starlingx/config
Code Issues Proposed changes

Relocated some packages to repo 'openstack-armada-app'

Browse Source 
List of relocated subdirectories:

kubernetes/applications/stx-openstack/stx-openstack-helm
kubernetes/helm-charts/garbd
kubernetes/helm-charts/nginx-ports-control

Story: 2006166
Task: 35687
Depends-On: I665dc7fabbfffc798ad57843eb74dca16e7647a3
Change-Id: I4baa9f3bb8868d56fe79199abc544739d22a466f
Signed-off-by: Scott Little <scott.little@windriver.com>
Depends-On: I520d1d7f890f298d59998cb15613efa2233e329a
This commit is contained in:
Scott Little 2019-09-04 10:14:27 -04:00
parent 23a7083741
commit fed963b207
70 changed files with 0 additions and 5949 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
kubernetes/applications/stx-openstack/stx-openstack-helm/centos/build_srpm.data
View File

@ -1,8 +0,0 @@
SRC_DIR="stx-openstack-helm"
COPY_LIST_TO_TAR="$PKG_BASE/../../../helm-charts/garbd \
$PKG_BASE/../../../helm-charts/nginx-ports-control"
# This version is used as a component of the stx-openstack application
# version. Any change to this version must also be reflected in the
# SUPPORTED_VERSIONS list in sysinv/helm/openstack_version_check.py
#
TIS_PATCH_VER=18

86
kubernetes/applications/stx-openstack/stx-openstack-helm/centos/stx-openstack-helm.spec
View File

@ -1,86 +0,0 @@
%global helm_folder /usr/lib/helm
%global armada_folder /usr/lib/armada
%global app_folder /usr/lib/application
%global toolkit_version 0.1.0
%global helmchart_version 0.1.0
Summary: StarlingX Openstack Application Helm charts
Name: stx-openstack-helm
Version: 1.0
Release: %{tis_patch_ver}%{?_tis_dist}
License: Apache-2.0
Group: base
Packager: Wind River <info@windriver.com>
URL: unknown
Source0: %{name}-%{version}.tar.gz
BuildArch: noarch
BuildRequires: helm
BuildRequires: openstack-helm-infra
Requires: openstack-helm-infra
Requires: openstack-helm
%description
StarlingX Openstack Application Helm charts
%prep
%setup
%build
# initialize helm and build the toolkit
# helm init --client-only does not work if there is no networking
# The following commands do essentially the same as: helm init
%define helm_home %{getenv:HOME}/.helm
mkdir %{helm_home}
mkdir %{helm_home}/repository
mkdir %{helm_home}/repository/cache
mkdir %{helm_home}/repository/local
mkdir %{helm_home}/plugins
mkdir %{helm_home}/starters
mkdir %{helm_home}/cache
mkdir %{helm_home}/cache/archive
# Stage a repository file that only has a local repo
cp files/repositories.yaml %{helm_home}/repository/repositories.yaml
# Stage a local repo index that can be updated by the build
cp files/index.yaml %{helm_home}/repository/local/index.yaml
# Stage helm-toolkit in the local repo
cp %{helm_folder}/helm-toolkit-%{toolkit_version}.tgz .
# Host a server for the charts
helm serve --repo-path . &
helm repo rm local
helm repo add local http://localhost:8879/charts
# Make the charts. These produce a tgz file
make nova-api-proxy
make garbd
make keystone-api-proxy
make fm-rest-api
make nginx-ports-control
# terminate helm server (the last backgrounded task)
kill %1
# remove helm-toolkit. This will be packaged with openstack-helm-infra
rm ./helm-toolkit-%{toolkit_version}.tgz
%install
# helm_folder is created by openstack-helm-infra
install -d -m 755 ${RPM_BUILD_ROOT}%{app_folder}
install -p -D -m 755 files/metadata.yaml ${RPM_BUILD_ROOT}%{app_folder}
install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder}
install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder}
install -d -m 755 ${RPM_BUILD_ROOT}%{armada_folder}
install -p -D -m 755 manifests/*.yaml ${RPM_BUILD_ROOT}%{armada_folder}
%files
#helm_folder is owned by openstack-helm-infra
%defattr(-,root,root,-)
%{helm_folder}/*
%{armada_folder}/*
%{app_folder}/*

