diff --git a/.gitignore b/.gitignore index 2821f92af1..6b4eeddaac 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ **/*.tgz .idea/ **/_partials.tpl -**/_common.tpl +**/_globals.tpl diff --git a/Makefile b/Makefile index 488f818245..c3de0908a4 100644 --- a/Makefile +++ b/Makefile @@ -1,14 +1,14 @@ -.PHONY: ceph mariadb keystone memcached rabbitmq openstack-base openstack all clean base64 +.PHONY: ceph mariadb keystone memcached rabbitmq common openstack all clean -B64_DIRS := openstack-base/secrets -B64_EXCLUDE := $(wildcard openstack-base/secrets/*.b64) +B64_DIRS := common/secrets +B64_EXCLUDE := $(wildcard common/secrets/*.b64) CHARTS := ceph mariadb rabbitmq memcached keystone openstack -COMMON_TPL := openstack-base/templates/_common.tpl +COMMON_TPL := common/templates/_globals.tpl -all: openstack-base ceph mariadb rabbitmq memcached keystone openstack +all: common ceph mariadb rabbitmq memcached keystone openstack -openstack-base: build-openstack-base +common: build-common ceph: build-ceph @@ -23,24 +23,12 @@ memcached: build-memcached openstack: build-openstack clean: - $(shell rm -rf openstack-base/secrets/*.b64) + $(shell rm -rf common/secrets/*.b64) $(shell rm -rf */templates/_partials.tpl) - $(shell rm -rf */templates/_common.tpl) - echo "Removed all .b64, _partials.tpl, and _common.tpl files" + $(shell rm -rf */templates/_globals.tpl) + echo "Removed all .b64, _partials.tpl, and _globals.tpl files" -build-openstack-base: - # rebuild all base64 values - $(eval B64_OBJS = $(foreach dir,$(B64_DIRS),$(shell find $(dir)/* -type f $(foreach e,$(B64_EXCLUDE), -not -path "$(e)")))) - $(foreach var,$(B64_OBJS),cat $(var) | base64 | perl -pe 'chomp if eof' > $(var).b64;) - - if [ -f openstack-base/Makefile ]; then make -C openstack-base; fi - if [ -f openstack-base/requirements.yaml ]; then helm dep up openstack-base; fi - helm lint openstack-base - helm package openstack-base - $(foreach var,$(CHARTS),$(shell cp $(COMMON_TPL) $(var)/templates)) - build-%: - if [ ! -f $*/templates/_common.tpl ]; then echo; seq -s= 30|tr -d '[:digit:]'; echo "You need to run 'make openstack-base' first to generate _common.tpl"; seq -s= 30|tr -d '[:digit:]'; exit 1; fi; if [ -f $*/Makefile ]; then make -C $*; fi if [ -f $*/requirements.yaml ]; then helm dep up $*; fi helm lint $* diff --git a/README.md b/README.md index cde570fa45..4a8f5f1a03 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ make # generate secrets (ceph, etc.) export osd_cluster_network=10.32.0.0/12 export osd_public_network=10.32.0.0/12 -cd openstack-base/utils/secret-generator +cd common/utils/secret-generator ./generate_secrets.sh all `./generate_secrets.sh fsid` cd ../../.. diff --git a/ceph/README.md b/ceph/README.md index 3f64eb2b8e..ed0fdf5647 100644 --- a/ceph/README.md +++ b/ceph/README.md @@ -84,7 +84,7 @@ kubectl label nodes node-type=storage --all You will need to generate ceph keys and configuration. There is a simple to use utility that can do this quickly. Please note the generator utility (per ceph-docker) requires the sigil template framework: (https://github.com/gliderlabs/sigil) to be installed and on the current path. ``` -cd openstack-base/utils/secret-generator +cd common/utils/secret-generator ./generate_secrets.sh all `./generate_secrets.sh fsid` cd ../../.. ``` diff --git a/ceph/requirements.lock