diff --git a/heat/templates/bin/_db-init.sh.tpl b/heat/templates/bin/_db-init.sh.tpl deleted file mode 100644 index a2a6a629ce..0000000000 --- a/heat/templates/bin/_db-init.sh.tpl +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/bash - -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -set -ex -export HOME=/tmp - -ansible localhost -vvv \ - -m mysql_db -a "login_host='{{ .Values.database.address }}' \ - login_port='{{ .Values.database.port }}' \ - login_user='{{ .Values.database.root_user }}' \ - login_password='{{ .Values.database.root_password }}' \ - name='{{ .Values.database.heat_database_name }}'" - -ansible localhost -vvv \ - -m mysql_user -a "login_host='{{ .Values.database.address }}' \ - login_port='{{ .Values.database.port }}' \ - login_user='{{ .Values.database.root_user }}' \ - login_password='{{ .Values.database.root_password }}' \ - name='{{ .Values.database.heat_user }}' \ - password='{{ .Values.database.heat_password }}' \ - host='%' \ - priv='{{ .Values.database.heat_database_name }}.*:ALL' \ - append_privs='yes'" diff --git a/heat/templates/bin/_db-sync.sh.tpl b/heat/templates/bin/_db-sync.sh.tpl new file mode 100644 index 0000000000..214887b43c --- /dev/null +++ b/heat/templates/bin/_db-sync.sh.tpl @@ -0,0 +1,19 @@ +#!/bin/bash + +# Copyright 2017 The Openstack-Helm Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex + +heat-manage db_sync diff --git a/heat/templates/configmap-bin.yaml b/heat/templates/configmap-bin.yaml index 518742c85f..60fd2bde50 100644 --- a/heat/templates/configmap-bin.yaml +++ b/heat/templates/configmap-bin.yaml @@ -17,8 +17,10 @@ kind: ConfigMap metadata: name: heat-bin data: - db-init.sh: |+ -{{ tuple "bin/_db-init.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} + db-init.py: | +{{- include "helm-toolkit.db_init" . | indent 4 }} + db-sync.sh: | +{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.template" | indent 4 }} ks-service.sh: |+ {{- include "helm-toolkit.keystone_service" . | indent 4 }} ks-endpoints.sh: |+ diff --git a/heat/templates/etc/_heat.conf.tpl b/heat/templates/etc/_heat.conf.tpl index c07ecd1297..702d04ade7 100644 --- a/heat/templates/etc/_heat.conf.tpl +++ b/heat/templates/etc/_heat.conf.tpl @@ -40,7 +40,7 @@ backend = oslo_cache.memcache_pool memcache_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}" [database] -connection = mysql+pymysql://{{ .Values.database.heat_user }}:{{ .Values.database.heat_password }}@{{ .Values.database.address }}:{{ .Values.database.port }}/{{ .Values.database.heat_database_name }} +connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }} max_retries = -1 [keystone_authtoken] diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml index b7b560536b..41edc90568 100644 --- a/heat/templates/job-db-init.yaml +++ b/heat/templates/job-db-init.yaml @@ -43,17 +43,37 @@ spec: cpu: {{ .Values.resources.heat_db_init.limits.cpu | quote }} {{- end }} env: - - name: ANSIBLE_LIBRARY - value: /usr/share/ansible/ + - name: ROOT_DB_CONNECTION + valueFrom: + secretKeyRef: + name: heat-db-root + key: DB_CONNECTION + - name: OPENSTACK_CONFIG_FILE + value: /etc/heat/heat.conf + - name: OPENSTACK_CONFIG_DB_SECTION + value: database + - name: OPENSTACK_CONFIG_DB_KEY + value: connection command: - - bash - - /tmp/db-init.sh + - python + - /tmp/db-init.py volumeMounts: - - name: dbinitsh - mountPath: /tmp/db-init.sh - subPath: db-init.sh + - name: heat-bin + mountPath: /tmp/db-init.py + subPath: db-init.py + readOnly: true + - name: etcheat + mountPath: /etc/heat + - name: heatapiconf + mountPath: /etc/heat/heat.conf + subPath: heat.conf readOnly: true volumes: - - name: dbinitsh + - name: etcheat + emptyDir: {} + - name: heatapiconf + configMap: + name: heat-etc + - name: heat-bin configMap: name: heat-bin diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml index 187f1c21dd..5f8d340b46 100644 --- a/heat/templates/job-db-sync.yaml +++ b/heat/templates/job-db-sync.yaml @@ -43,21 +43,25 @@ spec: cpu: {{ .Values.resources.heat_db_sync.limits.cpu | quote }} {{- end }} command: - - heat-manage - args: - - --config-dir - - /etc/heat/conf - - db_sync + - bash + - /tmp/db-sync.sh volumeMounts: - - name: pod-etc-heat + - name: heat-bin + mountPath: /tmp/db-sync.sh + subPath: db-sync.sh + readOnly: true + - name: etcheat mountPath: /etc/heat - - name: heatconf - mountPath: /etc/heat/conf/heat.conf + - name: heatapiconf + mountPath: /etc/heat/heat.conf subPath: heat.conf readOnly: true volumes: - - name: pod-etc-heat + - name: etcheat emptyDir: {} - - name: heatconf + - name: heatapiconf configMap: name: heat-etc + - name: heat-bin + configMap: + name: heat-bin diff --git a/heat/templates/secret-db-root.env.yaml b/heat/templates/secret-db-root.env.yaml new file mode 100644 index 0000000000..f8346a2eab --- /dev/null +++ b/heat/templates/secret-db-root.env.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: heat-db-root +type: Opaque +data: + DB_CONNECTION: {{ tuple "oslo_db" "internal" "admin" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | b64enc }} diff --git a/heat/values.yaml b/heat/values.yaml index 61ff920eba..f591a396f5 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -30,7 +30,7 @@ labels: images: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.1 - db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton + db_init: docker.io/kolla/ubuntu-source-heat-api:3.0.1 db_sync: docker.io/kolla/ubuntu-source-heat-api:3.0.1 ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton @@ -100,15 +100,6 @@ network: enabled: false port: 30003 -database: - address: mariadb - port: 3306 - root_user: root - root_password: password - heat_database_name: heat - heat_password: password - heat_user: heat - messaging: hosts: rabbitmq user: rabbitmq @@ -218,6 +209,20 @@ endpoints: scheme: 'http' port: api: 8003 + oslo_db: + auth: + admin: + username: root + password: password + user: + username: heat + password: password + hosts: + default: mariadb + path: /heat + scheme: mysql+pymysql + port: + mysql: 3306 resources: enabled: false