
|
--driver-info deploy_kernel=${DEPLOY_VMLINUZ_UUID} \
|
||||||
|
--driver-info deploy_ramdisk=${DEPLOY_INITRD_UUID} \
|
||||||
|
--property local_gb=${OSH_IRONIC_NODE_DISC} \
|
||||||
|
--property memory_mb=${OSH_IRONIC_NODE_RAM} \
|
||||||
|
--property cpus=${OSH_IRONIC_NODE_CPU} \
|
||||||
|
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
|
||||||
|
-f value -c uuid)
|
||||||
|
openstack baremetal node manage "${BM_NODE}"
|
||||||
|
openstack baremetal port create --node ${BM_NODE} "${NODE_MAC}"
|
||||||
|
openstack baremetal node validate "${BM_NODE}"
|
||||||
|
openstack baremetal node provide "${BM_NODE}"
|
||||||
|
openstack baremetal node show "${BM_NODE}"
|
||||||
|
fi
|
||||||
|
done < /tmp/bm-hosts.txt
|
||||||
|
|
||||||
|
#NOTE: Wait for our baremetal nodes to become avalible for provisioning
|
||||||
|
function wait_for_ironic_node {
|
||||||
|
# Default wait timeout is 1200 seconds
|
||||||
|
set +x
|
||||||
|
end=$(date +%s)
|
||||||
|
if ! [ -z $2 ]; then
|
||||||
|
end=$((end + $2))
|
||||||
|
else
|
||||||
|
end=$((end + 1200))
|
||||||
|
fi
|
||||||
|
while true; do
|
||||||
|
STATE=$(openstack baremetal node show $1 -f value -c provision_state)
|
||||||
|
[ "x${STATE}" == "xavailable" ] && break
|
||||||
|
sleep 1
|
||||||
|
now=$(date +%s)
|
||||||
|
[ $now -gt $end ] && echo "Node did not come up in time" && openstack baremetal node show $1 && exit -1
|
||||||
|
done
|
||||||
|
set -x
|
||||||
|
}
|
||||||
|
for NODE in $(openstack baremetal node list -f value -c UUID); do
|
||||||
|
wait_for_ironic_node $NODE
|
||||||
|
done
|
||||||
|
openstack baremetal node list
|
32
tools/deployment/baremetal/820-create-baremetal-flavor.sh
Executable file
32
tools/deployment/baremetal/820-create-baremetal-flavor.sh
Executable file
@ -0,0 +1,32 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
export OSH_IRONIC_NODE_DISC=${OSH_IRONIC_NODE_DISC:="5"}
|
||||||
|
export OSH_IRONIC_NODE_RAM=${OSH_IRONIC_NODE_RAM:="4096"}
|
||||||
|
export OSH_IRONIC_NODE_CPU=${OSH_IRONIC_NODE_CPU:="2"}
|
||||||
|
export OSH_IRONIC_NODE_ARCH=${OSH_IRONIC_NODE_ARCH:="x86_64"}
|
||||||
|
|
||||||
|
#NOTE: Create a flavor assocated with our baremetal nodes
|
||||||
|
openstack flavor create \
|
||||||
|
--disk ${OSH_IRONIC_NODE_DISC} \
|
||||||
|
--ram ${OSH_IRONIC_NODE_RAM} \
|
||||||
|
--vcpus ${OSH_IRONIC_NODE_CPU} \
|
||||||
|
--property cpu_arch=${OSH_IRONIC_NODE_ARCH} \
|
||||||
|
--property baremetal=true \
|
||||||
|
baremetal
|
66
tools/deployment/baremetal/900-use-it.sh
Executable file
66
tools/deployment/baremetal/900-use-it.sh
Executable file
@ -0,0 +1,66 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
set -xe
|
||||||
|
|
||||||
|
#NOTE: Validate Deployment info
|
||||||
|
export OS_CLOUD=openstack_helm
|
||||||
|
|
||||||
|
export OSH_VM_KEY_STACK="heat-vm-key"
|
||||||
|
# Setup SSH Keypair in Nova
|
||||||
|
mkdir -p ${HOME}/.ssh
|
||||||
|
openstack keypair create --private-key ${HOME}/.ssh/osh_key ${OSH_VM_KEY_STACK}
|
||||||
|
chmod 600 ${HOME}/.ssh/osh_key
|
||||||
|
|
||||||
|
# Deploy heat stack to provision node
|
||||||
|
openstack stack create --wait --timeout 15 \
|
||||||
|
-t ./tools/gate/files/heat-basic-bm-deployment.yaml \
|
||||||
|
heat-basic-bm-deployment
|
||||||
|
|
||||||
|
FLOATING_IP=$(openstack stack output show \
|
||||||
|
heat-basic-bm-deployment \
|
||||||
|
ip \
|
||||||
|
-f value -c output_value)
|
||||||
|
|
||||||
|
# Wait for the nodes SSH port to come up
|
||||||
|
function wait_for_ssh_port {
|
||||||
|
# Default wait timeout is 300 seconds
|
||||||
|
set +x
|
||||||
|
end=$(date +%s)
|
||||||
|
if ! [ -z $2 ]; then
|
||||||
|
end=$((end + $2))
|
||||||
|
else
|
||||||
|
end=$((end + 300))
|
||||||
|
fi
|
||||||
|
while true; do
|
||||||
|
# Use Nmap as its the same on Ubuntu and RHEL family distros
|
||||||
|
nmap -Pn -p22 $1 | awk '$1 ~ /22/ {print $2}' | grep -q 'open' && \
|
||||||
|
break || true
|
||||||
|
sleep 1
|
||||||
|
now=$(date +%s)
|
||||||
|
[ $now -gt $end ] && echo "Could not connect to $1 port 22 in time" && exit -1
|
||||||
|
done
|
||||||
|
set -x
|
||||||
|
}
|
||||||
|