b/ceph/requirements.lock index 0d7c3e7f45..3bcbd6ea74 100644 --- a/ceph/requirements.lock +++ b/ceph/requirements.lock @@ -1,3 +1,6 @@ -dependencies: [] -digest: sha256:81059fe6210ccee4e3349c0f34c12d180f995150128a913d63b65b7937c6b152 -generated: 2016-11-25T16:24:27.602432249-08:00 +dependencies: +- name: common + repository: http://localhost:8879/charts + version: 0.1.0 +digest: sha256:c6a7e430c900036912fe3fdc14213e9280c5da0b6607ce4dcf6dc95535d114fc +generated: 2016-11-29T12:54:37.241999965-08:00 diff --git a/ceph/requirements.yaml b/ceph/requirements.yaml index 32cf5dda7e..5a6564045d 100644 --- a/ceph/requirements.yaml +++ b/ceph/requirements.yaml @@ -1 +1,5 @@ -dependencies: [] +dependencies: + - name: common + repository: http://localhost:8879/charts + version: 0.1.0 + diff --git a/ceph/templates/secrets.yaml b/ceph/templates/secrets.yaml index ba35210723..0dde40ebad 100644 --- a/ceph/templates/secrets.yaml +++ b/ceph/templates/secrets.yaml @@ -1,24 +1,16 @@ --- apiVersion: v1 kind: Secret -metadata: - name: "ceph-conf-combined-storageclass" -type: kubernetes.io/rbd -data: - key: {{ include "secrets/ceph-client-key.b64" . | quote }} ---- -apiVersion: v1 -kind: Secret metadata: name: "ceph-conf-combined" type: Opaque data: ceph.conf: | -{{ include "secrets/ceph.conf.b64" .| indent 4 }} +{{ include "secrets/ceph.conf" . | b64enc | indent 4 }} ceph.client.admin.keyring: | -{{ include "secrets/ceph.client.admin.keyring.b64" . | indent 4 }} +{{ include "secrets/ceph.client.admin.keyring" . | b64enc | indent 4 }} ceph.mon.keyring: | -{{ include "secrets/ceph.mon.keyring.b64" . | indent 4 }} +{{ include "secrets/ceph.mon.keyring" . | b64enc | indent 4 }} --- apiVersion: v1 kind: Secret @@ -27,7 +19,7 @@ metadata: type: Opaque data: ceph.keyring: | -{{ include "secrets/ceph.rgw.keyring.b64" . | indent 4 }} +{{ include "secrets/ceph.rgw.keyring" . | b64enc | indent 4 }} --- apiVersion: v1 kind: Secret @@ -36,7 +28,7 @@ metadata: type: Opaque data: ceph.keyring: | -{{ include "secrets/ceph.mds.keyring.b64" . | indent 4 }} +{{ include "secrets/ceph.mds.keyring" . | b64enc | indent 4 }} --- apiVersion: v1 kind: Secret @@ -45,7 +37,7 @@ metadata: type: Opaque data: ceph.keyring: | -{{ include "secrets/ceph.osd.keyring.b64" . | indent 4 }} +{{ include "secrets/ceph.osd.keyring" . | b64enc | indent 4 }} --- apiVersion: v1 kind: Secret @@ -53,4 +45,4 @@ metadata: name: "ceph-client-key" type: Opaque data: - ceph-client-key: {{ include "secrets/ceph-client-key.b64" . | quote }} + ceph-client-key: {{ include "secrets/ceph-client-key" . | b64enc | quote }} diff --git a/ceph/templates/storage.yaml b/ceph/templates/storage.yaml index 6d00770b2c..40b9fe7a87 100644 --- a/ceph/templates/storage.yaml +++ b/ceph/templates/storage.yaml @@ -1,3 +1,5 @@ +# note that these secrets are handled by the common chart, not the ceph +# chart, as we likely want them "everywhere" --- apiVersion: storage.k8s.io/v1beta1 kind: StorageClass @@ -5,10 +7,10 @@ metadata: name: general provisioner: kubernetes.io/rbd parameters: - monitors: ceph-mon.ceph:6789 + monitors: ceph-mon.