Glance: Backend support and auth improvements
This PS enables the following backends for glance: * PVC * RBD * RadosGW (direct) * Swift It also moves the creation of the RBD pool when required to a storage init job. This job also creates credentials as required for glance to use when accessing the required backend, rather than using the admin keyring. Change-Id: I90fead961ff73a9263826acc794128fa73ead2e1
This commit is contained in:
parent
a929e90a4b
commit
b3f8b812ca
@ -293,7 +293,6 @@ bootstrap:
|
||||
ceph osd pool stats $1 || ceph osd pool create $1 $2
|
||||
}
|
||||
ensure_pool volumes 8
|
||||
ensure_pool images 8
|
||||
|
||||
# if you change provision_storage_class to false
|
||||
# it is presumed you manage your own storage
|
||||
|
@ -233,7 +233,7 @@ more sensible values for the All-in-One environment using the ``--values`` and
|
||||
|
||||
helm install --name=keystone ./keystone --namespace=openstack
|
||||
helm install --name=glance ./glance --namespace=openstack \
|
||||
--values=./tools/overrides/mvp/glance.yaml
|
||||
--set storage=pvc
|
||||
helm install --name=nova ./nova --namespace=openstack \
|
||||
--values=./tools/overrides/mvp/nova.yaml \
|
||||
--set=conf.nova.libvirt.nova.conf.virt_type=qemu
|
||||
|
@ -451,11 +451,25 @@ now create endpoints in the Keystone service catalog:
|
||||
|
||||
**Install Glance:**
|
||||
|
||||
Glance supports a number of backends:
|
||||
|
||||
* ``pvc``: A simple file based backend using Kubernetes PVCs
|
||||
* ``rbd``: Uses Ceph RBD devices to store images.
|
||||
* ``radosgw``: Uses Ceph RadosGW object storage to store images.
|
||||
* ``swift``: Uses the ``object-storage`` service from the OpenStack service
|
||||
catalog to store images.
|
||||
|
||||
You can deploy Glance with any of these backends if you deployed both the
|
||||
RadosGW and created Keystone endpoints by changing the value for
|
||||
``GLANCE_BACKEND`` in the following:
|
||||
|
||||
::
|
||||
|
||||
: ${GLANCE_BACKEND:="radosgw"}
|
||||
helm install --namespace=openstack --name=glance ./glance \
|
||||
--set pod.replicas.api=2 \
|
||||
--set pod.replicas.registry=2
|
||||
--set storage=${GLANCE_BACKEND}
|
||||
|
||||
**Install Heat:**
|
||||
|
||||
|
@ -19,8 +19,8 @@ limitations under the License.
|
||||
set -ex
|
||||
export HOME=/tmp
|
||||
|
||||
cat <<EOF > /etc/ceph/ceph.client.{{ .Values.conf.glance.glance_store.glance.store.rbd_store_user }}.keyring
|
||||
[client.{{ .Values.conf.glance.glance_store.glance.store.rbd_store_user }}]
|
||||
cat <<EOF > /etc/ceph/ceph.client.${RBD_STORE_USER}.keyring
|
||||
[client.${RBD_STORE_USER}]
|
||||
{{- if .Values.conf.ceph.keyring }}
|
||||
key = {{ .Values.conf.ceph.keyring }}
|
||||
{{- else }}
|
||||
|
21
glance/templates/bin/_clean-secrets.sh.tpl
Normal file
21
glance/templates/bin/_clean-secrets.sh.tpl
Normal file
@ -0,0 +1,21 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
|
||||
exec kubectl delete secret --namespace ${NAMESPACE} ${RBD_POOL_SECRET}
|
76
glance/templates/bin/_storage-init.sh.tpl
Normal file
76
glance/templates/bin/_storage-init.sh.tpl
Normal file
@ -0,0 +1,76 @@
|
||||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
set -x
|
||||
if [ "x$STORAGE_BACKEND" == "xrbd" ]; then
|
||||
SECRET=$(mktemp --suffix .yaml)
|
||||
KEYRING=$(mktemp --suffix .keyring)
|
||||
function cleanup {
|
||||
rm -f ${SECRET} ${KEYRING}
|
||||
}
|
||||
trap cleanup EXIT
|
||||
fi
|
||||
|
||||
set -ex
|
||||
if [ "x$STORAGE_BACKEND" == "xpvc" ] || [ "x$STORAGE_BACKEND" == "xswift" ]; then
|
||||
echo "No action required."
