Fix Netapp port conflict

By default, the Trident Netapp service opens port 8443 for
HTTPS REST api usage. This conflicts with the port the
Horizon dashboard uses on an HTTPS enabled setup (the port
is also 8443).

In order to fix this, we change the default port from 8443
to 8678, but also make it configurable through ansible
overrides.

The Trident service also opens port 8001 for metrics usage.
While that doesn't currently conflict with any other service
on the system, I also made that configurable through
ansible overrides, in case such a conflict appears in the
future.

Change-Id: I08db939acac6082f82b9e12e932d8289c7cecdeb
Closes-bug: 1868382
Signed-off-by: Stefan Dinescu <stefan.dinescu@windriver.com>

playbookconfig/src/playbooks/host_vars/netapp/default.yml

@@ -11,9 +11,17 @@
 trident_namespace: "trident"
 
 # The default port is 8000, which conflicts with the Armada app which also listens on port 8000
-# Choosing port 8677 because it is unassigned according to:
-# https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?&page=112
+# Also, on an HTTPS enabled setup, the default port for HTTPS REST API is 8443 which conflicts
+# with the port used by the platform Horizon dashboard.
+# Choosing ports 8677 and 8678 to replace the defaults because they are unassigned according to:
+# https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml
 trident_rest_api_port: 8677
+trident_https_rest_api_port: 8678
+
+# The default port opened by the service for metrics gathering is 8001.
+# For now, this doesn't seem to conflict with anything on our system,
+# but it's better to have it configurable.
+trident_metrics_port: 8001
 
 # We don't yet know if trident pods need to run on all nodes or just controllers,
 # so we add a parameter to easily switch between the two

playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/templates/README

@@ -12,3 +12,4 @@ Files changed:
 - trident-namespace.yaml.j2
 - trident-serviceaccount.yaml.j2
 - trident-deployment.yaml.j2
+- trident-service.yaml.j2

playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/templates/trident-deployment.yaml.j2

@@ -24,14 +24,16 @@ spec:
         # STX_change: pull image from local registry
         image: {{ local_registry }}/docker.io/netapp/trident:20.01.0
         ports:
-        - containerPort: 8443
+        # STX_change: change port
+        - containerPort: {{ trident_https_rest_api_port }}
         command:
         - /usr/local/bin/trident_orchestrator
         args:
         - "--crd_persistence"
         - "--k8s_pod"
         - "--https_rest"
-        - "--https_port=8443"
+        # STX_change: change https port
+        - "--https_port={{ trident_https_rest_api_port }}"
         - "--csi_node_name=$(KUBE_NODE_NAME)"
         - "--csi_endpoint=$(CSI_ENDPOINT)"
         - "--csi_role=controller"
@@ -40,6 +42,8 @@ spec:
         # STX_change: change port
         - "--port={{ trident_rest_api_port }}"
         - "--metrics"
+        # STX_change: change metrics port
+        - "--metrics_port={{ trident_metrics_port }}"
         #- -debug
         livenessProbe:
           exec:

playbookconfig/src/playbooks/roles/k8s-storage-backends/netapp/templates/trident-service.yaml.j2

@@ -12,8 +12,10 @@ spec:
   - name: https
     protocol: TCP
     port: 34571
-    targetPort: 8443
+    #STX_change: change port
+    targetPort: {{ trident_https_rest_api_port }}
   - name: metrics
     protocol: TCP
     port: 9220
-    targetPort: 8001
+    #STX_change: change metrics port
+    targetPort: {{ trident_metrics_port }}