43
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/Makefile
View File

@ -1,43 +0,0 @@
#
# Copyright 2017 The Openstack-Helm Authors.
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# It's necessary to set this because some environments don't link sh -> bash.
SHELL := /bin/bash
TASK := build
EXCLUDES := helm-toolkit doc tests tools logs tmp
CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.)))
.PHONY: $(EXCLUDES) $(CHARTS)
all: $(CHARTS)
$(CHARTS):
@if [ -d $@ ]; then \
echo; \
echo "===== Processing [$@] chart ====="; \
make $(TASK)-$@; \
fi
init-%:
if [ -f $*/Makefile ]; then make -C $*; fi
if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
lint-%: init-%
if [ -d $* ]; then helm lint $*; fi
build-%: lint-%
if [ -d $* ]; then helm package $*; fi
clean:
@echo "Clean all build artifacts"
rm -f */templates/_partials.tpl */templates/_globals.tpl
rm -f *tgz */charts/*tgz */requirements.lock
rm -rf */charts */tmpcharts
%:
@:

5
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/README
View File

@ -1,5 +0,0 @@
This directory contains all StarlingX charts that need to be built for this
application. Some charts are common across applications. These common charts
reside in the stx-config/kubernetes/helm-charts directory. To include these in
this application update the build_srpm.data file and use the COPY_LIST_TO_TAR
mechanism to populate these commom charts.

3
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/files/index.yaml
View File

@ -1,3 +0,0 @@
apiVersion: v1
entries: {}
generated: 2019-01-07T12:33:46.098166523-06:00

8
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/files/metadata.yaml
View File

@ -1,8 +0,0 @@
disabled_charts:
- aodh
- barbican
- ceilometer
- ceph-rgw
- gnocchi
- ironic
- panko

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/files/repositories.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v1
generated: 2019-01-02T15:19:36.215111369-06:00
repositories:
- caFile: ""
cache: /builddir/.helm/repository/cache/local-index.yaml
certFile: ""
keyFile: ""
name: local
password: ""
url: http://127.0.0.1:8879/charts
username: ""

5
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: "1.0"
description: StarlingX Fault Rest API Service
name: fm-rest-api
version: 0.1.0

8
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/requirements.yaml
View File

@ -1,8 +0,0 @@
#
# SPDX-License-Identifier: Apache-2.0
#
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

38
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/_helpers.tpl
View File

@ -1,38 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "fm-rest-api.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "fm-rest-api.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "fm-rest-api.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}

11
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/bin/_db-drop.sh.tpl
View File

@ -1,11 +0,0 @@
#!/bin/bash
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
dropdb -h 127.0.0.1 -Uroot fm

11
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/bin/_db-sync.sh.tpl
View File

@ -1,11 +0,0 @@
#!/bin/bash
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
fm-dbsync --config-file /etc/fm/fm.conf

14
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/bin/_fm-rest-api.sh.tpl
View File

@ -1,14 +0,0 @@
#!/bin/bash
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
export SQL_CONNECTION=$(awk -F '=' '/sql_connection/{print $2}' /etc/fm/fm.conf)
echo $SQL_CONNECTION > /var/log/sql_connection
python /usr/local/bin/fm_db_sync_event_suppression.py $SQL_CONNECTION
python /var/lib/openstack/bin/fm-api --config-file /etc/fm/fm.conf

27
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/configmap-bin.yaml
View File

@ -1,27 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
apiVersion: v1
kind: ConfigMap
metadata:
name: fm-bin
data:
fm-rest-api.sh: |
{{ tuple "bin/_fm-rest-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-init.py: |
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-drop.sh: |
{{ tuple "bin/_db-drop.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-drop.py: |
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
ks-service.sh: |
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}

46
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/configmap-etc.yaml
View File