|
||||
elif [ "x$STORAGE_BACKEND" == "xrbd" ]; then
|
||||
ceph -s
|
||||
function ensure_pool () {
|
||||
ceph osd pool stats $1 || ceph osd pool create $1 $2
|
||||
}
|
||||
ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE}
|
||||
|
||||
#NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
mon "allow *" \
|
||||
osd "allow *" \
|
||||
-o ${KEYRING}
|
||||
|
||||
ENCODED_KEYRING=$(sed -n 's/^[[:blank:]]*key[[:blank:]]\+=[[:blank:]]\(.*\)/\1/p' ${KEYRING} | base64 -w0)
|
||||
cat > ${SECRET} <<EOF
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: "${RBD_POOL_SECRET}"
|
||||
type: kubernetes.io/rbd
|
||||
data:
|
||||
key: |
|
||||
$( echo ${ENCODED_KEYRING} )
|
||||
EOF
|
||||
kubectl create --namespace ${NAMESPACE} -f ${SECRET}
|
||||
elif [ "x$STORAGE_BACKEND" == "xradosgw" ]; then
|
||||
radosgw-admin user stats --uid="${RADOSGW_USERNAME}" || \
|
||||
radosgw-admin user create \
|
||||
--uid="${RADOSGW_USERNAME}" \
|
||||
--display-name="${RADOSGW_USERNAME} user"
|
||||
|
||||
radosgw-admin subuser create \
|
||||
--uid=${RADOSGW_USERNAME} \
|
||||
--subuser=${RADOSGW_USERNAME}:swift \
|
||||
--access=full
|
||||
|
||||
radosgw-admin key create \
|
||||
--subuser=${RADOSGW_USERNAME}:swift \
|
||||
--key-type=swift \
|
||||
--secret=${RADOSGW_PASSWORD}
|
||||
|
||||
radosgw-admin user modify \
|
||||
--uid=${RADOSGW_USERNAME} \
|
||||
--temp-url-key=${RADOSGW_TMPURL_KEY}
|
||||
fi
|
@ -25,6 +25,8 @@ metadata:
|
||||
data:
|
||||
rally-test.sh: |
|
||||
{{ tuple $rallyTests | include "helm-toolkit.scripts.rally_test" | indent 4 }}
|
||||
storage-init.sh: |+
|
||||
{{ tuple "bin/_storage-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
db-init.py: |
|
||||
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
|
||||
db-sync.sh: |
|
||||
@ -43,6 +45,8 @@ data:
|
||||
{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
ceph-keyring.sh: |+
|
||||
{{ tuple "bin/_ceph-keyring.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
clean.sh: |+
|
||||
{{ tuple "bin/_clean.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
clean-image.sh: |+
|
||||
{{ tuple "bin/_clean-image.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
clean-secrets.sh: |+
|
||||
{{ tuple "bin/_clean-secrets.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
||||
|
@ -115,7 +115,31 @@ limitations under the License.
