replaced existing systemd script with kubernetes job, also added configurable

credentials for maas
2017-01-24 23:49:08 +00:00 · 2017-01-24 23:49:08 +00:00 · ec00228bcd
commit ec00228bcd
parent 922967ee7f
12 changed files with 230 additions and 11 deletions
--- a/maas/templates/bin/_import-boot-resources.sh.tpl
+++ b/maas/templates/bin/_import-boot-resources.sh.tpl
@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -ex
+
+function check_for_download {
+
+    if maas {{ .Values.credentials.admin_username }} boot-resources read | grep -q '\[\]';
+    then
+        echo 'Did not find boot resources.  Will try again'
+        sleep 60
+        exit 1
+    else
+        echo 'Boot resources found'
+        exit 0
+    fi
+
+}
+
+maas-region local_config_set \
+        --database-host "{{ .Values.db_service_name }}.{{ .Release.Namespace}}" \
+        --database-name "{{ .Values.database.db_name }}" \
+        --database-user "{{ .Values.database.db_user }}" \
+        --database-pass "{{ .Values.database.db_password }}" \
+        --maas-url "http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}:80/MAAS"
+
+KEY=$(maas-region apikey --username={{ .Values.credentials.admin_username }})
+maas login {{ .Values.credentials.admin_username }} http://{{ .Values.ui_service_name }}.{{ .Release.Namespace }}/MAAS/ $KEY
+
+# make call to import images
+maas {{ .Values.credentials.admin_username }} boot-resources import
+# see if we can find > 0 images
+sleep 10
+check_for_download
--- a/maas/templates/bin/_job-readiness.sh.tpl
+++ b/maas/templates/bin/_job-readiness.sh.tpl
@ -0,0 +1,6 @@
+#!/bin/bash
+
+</dev/tcp/{{ .Values.ui_service_name }}.{{ .Release.Namespace }}/{{ .Values.network.port.service_gui }} && \
+</dev/tcp/{{ .Values.db_service_name }}.{{ .Release.Namespace }}/{{ .Values.network.port.db_service }} && \
+pg_isready -h {{ .Values.db_service_name }}.{{ .Release.Namespace }} && \
+maas-region apikey --username={{ .Values.credentials.admin_username }} || exit 1
--- a/maas/templates/bin/_maas-region-controller.postinst.tpl
+++ b/maas/templates/bin/_maas-region-controller.postinst.tpl
@ -62,7 +62,7 @@ if [ "$1" = "configure" ] && [ -z "$2" ]; then
    db_get maas/default-maas-url
    ipaddr="$RET"
    if [ -z "$ipaddr" ]; then
-        ipaddr="maas-region-ui.{{ .Release.Namespace }}"
+        ipaddr="{{ .Values.ui_service_name }}.{{ .Release.Namespace }}"
    fi
    # Set the IP address of the interface with default route
    configure_maas_default_url "$ipaddr"
@ -79,8 +79,10 @@ if [ "$1" = "configure" ] && [ -z "$2" ]; then
    # Create the database
    dbc_go maas-region-controller $@
    maas-region local_config_set \
-        --database-host "localhost" --database-name "$dbc_dbname" \
-        --database-user "$dbc_dbuser" --database-pass "$dbc_dbpass"
+        --database-host "localhost" \
+        --database-name "{{ .Values.database.db_name }}" \
+        --database-user "{{ .Values.database.db_user }}" \
+        --database-pass "{{ .Values.database.db_password }}"

    # Only syncdb if we have selected to install it with dbconfig-common.
    db_get maas-region-controller/dbconfig-install
--- a/maas/templates/bin/_start.sh.tpl
+++ b/maas/templates/bin/_start.sh.tpl
@ -3,6 +3,12 @@ set -ex

 if ! find "/etc/postgresql" -mindepth 1 -print -quit | grep -q .; then
    pg_createcluster 9.5 main
+
+    #allow external connections to postgresql
+    sed -i '/#listen_addresses/s/^#//g' /etc/postgresql/9.5/main/postgresql.conf
+    sed -i '/^listen_addresses/ s/localhost/*/' /etc/postgresql/9.5/main/postgresql.conf
+    sed -i '$ a host all all 0.0.0.0/0 md5' /etc/postgresql/9.5/main/pg_hba.conf
+    sed -i '$ a host all all ::/0 md5' /etc/postgresql/9.5/main/pg_hba.conf
 fi

 cp -r /etc/postgresql/9.5/main/*.conf /var/lib/postgresql/9.5/main/
@ -12,3 +18,5 @@ echo 'running postinst'