@ -1,46 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if empty .Values.conf.fm.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "fm" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.fm.database "connection" -}}
{{- end -}}
{{- if empty .Values.conf.fm.DEFAULT.sql_connection -}}
{{- $_ := tuple "oslo_db" "internal" "fm" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.fm.DEFAULT "sql_connection" -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.auth_uri -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.fm.keystone_authtoken "auth_uri" -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.fm.keystone_authtoken "auth_url" -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.region_name -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "region_name" .Values.endpoints.identity.auth.fm.region_name -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.project_name -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "project_name" .Values.endpoints.identity.auth.fm.project_name -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.project_domain_name -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.fm.project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.user_domain_name -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.fm.user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.username -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "username" .Values.endpoints.identity.auth.fm.username -}}
{{- end -}}
{{- if empty .Values.conf.fm.keystone_authtoken.password -}}
{{- $_ := set .Values.conf.fm.keystone_authtoken "password" .Values.endpoints.identity.auth.fm.password -}}
{{- end -}}
apiVersion: v1
kind: Secret
metadata:
name: fm-etc
type: Opaque
data:
api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
fm.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.fm | b64enc }}
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}

89
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/deployment.yaml
View File

@ -1,89 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.deployment_fm_rest_api }}
{{- $envAll := . }}
{{- $mounts_fm_rest_api := .Values.pod.mounts.fm_rest_api.fm_rest_api }}
{{- $mounts_fm_rest_api_init := .Values.pod.mounts.fm_rest_api.init_container }}
{{- $serviceAccountName := "fm" }}
{{ tuple $envAll "fmapi" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: fm-rest-api
labels:
{{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.api }}
selector:
matchLabels:
{{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "fmapi" $mounts_fm_rest_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: fm-rest-api
volumeMounts:
- name: fm-bin
mountPath: /tmp/fm-rest-api.sh
subPath: fm-rest-api.sh
readOnly: true
- name: fm-etc
mountPath: /etc/fm/api-paste.ini
subPath: api-paste.ini
readOnly: true
- name: fm-etc
mountPath: /etc/fm/fm.conf
subPath: fm.conf
readOnly: true
- name: fm-etc
mountPath: /etc/fm/logging.conf
subPath: logging.conf
readOnly: true
- name: fm-etc-event
mountPath: /etc/fm/events.yaml
readOnly: true
command:
- /tmp/fm-rest-api.sh
image: "{{ .Values.images.tags.fm_rest_api }}"
imagePullPolicy: {{ .Values.images.pullPolicy }}
ports:
- name: http
containerPort: 18003
protocol: TCP
resources:
{{ toYaml .Values.resources | indent 12 }}
nodeSelector:
{{ .Values.labels.fm_api.node_selector_key }}: {{ .Values.labels.fm_api.node_selector_value }}
affinity:
{{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
volumes:
- name: fm-etc
secret:
secretName: fm-etc
defaultMode: 0644
- name: fm-bin
configMap:
name: fm-bin
defaultMode: 0755
- name: fm-etc-event
hostPath:
path: /etc/fm/events.yaml
type: File
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/ingress.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.ingress .Values.network.faultmanagement.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendService" "faultmanagement" "backendServiceType" "faultmanagement" "backendPort" "fm-port" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-db-drop.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_db_drop }}
{{- $dbDropJob := dict "envAll" . "serviceName" "fm" -}}
{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-db-init.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_db_init }}
{{- $dbInitJob := dict "envAll" . "serviceName" "fm" -}}
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-db-sync.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_db_sync }}
{{- $dbSyncJob := dict "envAll" . "serviceName" "fm" -}}
{{ $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-ks-endpoints.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "fm" "serviceTypes" ( tuple "faultmanagement" ) -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-ks-service.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_ks_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "fm" "serviceTypes" ( tuple "faultmanagement" ) -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
{{- end }}

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/job-ks-user.yaml
View File

@ -1,10 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_ks_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "fm" -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}

20
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/secret-db.yaml
View File