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.glance.default.glance.api.public_endpoint -}}
|
||||
{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.glance.default.glance.api "public_endpoint" | quote | trunc 0 -}}
|
||||
{{- tuple "image" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.glance.default.glance.api "public_endpoint" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.glance.glance_store.glance.store.stores -}}
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
{{- "file, http, rbd" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
{{- "file, http" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
|
||||
{{- "file, http, swift" | set .Values.conf.glance.glance_store.glance.store "stores" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{- if empty .Values.conf.glance.glance_store.glance.store.default_store -}}
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
{{- "rbd" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
{{- "file" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{ if or (eq .Values.storage "radosgw") (eq .Values.storage "swift") }}
|
||||
{{- "swift" | set .Values.conf.glance.glance_store.glance.store "default_store" | quote | trunc 0 -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
---
|
||||
@ -136,4 +160,6 @@ data:
|
||||
{{- tuple .Values.conf.paste_registry "etc/_glance-registry-paste.ini.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
||||
policy.json: |+
|
||||
{{ toJson .Values.conf.policy | indent 4 }}
|
||||
swift-store.conf: |+
|
||||
{{- tuple .Values.conf.swift_store "etc/_swift-store.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }}
|
||||
{{- end }}
|
||||
|
@ -42,7 +42,6 @@ spec:
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "600" }}
|
||||
initContainers:
|
||||
{{ tuple $envAll $dependencies $mounts_glance_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
- name: glance-perms
|
||||
image: {{ .Values.images.api }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
@ -57,13 +56,15 @@ spec:
|
||||
volumeMounts:
|
||||
- name: glance-images
|
||||
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
|
||||
{{- end }}
|
||||
{{ if eq .Values.storage "ceph" }}
|
||||
{{ if eq .Values.storage "rbd" }}
|
||||
- name: ceph-keyring-placement
|
||||
image: {{ .Values.images.api }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
securityContext:
|
||||
runAsUser: {{ .Values.pod.user.glance.uid }}
|
||||
env:
|
||||
- name: RBD_STORE_USER
|
||||
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_user | quote }}
|
||||
command:
|
||||
- /tmp/ceph-keyring.sh
|
||||
volumeMounts:
|
||||
@ -118,10 +119,13 @@ spec:
|
||||
mountPath: /etc/glance/policy.json
|
||||
subPath: policy.json
|
||||
readOnly: true
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
- name: glance-etc
|
||||
mountPath: {{ .Values.conf.glance.glance_store.glance.store.swift_store_config_file }}
|
||||
subPath: swift-store.conf
|
||||
readOnly: true
|
||||
- name: glance-images
|
||||
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
|
||||
{{- else }}
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: ceph-etc
|
||||
@ -150,6 +154,10 @@ spec:
|
||||
persistentVolumeClaim:
|
||||
claimName: glance-images
|
||||
{{ else }}
|
||||
- name: glance-images
|
||||
emptyDir: {}
|
||||
{{- end }}
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
- name: etcceph
|
||||
emptyDir: {}
|
||||
- name: ceph-etc
|
||||
@ -158,7 +166,7 @@ spec:
|
||||
defaultMode: 0444
|
||||
- name: ceph-keyring
|
||||
secret:
|
||||
secretName: pvc-ceph-client-key
|
||||
secretName: {{ .Values.secrets.rbd | quote }}
|
||||
{{- end }}
|
||||
{{ if $mounts_glance_api.volumes }}{{ toYaml $mounts_glance_api.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
||||
|
30
glance/templates/etc/_swift-store.conf.tpl
Normal file
30
glance/templates/etc/_swift-store.conf.tpl
Normal file
@ -0,0 +1,30 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
[{{ .Values.conf.glance.glance_store.glance.store.default_swift_reference }}]
|
||||
{{- if eq .Values.storage "radosgw" }}
|
||||
auth_version = 1
|
||||
auth_address = {{ tuple "ceph_object_store" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
|
||||
user = {{ .Values.endpoints.ceph_object_store.auth.user.username }}:swift
|
||||
key = {{ .Values.endpoints.ceph_object_store.auth.user.password }}
|
||||
{{- else }}
|
||||
user = {{ .Values.endpoints.identity.auth.user.project_name }}:{{ .Values.endpoints.identity.auth.user.username }}
|
||||
key = {{ .Values.endpoints.identity.auth.user.password }}
|
||||
auth_address = {{ tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
|
||||
user_domain_name = {{ .Values.endpoints.identity.auth.user.user_domain_name }}
|
||||
project_domain_name = {{ .Values.endpoints.identity.auth.user.project_domain_name }}
|
||||
auth_version = 3
|
||||
{{- end -}}
|
@ -32,7 +32,27 @@ spec:
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
