openstack/openstack-helm
Code Issues Proposed changes

Adding keystone

Browse Source
This commit is contained in:
pprokop 2016-11-18 16:45:56 +01:00
parent fdeb41df20
commit 73caaf06da
12 changed files with 310 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
keystone/Chart.yaml Normal file
View File

@ -0,0 +1,3 @@
description: A Helm chart for keystone
name: keystone
version: 0.1.0

11
keystone/templates/db-sync.sh.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-dbsyncsh
data:
db-sync.sh: |+
#!/bin/bash
set -ex
keystone-manage db_sync
kolla_keystone_bootstrap {{ .Values.global.keystone.admin_user }} {{ .Values.global.keystone.admin_password }} {{ .Values.global.keystone.admin_project_name }} admin http://keystone-api:{{ .Values.global.network.port.admin }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 http://keystone-api:{{ .Values.global.network.port.public }}/v3 {{ .Values.global.keystone.admin_region_name }}

43
keystone/templates/db-sync.yaml Normal file
View File

@ -0,0 +1,43 @@
apiVersion: batch/v1
kind: Job
metadata:
name: keystone-db-sync
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: keystone-init
image: {{ .Values.global.deployment.image.db_sync }}
imagePullPolicy: Always
env:
- name: INTERFACE_NAME
value: "eth0"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/db-sync.sh"
- name: DEPENDENCY_JOBS
value: "keystone-init,mariadb-seed"
- name: DEPENDENCY_SERVICE
value: "mariadb"
volumeMounts:
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
- name: dbsyncsh
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
volumes:
- name: keystoneconf
configMap:
name: keystone-keystoneconf
- name: dbsyncsh
configMap:
name: keystone-dbsyncsh

70
keystone/templates/deployment.yaml Normal file
View File

@ -0,0 +1,70 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: keystone-api
spec:
replicas: {{ .Values.global.deployment.replicas }}
template:
metadata:
labels:
app: keystone-api
spec:
nodeSelector:
{{ .Values.global.deployment.control_node_label }}: enabled
containers:
- name: keystone-api
image: {{ .Values.global.deployment.image.api }}
env:
- name: INTERFACE_NAME
value: "eth0"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/start.sh"
- name: DEPENDENCY_JOBS
value: "keystone-init,keystone-db-sync,mariadb-seed"
- name: DEPENDENCY_SERVICE
value: "mariadb,rabbitmq"
- name: DEPENDENCY_CONFIG
value: "/etc/apache2/conf-enabled/wsgi-keystone.conf"
ports:
- containerPort: {{ .Values.global.network.port.public }}
- containerPort: {{ .Values.global.network.port.admin }}
readinessProbe:
tcpSocket:
port: {{ .Values.global.network.port.public }}
volumeMounts:
- name: keystoneconf
mountPath: /etc/keystone/keystone.conf
subPath: keystone.conf
- name: wsgikeystone
mountPath: /configmaps/wsgi-keystone.conf
- name: mpmeventconf
mountPath: /etc/apache2/mods-available/mpm_event.conf
subPath: mpm_event.conf
- name: startsh
mountPath: /tmp/start.sh
subPath: start.sh
volumes:
- name: keystoneconf
configMap:
name: keystone-keystoneconf
- name: wsgikeystone
configMap:
name: keystone-wsgikeystone
- name: mpmeventconf
configMap:
name: keystone-mpmeventconf
# https://github.com/kubernetes/kubernetes/issues/23722
items:
- key: mpm-event.conf
path: mpm_event.conf
- name: startsh
configMap:
name: keystone-startsh

13
keystone/templates/init.sh.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-initsh
data:
init.sh: |+
#!/bin/bash
set -ex
export HOME=/tmp
ansible localhost -vvv -m mysql_db -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_database_name }}'"
ansible localhost -vvv -m mysql_user -a "login_host='{{ .Values.global.database.address }}' login_port='{{ .Values.global.database.port }}' login_user='{{ .Values.global.database.root_user }}' login_password='{{ .Values.global.database.root_password }}' name='{{ .Values.global.database.keystone_user }}' password='{{ .Values.global.database.keystone_password }}' host='%' priv='{{ .Values.global.database.keystone_database_name }}.*:ALL' append_privs='yes'"