@ -1,20 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_db }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "fm" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
{{- end }}
{{- end }}

20
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/secret-keystone.yaml
View File

@ -1,20 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "fm" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

21
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/service-ingress.yaml
View File

@ -1,21 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress .Values.network.faultmanagement.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "faultmanagement" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

29
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/templates/service.yaml
View File

@ -1,29 +0,0 @@
{{/*
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.service_fm }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "faultmanagement" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: fm-port
port: {{ .Values.network.faultmanagement.port }}
{{ if .Values.network.faultmanagement.node_port.enabled }}
nodePort: {{ .Values.network.faultmanagement.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "fm" "fmapi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.faultmanagement.node_port.enabled }}
type: NodePort
{{ if .Values.network.faultmanagement.external_policy_local }}
externalTrafficPolicy: Local
{{ end }}
{{ end }}
{{- end }}

359
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/fm-rest-api/values.yaml
View File

@ -1,359 +0,0 @@
#
# SPDX-License-Identifier: Apache-2.0
#
# Default values for fm-rest-api.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
labels:
fm_api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
fm_rest_api: docker.io/starlingx/stx-fm-rest-api:master-centos-stable-latest
ks_user: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_service: docker.io/starlingx/stx-heat:master-centos-stable-latest
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
fm_db_sync: docker.io/starlingx/stx-fm-rest-api:master-centos-stable-latest
db_init: docker.io/starlingx/stx-heat:master-centos-stable-latest
db_drop: docker.io/starlingx/stx-heat:master-centos-stable-latest
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
pullPolicy: IfNotPresent
local_registry:
active: false
nameOverride: ""
fullnameOverride: ""
network:
faultmanagement:
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
port: 18003
node_port:
enabled: false
port: 30083
external_policy_local: false
ingress:
enabled: false
annotations: {}
paths: []
hosts:
- fm-rest-api
tls: []
conf:
paste:
app:api_v1:
paste.app_factory: fm.api.app:app_factory
filter:authtoken:
acl_public_routes: /, /v1
paste.filter_factory: fm.api.middleware.auth_token:AuthTokenMiddleware.factory
filter:request_id:
paste.filter_factory: oslo_middleware:RequestId.factory
pipeline:fm-api:
pipeline: request_id authtoken api_v1
fm:
DEFAULT:
log_config_append: /etc/fm/logging.conf
trap_destinations:
region_name: RegionOne
event_log_max_size: 4000
database:
idle_timeout: 60
max_pool_size: 1
max_overflow: 20
oslo_middleware:
enable_proxy_headers_parsing: True
keystone_authtoken:
auth_type: password
auth_version: v3
sysinv:
catalog_info: platform:sysinv:internalURL
os_region_name: RegionOne
api:
api_paste_config: /etc/fm/api-paste.ini
api_workers: 2
bind_port: 18003
logging:
loggers:
keys:
- root
- fm
handlers:
keys:
- stdout
- stderr
- "null"
formatters:
keys:
- context
- default
logger_root:
level: WARNING
handlers: 'null'
logger_fm:
level: INFO
handlers:
- stdout
qualname: fm
logger_eventletwsgi:
level: WARNING
handlers: stderr
qualname: eventlet.wsgi.server
logger_sqlalchemy:
level: WARNING
handlers: stderr
qualname: sqlalchemy
handler_null:
class: logging.NullHandler
formatter: default
args: ()
handler_stdout:
class: StreamHandler
args: (sys.stdout,)
formatter: context
handler_stderr:
class: StreamHandler
args: (sys.stderr,)
formatter: context
formatter_context:
class: oslo_log.formatters.ContextFormatter
formatter_default:
format: "%(message)s"
dependencies:
static:
fmapi:
jobs:
- fm-ks-user
- fm-ks-service
- fm-ks-endpoints
- fm-db-sync
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
ks_endpoints:
jobs:
- fm-ks-user
- fm-ks-service
services:
- endpoint: internal
service: identity
db_drop:
services:
- endpoint: internal
service: oslo_db
db_init:
services:
- endpoint: internal
service: oslo_db
db_sync:
jobs:
- fm-db-init
services:
- endpoint: internal
service: oslo_db
ks_service:
services:
- endpoint: internal
service: identity
ks_user:
services:
- endpoint: internal
service: identity
manifests:
configmap_bin: true
configmap_etc: true
deployment_fm_rest_api: true
ingress: true
job_ks_endpoints: true
job_db_init: true
job_db_sync: true
job_db_drop: false
job_ks_user: true
job_ks_service: true
secret_db: true
secret_ingress_tls: false
secret_keystone: true
service_fm: true
service_ingress: true
endpoints:
cluster_domain_suffix: cluster.local
oslo_db:
auth:
admin:
username: root
password: password
fm:
username: fm
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /fm
scheme: mysql+pymysql
port:
mysql:
default: 3306
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
fm:
role: admin
region_name: RegionOne
username: fm
password: password
project_name: service
user_domain_name: service
project_domain_name: service
hosts:
default: keystone-api
public: keystone
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
api:
default: 80
internal: 5000
faultmanagement:
name: fm
hosts:
default: fm-rest-api
public: fm
host_fqdn_override:
default: null
path:
default: null
scheme:
default: 'http'
port:
api:
default: 18003
public: 80
pod:
user:
fm_rest_api:
uid: 42424
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
fm_rest_api:
init_container: null
fm_rest_api:
replicas:
api: 2
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
daemonsets:
pod_replacement_strategy: RollingUpdate
compute:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
disruption_budget:
fm:
min_available: 0
termination_grace_period:
fm:
timeout: 30
resources:
jobs:
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_drop:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
secrets:
identity:
admin: fm-keystone-admin
fm: fm-keystone-user
oslo_db:
admin: fm-db-admin
fm: fm-db-user
tls:
faultmanagement:
fm_api:
public: fm-rest-api-tls-public
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}