 chmod 755 /var/lib/dpkg/info/maas-region-controller.postinst
 /bin/sh /var/lib/dpkg/info/maas-region-controller.postinst configure
+
+maas-region createadmin --username={{ .Values.credentials.admin_username }} --password={{ .Values.credentials.admin_password }} --email={{ .Values.credentials.admin_email }} || true
--- a/maas/templates/configmap-bin.yaml
+++ b/maas/templates/configmap-bin.yaml
@ -7,3 +7,7 @@ data:
 {{ tuple "bin/_start.sh.tpl" . | include "template" | indent 4 }}
  maas-region-controller.postinst: |
 {{ tuple "bin/_maas-region-controller.postinst.tpl" . | include "template" | indent 4 }}
+  import-boot-resources.sh: |
+{{ tuple "bin/_import-boot-resources.sh.tpl" . | include "template" | indent 4 }}
+  job-readiness.sh: |
+{{ tuple "bin/_job-readiness.sh.tpl" . | include "template" | indent 4 }}
--- a/maas/templates/configmap-etc.yaml
+++ b/maas/templates/configmap-etc.yaml
@ -7,3 +7,5 @@ data:
 {{ tuple "etc/_region-dns-config.tpl" . | include "template" | indent 4 }}
  secret: |
 {{ tuple "etc/_secret.tpl" . | include "template" | indent 4 }}
+  maas-region-controller.conf: |
+{{ tuple "etc/_postgresql-config.tpl" . | include "template" | indent 4 }}
--- a/maas/templates/db-service.yaml
+++ b/maas/templates/db-service.yaml
@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.db_service_name }}
+  labels:
+    app: db-service
+spec:
+  ports:
+  - port: {{ .Values.network.port.db_service }}
+    targetPort: {{ .Values.network.port.db_service_target }}
+    name: db-service
+  selector:
+    app: maas-region
--- a/maas/templates/deploy-region.yaml
+++ b/maas/templates/deploy-region.yaml
@ -3,7 +3,7 @@ kind: StatefulSet
 metadata:
  name: maas-region
 spec:
-  serviceName: "{{ .Values.service_name }}"
+  serviceName: "{{ .Values.ui_service_name }}"
  template:
    metadata:
      labels:
@ -13,7 +13,7 @@ spec:
          {
            "name": "init",
            "image": "{{ .Values.images.maas_region }}",
-            "imagePullPolicy": "Always",
+            "imagePullPolicy": "{{ .Values.images.pull_policy }}",
            "command": ["bash", "/tmp/start.sh"],
            "volumeMounts": [
                {
@ -41,6 +41,11 @@ spec:
                    "name": "maasregionpostinst",
                    "mountPath": "/var/lib/dpkg/info/maas-region-controller.postinst",
                    "subPath": "maas-region-controller.postinst"
+                },
+                {
+                    "name": "postgresql-defaults",
+                    "mountPath": "/etc/dbconfig-common/maas-region-controller.conf",
+                    "subPath": "maas-region-controller.conf"
                }
            ]
          }
@ -51,9 +56,12 @@ spec:
      containers:
      - name: maas-region
        image: {{ .Values.images.maas_region }}
-        imagePullPolicy: Always
+        imagePullPolicy: {{ .Values.images.pull_policy }}
        ports:
-        - containerPort: {{ .Values.network.port.region_container }}
+        - name: region-ui
+          containerPort: {{ .Values.network.port.region_container }}
+        - name: postgresql
+          containerPort: {{ .Values.network.port.db_service }}
        readinessProbe:
          tcpSocket:
            port: {{ .Values.network.port.region_container }}
@ -95,6 +103,9 @@ spec:
        - name: maas-dns-config
          configMap:
            name: maas-region-etc
+        - name: postgresql-defaults
+          configMap:
+            name: maas-region-etc
        - name: startsh
          configMap:
            name: maas-region-bin
--- a/maas/templates/etc/_postgresql-config.tpl
+++ b/maas/templates/etc/_postgresql-config.tpl
@ -0,0 +1,44 @@
+# dbc_install: configure database with dbconfig-common?
+#              set to anything but "true" to opt out of assistance
+dbc_install='true'
+
+# dbc_upgrade: upgrade database with dbconfig-common?
+#              set to anything but "true" to opt out of assistance
+dbc_upgrade='true'
+
+# dbc_remove: deconfigure database with dbconfig-common?
+#             set to anything but "true" to opt out of assistance
+dbc_remove='true'
+
+# dbc_dbtype: type of underlying database to use
+#	this exists primarily to let dbconfig-common know what database
+#	type to use when a package supports multiple database types.
+#	don't change this value unless you know for certain that this
+#	package supports multiple database types
+dbc_dbtype='pgsql'
+
+# dbc_dbuser: database user
+#	the name of the user who we will use to connect to the database.
+dbc_dbuser='{{ .Values.database.db_user }}'
+
+# dbc_dbpass: database user password