wait_for_ssh_port $FLOATING_IP
|
||||||
|
|
||||||
|
# SSH into the VM and check it can reach the outside world
|
||||||
|
ssh-keyscan "$FLOATING_IP" >> ~/.ssh/known_hosts
|
||||||
|
BM_GATEWAY="$(ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} ip -4 route list 0/0 | awk '{ print $3; exit }')"
|
||||||
|
ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} ping -q -c 1 -W 2 ${BM_GATEWAY}
|
||||||
|
|
||||||
|
# Check the VM can reach the metadata server
|
||||||
|
ssh -i ${HOME}/.ssh/osh_key cirros@${FLOATING_IP} curl --verbose --connect-timeout 5 169.254.169.254
|
@ -26,7 +26,7 @@ helm install ./ingress \
|
|||||||
--set deployment.mode=cluster \
|
--set deployment.mode=cluster \
|
||||||
--set deployment.type=DaemonSet \
|
--set deployment.type=DaemonSet \
|
||||||
--set network.host_namespace=true \
|
--set network.host_namespace=true \
|
||||||
--set network.vip.manage=true \
|
--set network.vip.manage=false \
|
||||||
--set network.vip.addr=172.18.0.1/32 \
|
--set network.vip.addr=172.18.0.1/32 \
|
||||||
--set conf.services.udp.53='kube-system/kube-dns:53'
|
--set conf.services.udp.53='kube-system/kube-dns:53'
|
||||||
|
|
||||||
|
70
tools/gate/files/fake-baremetal-1.xml
Normal file
70
tools/gate/files/fake-baremetal-1.xml
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
<domain type='qemu'>
|
||||||
|
<name>fake-baremetal-1</name>
|
||||||
|
<memory unit='MB'>4096</memory>
|
||||||
|
<vcpu placement='static'>4</vcpu>
|
||||||
|
<resource>
|
||||||
|
<partition>/machine</partition>
|
||||||
|
</resource>
|
||||||
|
<os>
|
||||||
|
<type arch='x86_64' machine='pc'>hvm</type>
|
||||||
|
<boot dev='network'/>
|
||||||
|
<boot dev='hd'/>
|
||||||
|
<bootmenu enable='no'/>
|
||||||
|
<bios useserial='yes'/>
|
||||||
|
</os>
|
||||||
|
<features>
|
||||||
|
<acpi/>
|
||||||
|
<apic/>
|
||||||
|
</features>
|
||||||
|
<cpu>
|
||||||
|
<topology sockets='1' cores='4' threads='1'/>
|
||||||
|
</cpu>
|
||||||
|
<clock offset='localtime'/>
|
||||||
|
<on_poweroff>destroy</on_poweroff>
|
||||||
|
<on_reboot>restart</on_reboot>
|
||||||
|
<on_crash>restart</on_crash>
|
||||||
|
<devices>
|
||||||
|
<emulator>/usr/libexec/qemu-kvm</emulator>
|
||||||
|
<disk type='file' device='disk'>
|
||||||
|
<driver name='qemu' type='qcow2'/>
|
||||||
|
<source file='/var/lib/libvirt/images/vm-1.qcow2'/>
|
||||||
|
<target dev='vda' bus='virtio'/>
|
||||||
|
<alias name='virtio-disk0'/>
|
||||||
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
|
||||||
|
</disk>
|
||||||
|
<controller type='usb' index='0'>
|
||||||
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
|
||||||
|
</controller>
|
||||||
|
<controller type='ide' index='0'>
|
||||||
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
|
||||||
|
</controller>
|
||||||
|
<controller type='pci' index='0' model='pci-root'/>
|
||||||
|
<interface type='bridge'>
|
||||||
|
<mac address='00:01:DE:AD:BE:EF'/>
|
||||||
|
<source bridge='ironic-pxe'/>
|
||||||
|
<virtualport type='openvswitch'>
|
||||||
|
</virtualport>
|
||||||
|
<model type='virtio'/>
|
||||||
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
|
||||||
|
</interface>
|
||||||
|
<serial type='file'>
|
||||||
|
<source path='/tmp/vm-1.log' append='on'/>
|
||||||
|
<target port='0'/>
|
||||||
|
</serial>
|
||||||
|
<serial type='pty'>
|
||||||
|
<target port='1'/>
|
||||||
|
</serial>
|
||||||
|
<console type='file'>
|
||||||
|
<source path='/tmp/vm-1.log' append='on'/>
|
||||||
|
<target type='serial' port='0'/>
|
||||||
|
</console>
|
||||||
|
<input type='tablet' bus='usb'>
|
||||||
|
<address type='usb' bus='0' port='1'/>
|
||||||
|
</input>
|
||||||
|
<input type='mouse' bus='ps2'/>
|
||||||
|
<input type='keyboard' bus='ps2'/>
|
||||||
|
<memballoon model='virtio'>
|
||||||
|
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
|
||||||
|
</memballoon>
|
||||||
|
</devices>
|
||||||
|
</domain>
|
41
tools/gate/files/heat-basic-bm-deployment.yaml
Normal file
41
tools/gate/files/heat-basic-bm-deployment.yaml
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
heat_template_version: 2016-10-14
|
||||||
|
|
||||||
|
