openstack/openstack-helm
Code Issues Proposed changes
Files
master
openstack-helm/prometheus-openstack-exporter/templates/deployment.yaml
SPEARS, DUSTIN (ds443n) b1c72b7770 Update Prometheus Openstack Exporter 
Change to the official openstack exporter

Change-Id: Ia6a9b9e3142af975dcec8279a137170e76385d42
Signed-off-by: SPEARS, DUSTIN (ds443n) <ds443n@att.com>
2026-02-20 19:27:21 +00:00

186 lines
9.2 KiB
YAML
Raw Permalink Blame History

{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment }}
{{- $envAll := . }}
{{- $ksUserSecret := .Values.secrets.identity.user }}
{{- $serviceAccountName := "prometheus-openstack-exporter" }}
{{ tuple $envAll "prometheus_openstack_exporter" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: prometheus-openstack-exporter
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.prometheus_openstack_exporter }}
selector:
matchLabels:
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
secret-keystone-hash: {{ tuple "secret-keystone.yaml" . | include "helm-toolkit.utils.hash" }}
secret-registry-hash: {{ tuple "secret-registry.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "prometheus-openstack-exporter" "containerNames" (list "openstack-metrics-exporter" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "exporter" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "prometheus-openstack-exporter" "exporter" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.openstack_exporter.node_selector_key }}: {{ .Values.labels.openstack_exporter.node_selector_value | quote }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.prometheus_openstack_exporter.timeout | default "30" }}
initContainers:
{{ tuple $envAll "prometheus_openstack_exporter" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 | trim }}
- name: clouds-yaml-gen
{{ tuple $envAll "dep_check" | include "helm-toolkit.snippets.image" | nindent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.clouds_yaml_gen | include "helm-toolkit.snippets.kubernetes_resources" | nindent 10 }}
{{ dict "envAll" $envAll "application" "clouds_yaml_gen" "container" "clouds_yaml_gen" | include "helm-toolkit.snippets.kubernetes_container_security_context" | nindent 10 }}
command:
- /bin/sh
- -c
- |
cat <<EOF > /etc/openstack/clouds.yaml
clouds:
default:
auth:
auth_url: "$OS_AUTH_URL"
username: "$OS_USERNAME"
password: "$OS_PASSWORD"
project_name: "$OS_PROJECT_NAME"
user_domain_name: "$OS_USER_DOMAIN_NAME"
project_domain_name: "$OS_PROJECT_DOMAIN_NAME"
region_name: "$OS_REGION_NAME"
interface: "$OS_INTERFACE"
identity_api_version: "$OS_IDENTITY_API_VERSION"
{{- if .Values.manifests.certificates }}
cacert: "/etc/ssl/certs/openstack-helm.crt"
{{- end }}
EOF
env:
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
key: OS_AUTH_URL
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_USERNAME
valueFrom:
secretKeyRef:
key: OS_USERNAME
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
key: OS_PASSWORD
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_PROJECT_NAME
valueFrom:
secretKeyRef:
key: OS_PROJECT_NAME
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
key: OS_USER_DOMAIN_NAME
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_PROJECT_DOMAIN_NAME
valueFrom:
secretKeyRef:
key: OS_PROJECT_DOMAIN_NAME
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
key: OS_REGION_NAME
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_INTERFACE
valueFrom:
secretKeyRef:
key: OS_INTERFACE
name: {{ .Values.secrets.identity.user | quote }}
- name: OS_IDENTITY_API_VERSION
value: "3"
volumeMounts:
- name: clouds-yaml
mountPath: /etc/openstack
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.identity.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
runAsUser: 65534
containers:
- name: openstack-metrics-exporter
{{ tuple $envAll "prometheus_openstack_exporter" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.prometheus_openstack_exporter | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "exporter" "container" "openstack_metrics_exporter" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /bin/openstack-exporter
args:
- --web.listen-address=:{{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
- --os-client-config=/etc/openstack/clouds.yaml
- default
ports:
- name: metrics
containerPort: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
livenessProbe:
httpGet:
path: /metrics
port: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 180
periodSeconds: 60
timeoutSeconds: 30
readinessProbe:
httpGet:
path: /metrics
port: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 30
env:
- name: LISTEN_PORT
value: {{ tuple "prometheus_openstack_exporter" "internal" "exporter" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- name: OS_POLLING_INTERVAL
value: {{ .Values.conf.prometheus_openstack_exporter.OS_POLLING_INTERVAL | quote }}
- name: OS_RETRIES
value: {{ .Values.conf.prometheus_openstack_exporter.OS_RETRIES | quote }}
- name: TIMEOUT_SECONDS
value: {{ .Values.conf.prometheus_openstack_exporter.TIMEOUT_SECONDS | quote }}
- name: OS_IDENTITY_API_VERSION
value: "3"
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: clouds-yaml
mountPath: /etc/openstack
readOnly: true
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.identity.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
workingDir: /tmp
volumes:
- name: pod-tmp
emptyDir: {}
- name: clouds-yaml
emptyDir: {}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.identity.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- end }}
View Git Blame Copy Permalink