37
keystone/templates/init.yaml Normal file
View File

@ -0,0 +1,37 @@
apiVersion: batch/v1
kind: Job
metadata:
name: keystone-init
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: keystone-init
image: {{ .Values.global.deployment.image.init }}
imagePullPolicy: Always
env:
- name: INTERFACE_NAME
value: "eth0"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: COMMAND
value: "bash /tmp/init.sh"
- name: DEPENDENCY_JOBS
value: "mariadb-seed"
- name: DEPENDENCY_SERVICE
value: "mariadb"
volumeMounts:
- name: initsh
mountPath: /tmp/init.sh
subPath: init.sh
volumes:
- name: initsh
configMap:
name: keystone-initsh

26
keystone/templates/keystone.conf.yaml Normal file
View File

@ -0,0 +1,26 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-keystoneconf
data:
keystone.conf: |+
[DEFAULT]
debug = {{ .Values.global.misc.debug }}
use_syslog = False
use_stderr = True
workers = {{ .Values.global.misc.workers }}
[database]
connection = mysql+pymysql://{{ .Values.global.database.keystone_user }}:{{ .Values.global.database.keystone_password }}@{{ .Values.global.database.address }}/{{ .Values.global.database.keystone_database_name }}
max_retries = -1
[memcache]
servers = {{ .Values.global.memcached.address }}
[cache]
backend = dogpile.cache.memcached
memcache_servers = {{.Values.global.memcached.address}}
config_prefix = cache.keystone
distributed_lock = True
enabled = True

15
keystone/templates/mpm_event.conf.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-mpmeventconf
data:
mpm-event.conf: |+
<IfModule mpm_event_module>
ServerLimit 1024
StartServers 32
MinSpareThreads 32
MaxSpareThreads 256
ThreadsPerChild 25
MaxRequestsPerChild 128
ThreadLimit 720
</IfModule>

12
keystone/templates/service.yaml Normal file
View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: keystone-api
spec:
ports:
- name: keystone-api-public
port: {{ .Values.global.network.port.public }}
- name: keystone-api-admin
port: {{ .Values.global.network.port.admin }}
selector:
app: keystone-api

15
keystone/templates/start.sh.yaml Normal file
View File

@ -0,0 +1,15 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-startsh
data:
start.sh: |+
#!/bin/bash
set -ex
# Loading Apache2 ENV variables
source /etc/apache2/envvars
rm -rf /var/run/apache2/*
APACHE_DIR="apache2"
apache2 -DFOREGROUND

34
keystone/templates/wsgi-keystone.conf.yaml Normal file
View File

@ -0,0 +1,34 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-wsgikeystone
data:
wsgi-keystone.conf: |+
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.public }}
Listen {{ .Values.global.network.ip_address }}:{{ .Values.global.network.port.admin }}
<VirtualHost *:{{ .Values.global.network.port.public }}>
WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /var/www/cgi-bin/keystone/main
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>
<VirtualHost *:{{ .Values.global.network.port.admin }}>
WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog "|$/bin/cat 1>&2"
CustomLog "|/bin/cat" combined
</VirtualHost>

31
keystone/values.yaml Normal file
View File

@ -0,0 +1,31 @@
global:
deployment:
replicas: 1
control_node_label: openstack-control-plane
image:
db_sync: quay.io/stackanetes/stackanetes-keystone-api:newton
api: quay.io/stackanetes/stackanetes-keystone-api:newton
init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
network:
port:
admin: 35357
public: 5000
ip_address: "{{ .IP }}"
database:
address: mariadb
port: 3306
root_user: root
root_password: password
keystone_database_name: keystone
keystone_password: password
keystone_user: keystone
keystone:
admin_region_name: RegionOne
admin_user: admin
admin_password: password
admin_project_name: admin
memcached:
address: memcached
misc:
workers: 8
debug: false