parameters:
|
||||||
|
baremetal_net:
|
||||||
|
type: string
|
||||||
|
default: baremetal
|
||||||
|
baremetal_subnet:
|
||||||
|
type: string
|
||||||
|
default: baremetal
|
||||||
|
image:
|
||||||
|
type: string
|
||||||
|
default: Cirros 0.3.5 64-bit
|
||||||
|
flavor:
|
||||||
|
type: string
|
||||||
|
default: baremetal
|
||||||
|
ssh_key:
|
||||||
|
type: string
|
||||||
|
default: heat-vm-key
|
||||||
|
|
||||||
|
resources:
|
||||||
|
server:
|
||||||
|
type: OS::Nova::Server
|
||||||
|
properties:
|
||||||
|
image: {get_param: image}
|
||||||
|
flavor: {get_param: flavor}
|
||||||
|
key_name: {get_param: ssh_key}
|
||||||
|
networks:
|
||||||
|
- port: { get_resource: server_port }
|
||||||
|
user_data_format: RAW
|
||||||
|
|
||||||
|
server_port:
|
||||||
|
type: OS::Neutron::Port
|
||||||
|
properties:
|
||||||
|
network: {get_param: baremetal_net}
|
||||||
|
fixed_ips:
|
||||||
|
- subnet: { get_param: baremetal_subnet }
|
||||||
|
port_security_enabled: false
|
||||||
|
|
||||||
|
outputs:
|
||||||
|
ip:
|
||||||
|
value: {get_attr: [server_port, fixed_ips, 0, ip_address]}
|
118
tools/gate/playbooks/ironic-deploy.yaml
Normal file
118
tools/gate/playbooks/ironic-deploy.yaml
Normal file
@ -0,0 +1,118 @@
|
|||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
- hosts: primary
|
||||||
|
tasks:
|
||||||
|
- name: Deploy Packages
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/000-install-packages.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Setup Nodes
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/005-setup-nodes.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy clients
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/010-setup-client.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy ingress
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/020-ingress.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Ceph
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/030-ceph.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Setup openstack namespace for ceph
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/035-ceph-ns-activate.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy MariaDB
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/040-mariadb.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy RabbitMQ
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/050-rabbitmq.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Memcached
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/060-memcached.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Keystone
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/080-keystone.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Glance
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/090-glance.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Hea
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/100-heat.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Compute Kit
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/110-compute-kit.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Create baremetal host aggregate
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/800-create-baremetal-host-aggregate.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Register baremetal nodes
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/810-register-baremetal-nodes.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Create baremetal flavor
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/820-create-baremetal-flavor.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
||||||
|
- name: Deploy Node
|
||||||
|
shell: |
|
||||||
|
set -xe;
|
||||||
|
./tools/deployment/baremetal/900-use-it.sh
|
||||||
|
args:
|
||||||
|
chdir: "{{ zuul.project.src_dir }}"
|
@ -1,5 +1,5 @@
|
|||||||
Ceph Config Helper Container
|
Ceph Config Helper Container
|
||||||
=====================
|
============================
|
||||||
|
|
||||||
This container builds a small image with kubectl and some other utilites for
|
This container builds a small image with kubectl and some other utilites for
|
||||||
use in the ceph-config chart.
