Browse Source

OSH: Add ingress netpol for ceph-rgw pods

This is to enable ingress netpol for ceph-rgw pods

Depends-On: https://review.openstack.org/#/c/632567/

Change-Id: I542a38a08101b031633bfcb0810e00904ae58df5
Chinasubbareddy M 2 months ago
parent
commit
ff146ea9fd

+ 27
- 0
tools/deployment/developer/ceph/110-ceph-radosgateway.sh View File

@@ -44,6 +44,33 @@ conf:
44 44
 pod:
45 45
   replicas:
46 46
     rgw: 1
47
+network_policy:
48
+  ceph:
49
+    ingress:
50
+      - from:
51
+        - podSelector:
52
+            matchLabels:
53
+              application: glance
54
+        - podSelector:
55
+            matchLabels:
56
+              application: cinder
57
+        - podSelector:
58
+            matchLabels:
59
+              application: libvirt
60
+        - podSelector:
61
+            matchLabels:
62
+              application: nova
63
+        - podSelector:
64
+            matchLabels:
65
+              application: ceph
66
+        - podSelector:
67
+            matchLabels:
68
+              application: ingress
69
+        ports:
70
+        - protocol: TCP
71
+          port: 8088
72
+manifests:
73
+  network_policy: true
47 74
 EOF
48 75
 helm upgrade --install radosgw-openstack ${OSH_INFRA_PATH}/ceph-rgw \
49 76
   --namespace=openstack \

+ 3
- 0
tools/deployment/developer/common/030-ingress.sh View File

@@ -27,6 +27,9 @@ network_policy:
27 27
   ingress:
28 28
     ingress:
29 29
       - from:
30
+        - podSelector:
31
+            matchLabels:
32
+              application: ceph
30 33
         - podSelector:
31 34
             matchLabels:
32 35
               application: keystone

+ 28
- 0
tools/deployment/multinode/090-ceph-radosgateway.sh View File

@@ -38,11 +38,39 @@ bootstrap:
38 38
 conf:
39 39
   rgw_ks:
40 40
     enabled: true
41
+network_policy:
42
+  ceph:
43
+    ingress:
44
+      - from:
45
+        - podSelector:
46
+            matchLabels:
47
+              application: glance
48
+        - podSelector:
49
+            matchLabels:
50
+              application: cinder
51
+        - podSelector:
52
+            matchLabels:
53
+              application: libvirt
54
+        - podSelector:
55
+            matchLabels:
56
+              application: nova
57
+        - podSelector:
58
+            matchLabels:
59
+              application: ceph
60
+        - podSelector:
61
+            matchLabels:
62
+              application: ingress
63
+        ports:
64
+        - protocol: TCP
65
+          port: 8088
66
+manifests:
67
+  network_policy: true
41 68
 EOF
42 69
 
43 70
 : ${OSH_INFRA_PATH:="../openstack-helm-infra"}
44 71
 helm upgrade --install radosgw-openstack ${OSH_INFRA_PATH}/ceph-rgw \
45 72
   --namespace=openstack \
73
+  --set manifests.network_policy=true \
46 74
   --values=/tmp/radosgw-openstack.yaml \
47 75
   ${OSH_EXTRA_HELM_ARGS} \
48 76
   ${OSH_EXTRA_HELM_ARGS_HEAT}

Loading…
Cancel
Save