5
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: "1.0"
description: StarlingX-Helm keystone-api-proxy
name: keystone-api-proxy
version: 0.1.0

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/requirements.yaml
View File

@ -1,10 +0,0 @@
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

35
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/bin/_endpoint-update.sh.tpl
View File

@ -1,35 +0,0 @@
#!/bin/bash
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
# Get service id
OS_SERVICE_ID=$( openstack service list -c Type -c ID -f value | \
grep ${OS_SERVICE_TYPE} | cut -f1 -d" " )
# Check if endpoint exists
OS_ENDPOINT_ID=$( openstack endpoint list --service ${OS_SERVICE_TYPE} \
--region ${OS_SERVICE_REGION} \
--interface ${OS_SVC_ENDPOINT} -c ID -f value )
# Delete the old endpoint
if [[ -v $OS_ENDPOINT_ID ]]; then
openstack endpoint delete ${OS_ENDPOINT_ID}
fi
# Create the new endpoint
OS_ENDPOINT_ID=$( openstack endpoint create -f value -c id \
--region=${OS_SERVICE_REGION} \
"${OS_SERVICE_ID}" \
${OS_SVC_ENDPOINT} \
"${OS_SERVICE_ENDPOINT}" )
# Display the Endpoint
openstack endpoint show ${OS_ENDPOINT_ID}

13
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/bin/_keystone-api-proxy.sh.tpl
View File

@ -1,13 +0,0 @@
#!/bin/bash
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
dcorch-api-proxy --config-file=/etc/dcorch/dcorch.conf --type identity

21
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/configmap-bin.yaml
View File

@ -1,21 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-api-proxy-bin
data:
keystone-api-proxy.sh: |
{{ tuple "bin/_keystone-api-proxy.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
endpoint-update.sh: |
{{ tuple "bin/_endpoint-update.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

28
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/configmap-etc.yaml
View File

@ -1,28 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- define "keystone_proxy.configmap.etc" }}
{{- $envAll := index . 1 }}
{{- with $envAll }}
apiVersion: v1
kind: ConfigMap
metadata:
name: keystone-api-proxy-etc
data:
dcorch.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone_api_proxy | indent 4 }}
api-paste.ini : |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | indent 4 }}
logging.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }}
{{- end }}
{{- end }}
{{- if .Values.manifests.configmap_etc }}
{{- list "keystone-proxy-etc" . | include "keystone_proxy.configmap.etc" }}
{{- end }}