|
use in the ceph-config chart.
|
||||||
|
36
tools/images/vbmc/Dockerfile
Normal file
36
tools/images/vbmc/Dockerfile
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
FROM centos:7
|
||||||
|
MAINTAINER pete.birley@att.com
|
||||||
|
|
||||||
|
RUN set -ex ;\
|
||||||
|
yum -y upgrade ;\
|
||||||
|
yum -y install \
|
||||||
|
epel-release \
|
||||||
|
centos-release-openstack-newton \
|
||||||
|
centos-release-qemu-ev ;\
|
||||||
|
yum -y install \
|
||||||
|
ceph-common \
|
||||||
|
git \
|
||||||
|
libguestfs \
|
||||||
|
libvirt \
|
||||||
|
libvirt-daemon \
|
||||||
|
libvirt-daemon-config-nwfilter \
|
||||||
|
libvirt-daemon-driver-lxc \
|
||||||
|
libvirt-daemon-driver-nwfilter \
|
||||||
|
libvirt-devel \
|
||||||
|
openvswitch \
|
||||||
|
python-devel \
|
||||||
|
qemu-kvm ;\
|
||||||
|
yum -y group install \
|
||||||
|
"Development Tools" ;\
|
||||||
|
yum clean all ;\
|
||||||
|
rm -rf /var/cache/yum ;\
|
||||||
|
curl https://bootstrap.pypa.io/get-pip.py -o /tmpget-pip.py ;\
|
||||||
|
python /tmpget-pip.py ;\
|
||||||
|
rm -f /tmp/get-pip.py ;\
|
||||||
|
TMP_DIR=$(mktemp -d) ;\
|
||||||
|
git clone https://github.com/openstack/virtualbmc ${TMP_DIR} ;\
|
||||||
|
pip install -U ${TMP_DIR} ;\
|
||||||
|
rm -rf ${TMP_DIR} ;\
|
||||||
|
useradd --user-group --create-home --home-dir /var/lib/nova nova ;\
|
||||||
|
chmod 755 /var/lib/nova ;\
|
||||||
|
usermod -a -G qemu nova
|
37
tools/images/vbmc/README.rst
Normal file
37
tools/images/vbmc/README.rst
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
VBMC Container
|
||||||
|
==============
|
||||||
|
|
||||||
|
This container builds a small image with kubectl and some other utilities for
|
||||||
|
use in both the ironic checks and development.
|
||||||
|
|
||||||
|
Instructions
|
||||||
|
------------
|
||||||
|
|
||||||
|
OS Specific Host setup:
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Ubuntu:
|
||||||
|
^^^^^^^
|
||||||
|
|
||||||
|
From a freshly provisioned Ubuntu 16.04 LTS host run:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
|
sudo apt-get update -y
|
||||||
|
sudo apt-get install -y \
|
||||||
|
docker.io \
|
||||||
|
git
|
||||||
|
|
||||||
|
Build the VBMC Image environment
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
A known good image is published to dockerhub on a fairly regular basis, but if
|
||||||
|
you wish to build your own image, from the root directory of the OpenStack-Helm
|
||||||
|
repo run:
|
||||||
|
|
||||||
|
.. code:: bash
|
||||||
|
|
||||||
|
sudo docker build \
|
||||||
|
-t docker.io/openstackhelm/vbmc:centos \
|
||||||
|
tools/images/vbmc
|
||||||
|
sudo docker push docker.io/openstackhelm/vbmc:centos
|
Loading…
Reference in New Issue
Block a user