openstack/openstack-helm
Code Issues Proposed changes

Add cronjob to purge cinder database

Browse Source 
Cron job added to automatically purge old deleted database entries
in Cinder.

Change-Id: I7c182ec4b1b5e76baeca692024f5d0949fee11f6
This commit is contained in:
Amir Aslan Aslan
2025-05-28 20:57:28 +03:30
parent 3ce8595587
commit d051c3899a
12 changed files with 188 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cinder/templates/bin/_db-purge.sh.tpl Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec cinder-manage db purge {{ .Values.conf.db_purge.before }}

2
cinder/templates/configmap-bin.yaml
View File

@ -41,6 +41,8 @@ data:
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-drop.py: |
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
db-purge.sh: |
{{ tuple "bin/_db-purge.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ks-service.sh: |
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |

114
cinder/templates/cron-job-cinder-db-purge.yaml Normal file
View File

@ -0,0 +1,114 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.cron_db_purge }}
{{- $envAll := . }}
{{- $mounts_cinder_db_purge := .Values.pod.mounts.cinder_db_purge.cinder_db_purge }}
{{- $mounts_cinder_db_purge_init := .Values.pod.mounts.cinder_db_purge.init_container }}
{{- $serviceAccountName := "cinder-db-purge" }}
{{ tuple $envAll "db_purge" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: cinder-db-purge
labels:
{{ tuple $envAll "cinder" "cinder-db-purge" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
spec:
schedule: {{ .Values.jobs.db_purge.cron | quote }}
successfulJobsHistoryLimit: {{ .Values.jobs.db_purge.history.success }}
failedJobsHistoryLimit: {{ .Values.jobs.db_purge.history.failed }}
{{- if .Values.jobs.db_purge.starting_deadline }}
startingDeadlineSeconds: {{ .Values.jobs.db_purge.starting_deadline }}
{{- end }}
concurrencyPolicy: Forbid
jobTemplate:
metadata:
labels:
{{ tuple $envAll "cinder" "db-purge" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
template:
metadata:
labels:
{{ tuple $envAll "cinder" "db-purge" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
annotations:
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "db-purge" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }}
spec:
{{ dict "envAll" $envAll "application" "db_purge" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
{{ if $envAll.Values.pod.tolerations.cinder.enabled }}
{{ tuple $envAll "cinder" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 10 }}
{{ end }}
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
initContainers:
{{ tuple $envAll "db_purge" $mounts_cinder_db_purge_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
containers:
- name: db-purge
{{ tuple $envAll "cinder_db_purge" | include "helm-toolkit.snippets.image" | indent 14 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_purge | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
{{ dict "envAll" $envAll "application" "db_purge" "container" "cinder_db_purge" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 14 }}
{{- if or .Values.manifests.certificates .Values.tls.identity }}
env:
- name: REQUESTS_CA_BUNDLE
value: "/etc/cinder/certs/ca.crt"
{{- end }}
command:
- /tmp/db-purge.sh
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: etccinder
mountPath: /etc/cinder
- name: cinder-etc
mountPath: /etc/cinder/cinder.conf
subPath: cinder.conf
readOnly: true
{{- if .Values.conf.cinder.DEFAULT.log_config_append }}
- name: cinder-etc
mountPath: {{ .Values.conf.cinder.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.cinder.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: cinder-bin
mountPath: /tmp/db-purge.sh
subPath: db-purge.sh
readOnly: true
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal "path" "/etc/cinder/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 16 }}
{{ if $mounts_cinder_db_purge.volumeMounts }}{{ toYaml $mounts_cinder_db_purge.volumeMounts | indent 16 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: etccinder
emptyDir: {}
- name: cinder-etc
secret:
secretName: cinder-etc
defaultMode: 0444
- name: cinder-bin
configMap:
name: cinder-bin
defaultMode: 0555
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.volumev3.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 12 }}
{{ if $mounts_cinder_db_purge.volumes }}{{ toYaml $mounts_cinder_db_purge.volumes | indent 12 }}{{ end }}
{{- end }}

41
cinder/values.yaml
View File

@ -55,6 +55,7 @@ images:
cinder_scheduler: quay.io/airshipit/cinder:2024.1-ubuntu_jammy
cinder_volume: quay.io/airshipit/cinder:2024.1-ubuntu_jammy
cinder_volume_usage_audit: quay.io/airshipit/cinder:2024.1-ubuntu_jammy
cinder_db_purge: quay.io/airshipit/cinder:2024.1-ubuntu_jammy
cinder_storage_init: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
cinder_backup: quay.io/airshipit/cinder:2024.1-ubuntu_jammy
cinder_backup_storage_init: docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy
@ -74,6 +75,12 @@ jobs:
history:
success: 3
failed: 1
db_purge:
cron: "0 0 * * *"
starting_deadline: 600
history:
success: 3
failed: 1
pod:
probes:
@ -92,6 +99,13 @@ pod:
params:
initialDelaySeconds: 30
security_context:
db_purge:
pod:
runAsUser: 42424
container:
cinder_db_purge:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
volume_usage_audit:
pod:
runAsUser: 42424
@ -225,6 +239,11 @@ pod:
cinder_volume_usage_audit:
volumeMounts:
volumes:
cinder_db_purge:
init_container: null
cinder_db_purge:
volumeMounts:
volumes:
cinder_backup:
init_container: null
cinder_backup:
@ -324,6 +343,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
db_purge:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
clean:
requests:
memory: "128Mi"
@ -1049,6 +1075,8 @@ conf:
thunder-lock: true
worker-reload-mercy: 80
wsgi-file: /var/lib/openstack/bin/cinder-wsgi
db_purge:
before: 30
backup:
external_ceph_rbd:
@ -1127,6 +1155,18 @@ dependencies:
services:
- endpoint: internal
service: oslo_db
db_purge:
jobs:
- cinder-db-sync
- cinder-db-init
- cinder-ks-user
- cinder-ks-endpoints
- cinder-rabbit-init
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: identity
ks_endpoints:
jobs:
- cinder-ks-service
@ -1496,6 +1536,7 @@ manifests:
configmap_bin: true
configmap_etc: true
cron_volume_usage_audit: true
cron_db_purge: false
deployment_api: true
deployment_backup: true
deployment_scheduler: true