88
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/deployment.yaml
View File

@ -1,88 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.deployment_api_proxy }}
{{- $envAll := . }}
{{- $mounts_keystone_api_proxy := .Values.pod.mounts.keystone_api_proxy.keystone_api_proxy }}
{{- $mounts_keystone_api_proxy_init := .Values.pod.mounts.keystone_api_proxy.init_container }}
{{- $serviceAccountName := "keystone-api-proxy" }}
{{ tuple $envAll "keystone-api-proxy" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keystone-api-proxy
labels:
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.proxy }}
selector:
matchLabels:
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.keystone_api_proxy.node_selector_key }}: {{ .Values.labels.keystone_api_proxy.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.keystone_api_proxy.timeout | default "30" }}
initContainers:
{{ tuple $envAll "api" $mounts_keystone_api_proxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: keystone-api-proxy
{{ tuple $envAll "keystone_api_proxy" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.keystone_api_proxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.keystone_api_proxy.uid }}
command:
- /tmp/keystone-api-proxy.sh
ports:
- name: ks-proxy
containerPort: {{ tuple "keystone_api_proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
tcpSocket:
port: {{ tuple "keystone_api_proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
- name: keystone-api-proxy-bin
mountPath: /tmp/keystone-api-proxy.sh
subPath: keystone-api-proxy.sh
readOnly: true
- name: keystone-api-proxy-etc
mountPath: /etc/dcorch/dcorch.conf
subPath: dcorch.conf
readOnly: true
- name: keystone-api-proxy-etc
mountPath: /etc/dcorch/logging.conf
subPath: logging.conf
readOnly: true
- name: keystone-api-proxy-etc
mountPath: /etc/dcorch/api-paste.ini
subPath: api-paste.ini
readOnly: true
{{ if $mounts_keystone_api_proxy.volumeMounts }}{{ toYaml $mounts_keystone_api_proxy.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: keystone-api-proxy-bin
configMap:
name: keystone-api-proxy-bin
defaultMode: 0777
- name: keystone-api-proxy-etc
configMap:
name: keystone-api-proxy-etc
defaultMode: 0777
{{ if $mounts_keystone_api_proxy.volumes}}{{ toYaml $mounts_keystone_api_proxy.volumes | indent 8 }}{{ end }}
{{- end }}

13
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/image_repo_sync.yaml
View File

@ -1,13 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "keystone-api-proxy" -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/ingress.yaml
View File

@ -1,12 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.ingress_api .Values.network.keystone_api_proxy.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendService" "keystone_api_proxy" "backendServiceType" "keystone_api_proxy" "backendPort" "ks-api-proxy" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

75
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/job-ks-endpoints.yaml
View File

@ -1,75 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
#
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $envAll := . }}
{{- $serviceName := "keystone-api-proxy" }}
{{- $serviceRegion := $envAll.Values.endpoints.keystone_api_proxy.region_name }}
{{- $nodeSelector := dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value -}}
{{- $configMapBin := printf "%s-%s" $serviceName "bin" }}
{{- $serviceAccountName := printf "%s-%s" $serviceName "ks-endpoints" }}
{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceName "ks-endpoints" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
{{- range $key1, $osServiceType := tuple "identity" }}
{{- range $key2, $osRealServiceType := tuple "keystone_api_proxy" }}
{{- range $key3, $osServiceEndPoint := tuple "admin" "internal" "public" }}
- name: {{ printf "%s-%s-%s" "keystone-proxy" "ks-endpoints" $osServiceEndPoint | quote }}
image: {{ $envAll.Values.images.tags.ks_endpoints }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
{{- $osServiceRegion := $serviceRegion }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/endpoint-update.sh
volumeMounts:
- name: endpoint-update-sh
mountPath: /tmp/endpoint-update.sh
subPath: endpoint-update.sh
readOnly: true
env:
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
{{- end }}
- name: OS_SVC_ENDPOINT
value: {{ $osServiceEndPoint | quote }}
- name: OS_SERVICE_NAME
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
- name: OS_SERVICE_TYPE
value: {{ $osServiceType | quote }}
- name: OS_SERVICE_ENDPOINT
value: {{ tuple $osRealServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
- name: OS_SERVICE_REGION
value: {{ $osServiceRegion | quote }}
{{- end }}
{{- end }}
volumes:
- name: endpoint-update-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}
{{- end }}