{{.Release.Namespace}}:6789 adminId: admin - adminSecretName: ceph-conf-combined-storageclass - adminSecretNamespace: ceph + adminSecretName: pvc-ceph-conf-combined-storageclass + adminSecretNamespace: {{.Release.Namespace}} pool: rbd userId: admin - userSecretName: ceph-client-key + userSecretName: pvc-ceph-client-key \ No newline at end of file diff --git a/common/.gitignore b/common/.gitignore new file mode 100644 index 0000000000..d1f0fc1755 --- /dev/null +++ b/common/.gitignore @@ -0,0 +1,2 @@ +secrets/* +templates/_secrets.tpl diff --git a/openstack-base/.helmignore b/common/.helmignore similarity index 100% rename from openstack-base/.helmignore rename to common/.helmignore diff --git a/openstack-base/Chart.yaml b/common/Chart.yaml similarity index 79% rename from openstack-base/Chart.yaml rename to common/Chart.yaml index 7fc833d3be..bd300afd6d 100755 --- a/openstack-base/Chart.yaml +++ b/common/Chart.yaml @@ -1,4 +1,4 @@ apiVersion: v1 description: A base chart for all openstack charts -name: openstack-base +name: common version: 0.1.0 diff --git a/common/Makefile b/common/Makefile new file mode 100644 index 0000000000..410cd4cd7c --- /dev/null +++ b/common/Makefile @@ -0,0 +1,7 @@ +EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* common/Chart.yaml +SECRETS := $(shell find secrets -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) + +templates/_secrets.tpl: Makefile $(SECRETS) + echo Generating $(CURDIR)/$@ + rm -f $@ + for i in $(SECRETS); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done diff --git a/openstack-base/requirements.lock b/common/requirements.lock similarity index 100% rename from openstack-base/requirements.lock rename to common/requirements.lock diff --git a/openstack-base/requirements.yaml b/common/requirements.yaml similarity index 100% rename from openstack-base/requirements.yaml rename to common/requirements.yaml diff --git a/common/templates/_funcs.tpl b/common/templates/_funcs.tpl new file mode 100644 index 0000000000..87646f8cb2 --- /dev/null +++ b/common/templates/_funcs.tpl @@ -0,0 +1,9 @@ +{{- define "template" -}} +{{- $name := index . 0 -}} +{{- $context := index . 1 -}} +{{- $v:= $context.Template.Name | split "/" -}} +{{- $n := len $v -}} +{{- $last := sub $n 1 | printf "_%d" | index $v -}} +{{- $wtf := $context.Template.Name | replace $last $name -}} +{{ include $wtf $context }} +{{- end -}} diff --git a/openstack-base/templates/_hosts.tpl b/common/templates/_hosts.tpl similarity index 100% rename from openstack-base/templates/_hosts.tpl rename to common/templates/_hosts.tpl diff --git a/common/templates/secrets.yaml b/common/templates/secrets.yaml new file mode 100644 index 0000000000..3f6d335cb7 --- /dev/null +++ b/common/templates/secrets.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "pvc-ceph-conf-combined-storageclass" +type: kubernetes.io/rbd +data: + key: {{ include "secrets/ceph-client-key" . | quote }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: "pvc-ceph-client-key" +type: kubernetes.io/rbd +data: + key: {{ include "secrets/ceph-client-key" . | quote }} diff --git a/openstack-base/utils/secret-generator/README.md b/common/utils/secret-generator/README.md similarity index 100% rename from openstack-base/utils/secret-generator/README.md rename to common/utils/secret-generator/README.md diff --git a/openstack-base/utils/secret-generator/ceph-key.py b/common/utils/secret-generator/ceph-key.py similarity index 100% rename from openstack-base/utils/secret-generator/ceph-key.py rename to common/utils/secret-generator/ceph-key.py