5
releasenotes/notes/cinder-8f8fd56d2c9a5d75.yaml Normal file
View File

@ -0,0 +1,5 @@
---
cinder:
- |
Add cronjob to purge old deleted database entries
...

1
values_overrides/cinder/2023.1-ubuntu_focal.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "docker.io/openstackhelm/cinder:2023.1-ubuntu_focal"
cinder_volume: "docker.io/openstackhelm/cinder:2023.1-ubuntu_focal"
cinder_volume_usage_audit: "docker.io/openstackhelm/cinder:2023.1-ubuntu_focal"
cinder_db_purge: "docker.io/openstackhelm/cinder:2023.1-ubuntu_focal"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_focal"
cinder_backup: "docker.io/openstackhelm/cinder:2023.1-ubuntu_focal"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_focal"

1
values_overrides/cinder/2023.1-ubuntu_jammy.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "docker.io/openstackhelm/cinder:2023.1-ubuntu_jammy"
cinder_volume: "docker.io/openstackhelm/cinder:2023.1-ubuntu_jammy"
cinder_volume_usage_audit: "docker.io/openstackhelm/cinder:2023.1-ubuntu_jammy"
cinder_db_purge: "docker.io/openstackhelm/cinder:2023.1-ubuntu_jammy"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "docker.io/openstackhelm/cinder:2023.1-ubuntu_jammy"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"

1
values_overrides/cinder/2023.2-ubuntu_jammy.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "quay.io/airshipit/cinder:2023.2-ubuntu_jammy"
cinder_volume: "quay.io/airshipit/cinder:2023.2-ubuntu_jammy"
cinder_volume_usage_audit: "quay.io/airshipit/cinder:2023.2-ubuntu_jammy"
cinder_db_purge: "quay.io/airshipit/cinder:2023.2-ubuntu_jammy"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "quay.io/airshipit/cinder:2023.2-ubuntu_jammy"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"

1
values_overrides/cinder/2024.1-ubuntu_jammy.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "quay.io/airshipit/cinder:2024.1-ubuntu_jammy"
cinder_volume: "quay.io/airshipit/cinder:2024.1-ubuntu_jammy"
cinder_volume_usage_audit: "quay.io/airshipit/cinder:2024.1-ubuntu_jammy"
cinder_db_purge: "quay.io/airshipit/cinder:2024.1-ubuntu_jammy"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "quay.io/airshipit/cinder:2024.1-ubuntu_jammy"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"

1
values_overrides/cinder/2024.2-ubuntu_jammy.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "quay.io/airshipit/cinder:2024.2-ubuntu_jammy"
cinder_volume: "quay.io/airshipit/cinder:2024.2-ubuntu_jammy"
cinder_volume_usage_audit: "quay.io/airshipit/cinder:2024.2-ubuntu_jammy"
cinder_db_purge: "quay.io/airshipit/cinder:2024.2-ubuntu_jammy"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "quay.io/airshipit/cinder:2024.2-ubuntu_jammy"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"

1
values_overrides/cinder/2025.1-ubuntu_jammy.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "quay.io/airshipit/cinder:2025.1-ubuntu_jammy"
cinder_volume: "quay.io/airshipit/cinder:2025.1-ubuntu_jammy"
cinder_volume_usage_audit: "quay.io/airshipit/cinder:2025.1-ubuntu_jammy"
cinder_db_purge: "quay.io/airshipit/cinder:2025.1-ubuntu_jammy"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "quay.io/airshipit/cinder:2025.1-ubuntu_jammy"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"

1
values_overrides/cinder/2025.1-ubuntu_noble.yaml
View File

@ -12,6 +12,7 @@ images:
cinder_scheduler: "quay.io/airshipit/cinder:2025.1-ubuntu_noble"
cinder_volume: "quay.io/airshipit/cinder:2025.1-ubuntu_noble"
cinder_volume_usage_audit: "quay.io/airshipit/cinder:2025.1-ubuntu_noble"
cinder_db_purge: "quay.io/airshipit/cinder:2025.1-ubuntu_noble"
cinder_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"
cinder_backup: "quay.io/airshipit/cinder:2025.1-ubuntu_noble"
cinder_backup_storage_init: "docker.io/openstackhelm/ceph-config-helper:latest-ubuntu_jammy"