11
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/secret-ingress-tls.yaml
View File

@ -1,11 +0,0 @@
{{/*
#
#Copyright (c) 2019 Wind River Systems, Inc.
#
#SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{ include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "keystone_api_proxy" ) }}
{{- end }}

22
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/secret.yaml
View File

@ -1,22 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/service-ingress.yaml
View File

@ -1,12 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.service_ingress_api .Values.network.keystone_api_proxy.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "keystone_api_proxy" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

31
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/templates/service.yaml
View File

@ -1,31 +0,0 @@
{{/*
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.service_api }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "keystone-api-proxy" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: ks-api-proxy
port: {{ tuple "keystone-api-proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.keystone_api_proxy.node_port.enabled }}
nodePort: {{ .Values.network.keystone_api_proxy.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.keystone_api_proxy.node_port.enabled }}
type: NodePort
{{ if .Values.network.keystone_api_proxy.external_policy_local }}
externalTrafficPolicy: Local
{{ end }}
{{ end }}
{{- end }}

274
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/keystone-api-proxy/values.yaml
View File

@ -1,274 +0,0 @@
#
# Copyright (c) 2019 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# Default values for keystone-api-proxy.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
labels:
keystone_api_proxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
ks_endpoints: docker.io/openstackhelm/heat:pike
keystone_api_proxy: docker.io/starlingx/stx-keystone-api-proxy:master-centos-stable-latest
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
pullPolicy: IfNotPresent
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
network:
keystone_api_proxy:
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
external_policy_local: false
node_port:
enabled: false
port: 25000
conf:
keystone_api_proxy:
DEFAULT:
log_config_append: /etc/dcorch/logging.conf
api_paste_config: api-paste.ini
debug: False
use_syslog: False
transport_url: rabbit://guest:guess@127.0.0.1:5672
database:
connection: postgresql+psycopg2://admin-dcorch:admin-dcorch@127.0.0.1/dcorch
identity:
bind_host: 0.0.0.0
bind_port: 25000
remote_host: keystone-api.openstack.svc.cluster.local
remote_port: 5000
paste:
pipeline:dcorch-api-proxy:
pipeline: filter acceptor proxyapp
filter:filter:
paste.filter_factory: dcorch.api.proxy.apps.filter:ApiFiller.factory
filter:acceptor:
paste.filter_factory: dcorch.api.proxy.apps.acceptor:Acceptor.factory
app:proxyapp:
paste.app_factory: dcorch.api.proxy.apps.proxy:Proxy.factory
logging:
loggers:
keys:
- root
- dcorch
handlers:
keys:
- stdout
- stderr
- "null"
formatters:
keys:
- context
- default
logger_root:
level: WARNING
handlers: null
logger_dcorch:
level: INFO
handlers:
- stdout
qualname: dcorch
logger_amqp:
level: INFO
handlers: stdout
qualname: amqp
logger_amqplib:
level: INFO
handlers: stdout
qualname: amqplib
logger_eventletwsgi:
level: WARNING
handlers: stderr
qualname: eventlet.wsgi.server
logger_sqlalchemy:
level: WARNING
handlers: stderr
qualname: sqlalchemy
logger_boto:
level: WARNING
handlers: stderr
qualname: boto
handler_null:
class: logging.NullHandler
formatter: default
args: ()
handler_stdout:
class: StreamHandler
args: (sys.stdout,)
formatter: context
handler_stderr:
class: StreamHandler
args: (sys.stderr,)
formatter: context
formatter_context:
class: oslo_log.formatters.ContextFormatter
formatter_default:
format: "%(message)s"
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
ks_endpoints:
services:
- endpoint: internal
service: identity
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
hosts:
default: keystone
internal: keystone-api
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
api:
default: 80
internal: 5000
keystone_api_proxy:
name: keystone-proxy
region_name: SystemController
hosts:
default: keystone-api-proxy
public: keystone-proxy
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: 'http'
port:
api:
default: 25000
public: 80
pod:
user:
keystone_api_proxy:
uid: 0
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
keystone_api_proxy:
init_container: null
keystone_api_proxy:
replicas:
proxy: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
disruption_budget:
keystone_api_proxy:
min_available: 0
termination_grace_period:
keystone_api_proxy:
timeout: 60
resources:
enabled: false
keystone_api_proxy:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
secrets:
identity:
admin: dcorch-keystone-admin
tls:
keystone_api_proxy:
keystone_api_proxy:
public: keystone-api-proxy-tls-public
manifests:
configmap_bin: true
configmap_etc: true
deployment_api_proxy: true
ingress_api: true
secret_keystone: true
service_api: true
service_ingress_api: true
job_ks_endpoints: true
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}