containers:
|
||||
- name: glance-clean
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
- name: glance-secret-clean
|
||||
image: {{ .Values.images.storage_init }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
env:
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: RBD_POOL_SECRET
|
||||
value: {{ .Values.secrets.rbd | quote }}
|
||||
command:
|
||||
- /tmp/clean-secrets.sh
|
||||
volumeMounts:
|
||||
- name: glance-bin
|
||||
mountPath: /tmp/clean-secrets.sh
|
||||
subPath: clean-secrets.sh
|
||||
readOnly: true
|
||||
{{ end }}
|
||||
- name: glance-image-clean
|
||||
image: {{ .Values.images.bootstrap }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
@ -41,11 +61,11 @@ spec:
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
command:
|
||||
- /tmp/clean.sh
|
||||
- /tmp/clean-image.sh
|
||||
volumeMounts:
|
||||
- name: glance-bin
|
||||
mountPath: /tmp/clean.sh
|
||||
subPath: clean.sh
|
||||
mountPath: /tmp/clean-image.sh
|
||||
subPath: clean-image.sh
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: glance-bin
|
||||
|
133
glance/templates/job-storage-init.yaml
Normal file
133
glance/templates/job-storage-init.yaml
Normal file
@ -0,0 +1,133 @@
|
||||
{{/*
|
||||
Copyright 2017 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.job_storage_init }}
|
||||
{{- $envAll := . }}
|
||||
{{- $dependencies := .Values.dependencies.storage_init }}
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: glance-storage-init
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "glance" "storage-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ .Values.labels.node_selector_key }}: {{ .Values.labels.node_selector_value }}
|
||||
initContainers:
|
||||
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
{{ if or (eq .Values.storage "rbd") (eq .Values.storage "radosgw") }}
|
||||
- name: ceph-keyring-placement
|
||||
image: {{ .Values.images.api }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
securityContext:
|
||||
runAsUser: {{ .Values.pod.user.glance.uid }}
|
||||
env:
|
||||
- name: RBD_STORE_USER
|
||||
value: admin
|
||||
command:
|
||||
- /tmp/ceph-keyring.sh
|
||||
volumeMounts:
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: glance-bin
|
||||
mountPath: /tmp/ceph-keyring.sh
|
||||
subPath: ceph-keyring.sh
|
||||
readOnly: true
|
||||
- name: ceph-keyring
|
||||
mountPath: /tmp/client-keyring
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{ end }}
|
||||
containers:
|
||||
- name: glance-storage-init
|
||||
image: {{ .Values.images.storage_init }}
|
||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.storage_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
env:
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: STORAGE_BACKEND
|
||||
value: {{ .Values.storage | quote }}
|
||||
{{- if eq .Values.storage "rbd" }}
|
||||
- name: RBD_POOL_NAME
|
||||
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_pool | quote }}
|
||||
- name: RBD_POOL_USER
|
||||
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_user | quote }}
|
||||
- name: RBD_POOL_CHUNK_SIZE
|
||||
value: {{ .Values.conf.glance.glance_store.glance.store.rbd_store_chunk_size | quote }}
|
||||
- name: RBD_POOL_SECRET
|
||||
value: {{ .Values.secrets.rbd | quote }}
|
||||
{{ end }}
|
||||
{{- if eq .Values.storage "radosgw" }}
|
||||
- name: RADOSGW_USERNAME
|
||||
value: {{ .Values.endpoints.ceph_object_store.auth.user.username | quote }}
|
||||
- name: RADOSGW_PASSWORD
|
||||
value: {{ .Values.endpoints.ceph_object_store.auth.user.password | quote }}
|
||||
- name: RADOSGW_TMPURL_KEY
|
||||
value: {{ .Values.endpoints.ceph_object_store.auth.user.tmpurlkey | quote }}
|
||||
{{ end }}
|
||||
command:
|
||||
- /tmp/storage-init.sh
|
||||
volumeMounts:
|
||||
- name: glance-bin
|
||||
mountPath: /tmp/storage-init.sh
|
||||
subPath: storage-init.sh
|
||||
readOnly: true
|
||||
{{ if or (eq .Values.storage "rbd") (eq .Values.storage "radosgw") }}
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
- name: ceph-etc
|
||||
mountPath: /etc/ceph/ceph.conf
|
||||
subPath: ceph.conf
|
||||
readOnly: true
|
||||
- name: ceph-keyring
|
||||
mountPath: /tmp/client-keyring
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{ end }}
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
- name: glance-images
|
||||
mountPath: {{ .Values.conf.glance.glance_store.glance.store.filesystem_store_datadir }}
|
||||
{{ end }}
|
||||
volumes:
|
||||
- name: glance-bin
|
||||
configMap:
|
||||
name: glance-bin
|
||||
defaultMode: 0555
|
||||
{{ if or (eq .Values.storage "rbd") (eq .Values.storage "radosgw") }}
|
||||
- name: etcceph
|
||||
emptyDir: {}
|
||||
- name: ceph-etc
|
||||
configMap:
|
||||
name: ceph-etc
|
||||
defaultMode: 0444
|
||||
- name: ceph-keyring
|
||||
secret:
|
||||
secretName: pvc-ceph-client-key
|
||||
{{ end }}
|
||||
{{- if eq .Values.storage "pvc" }}
|
||||
- name: glance-images
|
||||
persistentVolumeClaim:
|
||||
claimName: glance-images
|
||||
{{ end }}
|
||||
{{- end }}
|
@ -17,8 +17,8 @@
|
||||
# Declare name/value pairs to be passed into your templates.
|
||||
# name: value
|
||||
|
||||
# ceph or pvc
|
||||
storage: ceph
|
||||
# radosgw, rbd, swift or pvc
|
||||
storage: radosgw
|
||||
|
||||
labels:
|
||||
node_selector_key: openstack-control-plane
|
||||
@ -28,6 +28,7 @@ release_group: null
|
||||
|
||||
images:
|
||||
test: docker.io/kolla/ubuntu-source-rally:4.0.0
|
||||
storage_init: quay.io/attcomdev/ceph-daemon:tag-build-master-jewel-ubuntu-16.04
|
||||
db_init: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||
db_sync: docker.io/kolla/ubuntu-source-glance-api:3.0.3
|
||||
ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
|
||||
@ -139,13 +140,15 @@ conf:
|
||||
glance_store:
|
||||
glance:
|
||||
store:
|
||||
stores: file, http, rbd
|
||||
default_store: rbd
|
||||
rbd_store_chunk_size: 8
|
||||
rbd_store_pool: images
|
||||
rbd_store_user: admin
|
||||
rbd_store_user: images
|
||||
rbd_store_ceph_conf: /etc/ceph/ceph.conf
|
||||
filesystem_store_datadir: /var/lib/glance/images
|
||||
default_swift_reference: ref1
|
||||
swift_store_container: glance
|
||||
swift_store_create_container_on_put: true
|
||||
swift_store_config_file: /etc/glance/swift-store.conf
|
||||
paste_deploy:
|
||||
glance:
|
||||
api:
|
||||
@ -170,6 +173,9 @@ conf:
|
||||
glance:
|
||||
registry:
|
||||
flavor: keystone
|
||||
swift_store:
|
||||
override:
|
||||
append:
|
||||
|
||||
network:
|
||||
api:
|
||||
@ -191,6 +197,8 @@ volume:
|
||||
size: 2Gi
|
||||
|
||||
dependencies:
|
||||
storage_init:
|
||||
services:
|
||||
db_init:
|
||||
services:
|
||||
- service: oslo_db
|
||||
@ -203,6 +211,7 @@ dependencies:
|
||||
endpoint: internal
|
||||
bootstrap:
|
||||
jobs:
|
||||
- glance-storage-init
|
||||
- glance-db-sync
|
||||
- glance-ks-user
|
||||
- glance-ks-endpoints
|
||||
@ -227,6 +236,7 @@ dependencies:
|
||||
endpoint: internal
|
||||
api:
|
||||
jobs:
|
||||
- glance-storage-init
|
||||
- glance-db-sync
|
||||
- glance-ks-user
|
||||
- glance-ks-endpoints
|
||||
@ -237,6 +247,7 @@ dependencies:
|
||||
endpoint: internal
|
||||
registry:
|
||||
jobs:
|
||||
- glance-storage-init
|
||||
- glance-db-sync
|
||||
- glance-ks-user
|
||||
- glance-ks-endpoints
|
||||
@ -264,6 +275,7 @@ secrets:
|
||||
oslo_db:
|
||||
admin: glance-db-admin
|
||||
user: glance-db-user
|
||||
rbd: images-rbd-keyring
|
||||
|
||||
# typically overriden by environmental
|
||||
# values, but should include all endpoints
|
||||
@ -374,6 +386,25 @@ endpoints:
|
||||
port:
|
||||
amqp:
|
||||
default: 5672
|
||||
ceph_object_store:
|
||||
name: radosgw
|
||||
namespace: ceph
|
||||
auth:
|
||||
user:
|
||||
username: glance
|
||||
password: password
|
||||
tmpurlkey: supersecret
|
||||
hosts:
|
||||
default: ceph-rgw
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path:
|
||||
default: /auth/v1.0
|
||||
scheme:
|
||||
default: http
