diff --git a/designate/templates/bin/_designate-service-cleaner.sh.tpl b/designate/templates/bin/_designate-service-cleaner.sh.tpl new file mode 100644 index 0000000000..aada3787da --- /dev/null +++ b/designate/templates/bin/_designate-service-cleaner.sh.tpl @@ -0,0 +1,8 @@ +# Copyright (c) 2025 VEXXHOST, Inc. +# SPDX-License-Identifier: Apache-2.0 + +set -ex + +designate-manage \ + --config-file /etc/designate/designate.conf \ + service clean diff --git a/designate/templates/configmap-bin.yaml b/designate/templates/configmap-bin.yaml index 2d93be0ea0..a3217d24ff 100644 --- a/designate/templates/configmap-bin.yaml +++ b/designate/templates/configmap-bin.yaml @@ -44,6 +44,8 @@ data: {{ tuple "bin/_designate-producer.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} designate-sink.sh: | {{ tuple "bin/_designate-sink.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + designate-service-cleaner.sh: | +{{ tuple "bin/_designate-service-cleaner.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} rabbit-init.sh: | {{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }} diff --git a/designate/templates/cron-job-service.cleaner.yaml b/designate/templates/cron-job-service.cleaner.yaml new file mode 100644 index 0000000000..78db536e1b --- /dev/null +++ b/designate/templates/cron-job-service.cleaner.yaml @@ -0,0 +1,98 @@ +# Copyright (c) 2025 VEXXHOST, Inc. +# SPDX-License-Identifier: Apache-2.0 + +{{- if .Values.manifests.cron_job_service_cleaner }} +{{- $envAll := . }} + +{{- $mounts_designate_service_cleaner := .Values.pod.mounts.designate_service_cleaner.designate_service_cleaner }} +{{- $mounts_designate_service_cleaner_init := .Values.pod.mounts.designate_service_cleaner.init_container }} + +{{- $serviceAccountName := "designate-service-cleaner" }} +{{ tuple $envAll "service_cleaner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: batch/v1 +kind: CronJob +metadata: + name: designate-service-cleaner + annotations: + {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} +spec: + schedule: {{ .Values.jobs.service_cleaner.cron | quote }} + successfulJobsHistoryLimit: {{ .Values.jobs.service_cleaner.history.success }} + failedJobsHistoryLimit: {{ .Values.jobs.service_cleaner.history.failed }} + concurrencyPolicy: Forbid + jobTemplate: + metadata: + labels: +{{ tuple $envAll "designate" "service-cleaner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} +{{ dict "envAll" $envAll "podName" "designate-service-cleaner" "containerNames" (list "init" "designate-service-cleaner" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: + template: + metadata: + labels: +{{ tuple $envAll "designate" "service-cleaner" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }} + annotations: +{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 12 }} +{{ dict "envAll" $envAll "podName" "designate-service-cleaner" "containerNames" (list "init" "designate-service-cleaner" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} + spec: +{{ tuple "designate_service_cleaner" . | include "helm-toolkit.snippets.kubernetes_pod_priority_class" | indent 6 }} +{{ tuple "designate_service_cleaner" . | include "helm-toolkit.snippets.kubernetes_pod_runtime_class" | indent 6 }} + serviceAccountName: {{ $serviceAccountName }} + restartPolicy: OnFailure + nodeSelector: + {{ .Values.labels.service_cleaner.node_selector_key }}: {{ .Values.labels.service_cleaner.node_selector_value }} + initContainers: +{{ tuple $envAll "service_cleaner" $mounts_designate_service_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} + containers: + - name: designate-service-cleaner +{{ tuple $envAll "designate_service_cleaner" | include "helm-toolkit.snippets.image" | indent 14 }} +{{ tuple $envAll $envAll.Values.pod.resources.jobs.service_cleaner | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }} + command: + - /tmp/designate-service-cleaner.sh + volumeMounts: + - name: designate-bin + mountPath: /tmp/designate-service-cleaner.sh + subPath: designate-service-cleaner.sh + readOnly: true + - name: pod-etc-designate + mountPath: /etc/designate + - name: pod-var-cache-designate + mountPath: /var/cache/designate + - name: designate-etc + mountPath: /etc/designate/designate.conf + subPath: designate.conf + readOnly: true + - name: designate-etc + mountPath: /etc/designate/api-paste.ini + subPath: api-paste.ini + readOnly: true + - name: designate-etc + mountPath: /etc/designate/policy.yaml + subPath: policy.yaml + readOnly: true + {{- if .Values.conf.designate.DEFAULT.log_config_append }} + - name: designate-etc + mountPath: {{ .Values.conf.designate.DEFAULT.log_config_append }} + subPath: {{ base .Values.conf.designate.DEFAULT.log_config_append }} + readOnly: true + {{- end }} +{{ if $mounts_designate_service_cleaner.volumeMounts }}{{ toYaml $mounts_designate_service_cleaner.volumeMounts | indent 16 }}{{ end }} + volumes: + - name: pod-etc-designate + emptyDir: {} + - name: pod-var-cache-designate + emptyDir: {} + - name: designate-bin + configMap: + name: designate-bin + defaultMode: 0555 + - name: designate-etc + secret: + secretName: designate-etc + defaultMode: 0444 +{{ if $mounts_designate_service_cleaner.volumes }}{{ toYaml $mounts_designate_service_cleaner.volumes | indent 12 }}{{ end }} +{{- end }} diff --git a/designate/values.yaml b/designate/values.yaml index be9d7e5727..4d52caf648 100644 --- a/designate/values.yaml +++ b/designate/values.yaml @@ -37,6 +37,9 @@ labels: mdns: node_selector_key: openstack-control-plane node_selector_value: enabled + service_cleaner: + node_selector_key: openstack-control-plane + node_selector_value: enabled sink: node_selector_key: openstack-control-plane node_selector_value: enabled @@ -58,6 +61,7 @@ images: designate_worker: quay.io/airshipit/designate:2024.1-ubuntu_jammy designate_producer: quay.io/airshipit/designate:2024.1-ubuntu_jammy designate_sink: quay.io/airshipit/designate:2024.1-ubuntu_jammy + designate_service_cleaner: quay.io/airshipit/designate:2024.1-ubuntu_jammy pull_policy: "IfNotPresent" local_registry: active: false @@ -98,6 +102,11 @@ pod: designate_producer: volumeMounts: volumes: + designate_service_cleaner: + init_container: null + designate_service_cleaner: + volumeMounts: + volumes: designate_sink: init_container: null designate_sink: @@ -200,6 +209,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + service_cleaner: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" tests: requests: memory: "128Mi" @@ -729,9 +745,17 @@ endpoints: powerdns: default: 53 +jobs: + service_cleaner: + cron: "*/10 * * * *" + history: + success: 3 + failed: 1 + manifests: configmap_bin: true configmap_etc: true + cron_job_service_cleaner: true deployment_api: true deployment_central: true deployment_worker: true diff --git a/releasenotes/notes/designate-9ed4257ab657b224.yaml b/releasenotes/notes/designate-9ed4257ab657b224.yaml new file mode 100644 index 0000000000..dec007eae9 --- /dev/null +++ b/releasenotes/notes/designate-9ed4257ab657b224.yaml @@ -0,0 +1,6 @@ +--- +designate: + - | + Add a periodic job to clean Designate services which not report + it's heartbeat within two heartbeat interval cycle. +...