+#	the password to use with the above username when connecting
+#	to a database, if one is required
+dbc_dbpass='{{ .Values.database.db_password }}'
+
+# dbc_dbname: name of database
+#	this is the name of your application's database.
+dbc_dbname='{{ .Values.database.db_name }}'
+
+# dbc_dbadmin: name of the administrative user
+#	this is the administrative user that is used to create all of the above
+#	The exception is the MySQL/MariaDB localhost case, where this value is
+#	ignored and instead is determined from /etc/mysql/debian.cnf.
+dbc_dbadmin='postgres'
+
+# dbc_authmethod_admin: authentication method for admin
+# dbc_authmethod_user: authentication method for dbuser
+#	see the section titled "AUTHENTICATION METHODS" in
+#	/usr/share/doc/dbconfig-common/README.pgsql for more info
+dbc_authmethod_admin='ident'
+dbc_authmethod_user='password'
--- a/maas/templates/job-import.yaml
+++ b/maas/templates/job-import.yaml
@ -0,0 +1,72 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: region-import-resources
+spec:
+  template:
+    metadata:
+      annotations:
+        pod.beta.kubernetes.io/init-containers: '[
+          {
+            "name": "init",
+            "image": "{{ .Values.images.entrypoint }}",
+            "imagePullPolicy": "{{ .Values.images.pull_policy }}",
+            "env": [
+              {
+                "name": "NAMESPACE",
+                "value": "{{ .Release.Namespace }}"
+              },
+              {
+                "name": "POD_NAME",
+                "value": "{{ .Values.dependencies.import_resources.pod }}"
+              },
+              {
+                "name": "DEPENDENCY_SERVICE",
+                "value": "{{  include "joinListWithColon" .Values.dependencies.import_resources.service }}"
+              },
+              {
+                "name": "DEPENDENCY_CONTAINER",
+                "value": "{{ .Values.dependencies.import_resources.container }}"
+              },
+              {
+                "name": "COMMAND",
+                "value": "echo done"
+              }
+            ]
+          }
+        ]'
+    spec:
+      restartPolicy: OnFailure
+      containers:
+        - name: region-import-resources
+          image: {{ .Values.images.maas_toolbox }}
+          imagePullPolicy: {{ .Values.images.pull_policy }}
+          command:
+            - bash
+            - /tmp/import-boot-resources.sh
+          readinessProbe:
+            exec:
+              command:
+                - bash
+                - /tmp/job-readiness.sh
+            initialDelaySeconds: 60
+          volumeMounts:
+            - name: import-boot-resources
+              mountPath: /tmp/import-boot-resources.sh
+              subPath: import-boot-resources.sh
+            - name: job-readiness
+              mountPath: /tmp/job-readiness.sh
+              subPath: job-readiness.sh
+            - name: maas-dns-config
+              mountPath: /etc/bind/named.conf.options
+              subPath: named.conf.options
+      volumes:
+        - name: import-boot-resources
+          configMap:
+            name: maas-region-bin
+        - name: job-readiness
+          configMap:
+            name: maas-region-bin
+        - name: maas-dns-config
+          configMap:
+            name: maas-region-etc
--- a/maas/templates/maas-service.yaml
+++ b/maas/templates/maas-service.yaml
@ -1,7 +1,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ .Values.service_name }}
+  name: {{ .Values.ui_service_name }}
  labels:
    app: maas-region-ui
 spec:
--- a/maas/values.yaml
+++ b/maas/values.yaml
@ -2,9 +2,30 @@
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.

+credentials:
+  admin_username: admin
+  admin_password: admin
+  admin_email: support@nowhere.com
+
+database:
+  db_name: maasdb
+  db_user: maas
+  db_password: password
+
+dependencies:
+  import_resources:
+    pod: maas-region-0
+    container: maas-region
+    service:
+    - maas-region-ui
+    - db-service
+
 images:
-  maas_region: quay.io/attcomdev/maas-region:2.1.2-1
-  maas_rack: quay.io/attcomdev/maas-rack:2.1.2-1
+  maas_region: quay.io/attcomdev/maas-region:2.1.2-2
+  maas_toolbox: quay.io/attcomdev/maas-toolbox:2.1.2
+  maas_rack: quay.io/attcomdev/maas-rack:2.1.2-2
+  entrypoint: quay.io/stackanetes/kubernetes-entrypoint:v0.1.0
+  pull_policy: Always

 labels:
  node_selector_key: openstack-control-plane
@ -17,5 +38,8 @@ network:
    service_gui_target: 80
    service_proxy: 8000
    service_proxy_target: 8000
+    db_service: 5432
+    db_service_target: 5432

-service_name: maas-region-ui 
+ui_service_name: maas-region-ui
+db_service_name: db-service