|
||||
port:
|
||||
api:
|
||||
default: 8088
|
||||
|
||||
pod:
|
||||
user:
|
||||
@ -433,6 +464,13 @@ pod:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
jobs:
|
||||
storage_init:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
db_sync:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
@ -497,6 +535,7 @@ manifests:
|
||||
job_ks_endpoints: true
|
||||
job_ks_service: true
|
||||
job_ks_user: true
|
||||
job_storage_init: true
|
||||
pdb_api: true
|
||||
pdb_registry: true
|
||||
pod_rally_test: true
|
||||
|
@ -117,17 +117,19 @@ fi
|
||||
|
||||
helm install --namespace=openstack ${WORK_DIR}/etcd --name=etcd-rabbitmq
|
||||
helm install --namespace=openstack ${WORK_DIR}/rabbitmq --name=rabbitmq
|
||||
|
||||
if [[ "x${PVC_BACKEND}" != "xceph" ]] && [[ "x${GLANCE}" != "xpvc" ]] ; then
|
||||
echo "Gate only supports glance with pvc backend when not using ceph"
|
||||
exit 1
|
||||
fi
|
||||
helm install --namespace=openstack ${WORK_DIR}/glance --name=glance \
|
||||
--set storage=${GLANCE}
|
||||
kube_wait_for_pods openstack ${SERVICE_LAUNCH_TIMEOUT}
|
||||
|
||||
helm install --namespace=openstack ${WORK_DIR}/libvirt --name=libvirt
|
||||
helm install --namespace=openstack ${WORK_DIR}/openvswitch --name=openvswitch
|
||||
kube_wait_for_pods openstack ${SERVICE_LAUNCH_TIMEOUT}
|
||||
|
||||
if [ "x$PVC_BACKEND" == "xceph" ]; then
|
||||
helm install --namespace=openstack ${WORK_DIR}/glance --name=glance
|
||||
else
|
||||
helm install --namespace=openstack ${WORK_DIR}/glance --name=glance \
|
||||
--values=${WORK_DIR}/tools/overrides/mvp/glance.yaml
|
||||
fi
|
||||
kube_wait_for_pods openstack ${SERVICE_LAUNCH_TIMEOUT}
|
||||
if [ "x$PVC_BACKEND" == "xceph" ]; then
|
||||
helm install --namespace=openstack ${WORK_DIR}/nova --name=nova \
|
||||
--set=conf.nova.libvirt.nova.conf.virt_type=qemu
|
||||
|
@ -41,6 +41,9 @@ export PVC_BACKEND=${PVC_BACKEND:-"ceph"}
|
||||
export CEPH_RGW_KEYSTONE_ENABLED=${CEPH_RGW_KEYSTONE_ENABLED:-"true"}
|
||||
export OPENSTACK_OBJECT_STORAGE=${OPENSTACK_OBJECT_STORAGE:-"radosgw"}
|
||||
|
||||
# Set Glance Backend options
|
||||
export GLANCE=${GLANCE:-"radosgw"}
|
||||
|
||||
# Set Upstream DNS
|
||||
export UPSTREAM_DNS=${UPSTREAM_DNS:-"8.8.8.8"}
|
||||
|
||||
|
@ -1,33 +0,0 @@
|
||||
# Copyright 2017 The Openstack-Helm Authors.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
# MVP values for glance.
|
||||
# This file contains overrides to launch a MVP deployment of glance for the
|
||||
# OpenStack-Helm Single node gates, and local development use. It should be
|
||||
# kept to the bare minimum required for this purpose.
|
||||
|
||||
storage: pvc
|
||||
|
||||
conf:
|
||||
glance:
|
||||
default:
|
||||
oslo:
|
||||
log:
|
||||
debug: false
|
||||
glance_store:
|
||||
glance:
|
||||
store:
|
||||
stores: file, http
|
||||
default_store: file
|
||||
filesystem_store_datadir: /var/lib/glance/images
|
Loading…
x
Reference in New Issue
Block a user