diff --git a/openstack-base/utils/secret-generator/generate_secrets.sh b/common/utils/secret-generator/generate_secrets.sh similarity index 100% rename from openstack-base/utils/secret-generator/generate_secrets.sh rename to common/utils/secret-generator/generate_secrets.sh diff --git a/openstack-base/utils/secret-generator/templates/ceph/admin.keyring.tmpl b/common/utils/secret-generator/templates/ceph/admin.keyring.tmpl similarity index 100% rename from openstack-base/utils/secret-generator/templates/ceph/admin.keyring.tmpl rename to common/utils/secret-generator/templates/ceph/admin.keyring.tmpl diff --git a/openstack-base/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl b/common/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl similarity index 100% rename from openstack-base/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl rename to common/utils/secret-generator/templates/ceph/bootstrap.keyring.tmpl diff --git a/openstack-base/utils/secret-generator/templates/ceph/ceph.conf.tmpl b/common/utils/secret-generator/templates/ceph/ceph.conf.tmpl similarity index 100% rename from openstack-base/utils/secret-generator/templates/ceph/ceph.conf.tmpl rename to common/utils/secret-generator/templates/ceph/ceph.conf.tmpl diff --git a/openstack-base/utils/secret-generator/templates/ceph/mon.keyring.tmpl b/common/utils/secret-generator/templates/ceph/mon.keyring.tmpl similarity index 100% rename from openstack-base/utils/secret-generator/templates/ceph/mon.keyring.tmpl rename to common/utils/secret-generator/templates/ceph/mon.keyring.tmpl diff --git a/openstack-base/utils/test/ceph-rbd-test.yaml b/common/utils/test/ceph-rbd-test.yaml similarity index 100% rename from openstack-base/utils/test/ceph-rbd-test.yaml rename to common/utils/test/ceph-rbd-test.yaml diff --git a/openstack-base/values.yaml b/common/values.yaml similarity index 100% rename from openstack-base/values.yaml rename to common/values.yaml diff --git a/keystone/requirements.yaml b/keystone/requirements.yaml index e6cd7e38a0..d95ff2531b 100644 --- a/keystone/requirements.yaml +++ b/keystone/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - - name: openstack-base + - name: common repository: http://localhost:8879/charts version: 0.1.0 dependencies: diff --git a/mariadb/requirements.lock b/mariadb/requirements.lock index 668c75b892..e992d3b617 100644 --- a/mariadb/requirements.lock +++ b/mariadb/requirements.lock @@ -1,6 +1,6 @@ dependencies: -- name: openstack-base +- name: common repository: http://localhost:8879/charts version: 0.1.0 -digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e -generated: 2016-11-25T16:24:28.454876345-08:00 +digest: sha256:c6a7e430c900036912fe3fdc14213e9280c5da0b6607ce4dcf6dc95535d114fc +generated: 2016-11-29T11:31:25.670403608-08:00 diff --git a/mariadb/requirements.yaml b/mariadb/requirements.yaml index a16c269ac6..2350b1facb 100644 --- a/mariadb/requirements.yaml +++ b/mariadb/requirements.yaml @@ -1,4 +1,4 @@ dependencies: - - name: openstack-base + - name: common repository: http://localhost:8879/charts version: 0.1.0 diff --git a/memcached/requirements.lock b/memcached/requirements.lock index aa761e9a08..777c352bf5 100644 --- a/memcached/requirements.lock +++ b/memcached/requirements.lock @@ -1,6 +1,6 @@ dependencies: -- name: openstack-base +- name: common repository: http://localhost:8879/charts version: 0.1.0 -digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e -generated: 2016-11-25T16:24:49.79575501-08:00 +digest: sha256:c6a7e430c900036912fe3fdc14213e9280c5da0b6607ce4dcf6dc95535d114fc +generated: 2016-11-29T11:31:27.05384225-08:00 diff --git a/memcached/requirements.yaml b/memcached/requirements.yaml index a16c269ac6..2350b1facb 100644 --- a/memcached/requirements.yaml +++ b/memcached/requirements.yaml @@ -1,4 +1,4 @@ dependencies: - - name: openstack-base + - name: common repository: http://localhost:8879/charts version: 0.1.0 diff --git a/openstack-base/.gitignore b/openstack-base/.gitignore deleted file mode 100644 index ce71aabd5c..0000000000 --- a/openstack-base/.gitignore +++ /dev/null @@ -1 +0,0 @@ -secrets/* diff --git a/openstack-base/Makefile b/openstack-base/Makefile deleted file mode 100644 index 4707e07f64..0000000000 --- a/openstack-base/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile utils/* openstack-base/Chart.yaml -FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) - -templates/_common.tpl: Makefile $(FILES) - echo Generating $(CURDIR)/$@ - rm -f $@ - for i in $(FILES); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done diff --git a/openstack/Makefile b/openstack/Makefile deleted file mode 100644 index c0244715cf..0000000000 --- a/openstack/Makefile +++ /dev/null @@ -1,7 +0,0 @@ -EXCLUDE := templates/* charts/* Chart.yaml requirement* values.yaml Makefile openstack-base/Chart.yaml -FILES := $(shell find * -type f $(foreach e,$(EXCLUDE), -not -path "$(e)") ) - -templates/_partials.tpl: Makefile $(FILES) - echo Generating $(CURDIR)/$@ - rm -f $@ - for i in $(FILES); do printf '{{ define "'$$i'" }}' >> $@; cat $$i >> $@; printf "{{ end }}\n" >> $@; done diff --git a/openstack/requirements.lock b/openstack/requirements.lock index 5c8286499b..51ea2d5fe7 100644 --- a/openstack/requirements.lock +++ b/openstack/requirements.lock @@ -1,5 +1,5 @@ dependencies: -- name: openstack-base +- name: common repository: http://localhost:8879/charts version: 0.1.0 - name: memcached @@ -14,5 +14,5 @@ dependencies: - name: keystone repository: http://localhost:8879/charts version: 0.1.0 -digest: sha256:cbe0cda88c1f8f7daf37f58e8d38c913478630687b22f8e622950c08cb2fdc6d -generated: 2016-11-25T15:34:47.932395616-08:00 +digest: sha256:e92d6b6811d65492a95e4db258d516bfd7dd540108bb3d0e92e7dabc13ae2bbf +generated: 2016-11-29T11:31:33.541933538-08:00 diff --git a/openstack/requirements.yaml b/openstack/requirements.yaml index c7490eb713..d8e0ba454e 100644 --- a/openstack/requirements.yaml +++ b/openstack/requirements.yaml @@ -1,5 +1,5 @@ dependencies: - - name: openstack-base + - name: common version: 0.1.0 repository: http://localhost:8879/charts - name: memcached diff --git a/openstack/templates/secrets.yaml b/openstack/templates/secrets.yaml deleted file mode 100644 index 9344d9ea81..0000000000 --- a/openstack/templates/secrets.yaml +++ /dev/null @@ -1,9 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - namespace: {{.Release.Namespace}} - name: "ceph-client-key" -type: kubernetes.io/rbd -data: - key: {{ include "secrets/ceph-client-key.b64" . | quote }} \ No newline at end of file diff --git a/rabbitmq/requirements.lock b/rabbitmq/requirements.lock index 8e566c724e..6ba5103cdf 100644 --- a/rabbitmq/requirements.lock +++ b/rabbitmq/requirements.lock @@ -1,6 +1,6 @@ dependencies: -- name: openstack-base +- name: common repository: http://localhost:8879/charts version: 0.1.0 -digest: sha256:178ec6c44cf73c5d3c6d47eccee30b1b7f7e373c57af4e37fe7ea85f3549660e -generated: 2016-11-25T16:24:29.266938266-08:00 +digest: sha256:c6a7e430c900036912fe3fdc14213e9280c5da0b6607ce4dcf6dc95535d114fc +generated: 2016-11-29T11:31:26.360492977-08:00 diff --git a/rabbitmq/requirements.yaml b/rabbitmq/requirements.yaml index a16c269ac6..2350b1facb 100644 --- a/rabbitmq/requirements.yaml +++ b/rabbitmq/requirements.yaml @@ -1,4 +1,4 @@ dependencies: - - name: openstack-base + - name: common repository: http://localhost:8879/charts version: 0.1.0 diff --git a/rabbitmq/templates/bin-configmap.yaml b/rabbitmq/templates/bin-configmap.yaml new file mode 100644 index 0000000000..a14fcecc31 --- /dev/null +++ b/rabbitmq/templates/bin-configmap.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: rabbitmq-bin + labels: + system: openstack + type: configuration + component: messaging +data: + start_rabbitmq.sh: | +{{ tuple "bin/_start_rabbit.tpl" . | include "template" | indent 4 }} diff --git a/rabbitmq/templates/bin/_start_rabbit.tpl b/rabbitmq/templates/bin/_start_rabbit.tpl new file mode 100644 index 0000000000..253ce26470 --- /dev/null +++ b/rabbitmq/templates/bin/_start_rabbit.tpl @@ -0,0 +1,18 @@ +chown -R rabbitmq:rabbitmq /var/lib/rabbitmq + +/etc/init.d/rabbitmq-server start + +rabbitmq-plugins enable rabbitmq_tracing +rabbitmqctl trace_on + +rabbitmqctl add_user {{ .Values.auth.default_user }} {{ .Values.auth.default_pass }} || true +rabbitmqctl set_permissions {{ .Values.auth.default_user }} ".*" ".*" ".*" || true + +rabbitmqctl add_user {{ .Values.auth.admin_user }} {{ .Values.auth.admin_pass }}|| true +rabbitmqctl set_permissions {{ .Values.auth.admin_user }} ".*" ".*" ".*" || true +rabbitmqctl set_user_tags {{ .Values.auth.admin_user }} administrator || true + +rabbitmqctl change_password guest {{ .Values.auth.default_pass }} || true +rabbitmqctl set_user_tags guest monitoring || true +/etc/init.d/rabbitmq-server stop +exec rabbitmq-server \ No newline at end of file diff --git a/rabbitmq/templates/start_rabbitmq.yaml b/rabbitmq/templates/start_rabbitmq.yaml deleted file mode 100644 index 7f9533b477..0000000000 --- a/rabbitmq/templates/start_rabbitmq.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: start-rabbitmq - labels: - system: openstack - type: configuration - component: messaging - -data: - start_rabbitmq.sh: | - - chown -R rabbitmq:rabbitmq /var/lib/rabbitmq - - /etc/init.d/rabbitmq-server start - - rabbitmq-plugins enable rabbitmq_tracing - rabbitmqctl trace_on - - rabbitmqctl add_user {{ .Values.auth.default_user }} {{ .Values.auth.default_pass }} || true - rabbitmqctl set_permissions {{ .Values.auth.default_user }} ".*" ".*" ".*" || true - - rabbitmqctl add_user {{ .Values.auth.admin_user }} {{ .Values.auth.admin_pass }}|| true - rabbitmqctl set_permissions {{ .Values.auth.admin_user }} ".*" ".*" ".*" || true - rabbitmqctl set_user_tags {{ .Values.auth.admin_user }} administrator || true - - rabbitmqctl change_password guest {{ .Values.auth.default_pass }} || true - rabbitmqctl set_user_tags guest monitoring || true - /etc/init.d/rabbitmq-server stop - exec rabbitmq-server -