3347
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/manifests/manifest.yaml
View File

File diff suppressed because it is too large Load Diff

5
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/Chart.yaml
View File

@ -1,5 +0,0 @@
apiVersion: v1
appVersion: "1.0"
description: StarlingX-Helm nova-api-proxy
name: nova-api-proxy
version: 0.1.0

10
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/requirements.yaml
View File

@ -1,10 +0,0 @@
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

13
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/bin/_nova-api-proxy.sh.tpl
View File

@ -1,13 +0,0 @@
#!/bin/bash
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
set -ex
nova-api-proxy --config-file=/etc/proxy/nova-api-proxy.conf

19
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/configmap-bin.yaml
View File

@ -1,19 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: nova-api-proxy-bin
data:
nova-api-proxy.sh: |
{{ tuple "bin/_nova-api-proxy.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

55
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/configmap-etc.yaml
View File

@ -1,55 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- define "nova_proxy.configmap.etc" }}
{{- $envAll := index . 1 }}
{{- with $envAll }}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.auth_uri -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova_api_proxy.keystone_authtoken "auth_uri" -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.auth_url -}}
{{- $_ := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova_api_proxy.keystone_authtoken "auth_url" -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.region_name -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "region_name" .Values.endpoints.identity.auth.nova.region_name -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.project_name -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "project_name" .Values.endpoints.identity.auth.nova.project_name -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.project_domain_name -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.nova.project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.user_domain_name -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.nova.user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.username -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "username" .Values.endpoints.identity.auth.nova.username -}}
{{- end -}}
{{- if empty .Values.conf.nova_api_proxy.keystone_authtoken.password -}}
{{- $_ := set .Values.conf.nova_api_proxy.keystone_authtoken "password" .Values.endpoints.identity.auth.nova.password -}}
{{- end -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: nova-api-proxy-etc
data:
nova-api-proxy.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_api_proxy | indent 4 }}
api-proxy-paste.ini: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | indent 4 }}
logging.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }}
{{- end }}
{{- end }}
{{- if .Values.manifests.configmap_etc }}
{{- list "nova-proxy-etc" . | include "nova_proxy.configmap.etc" }}
{{- end }}

88
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/deployment.yaml
View File

@ -1,88 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.deployment_api_proxy }}
{{- $envAll := . }}
{{- $mounts_nova_api_proxy := .Values.pod.mounts.nova_api_proxy.nova_api_proxy }}
{{- $mounts_nova_api_proxy_init := .Values.pod.mounts.nova_api_proxy.init_container }}
{{- $serviceAccountName := "nova-api-proxy" }}
{{ tuple $envAll "proxy" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nova-api-proxy
labels:
{{ tuple $envAll "nova" "api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.proxy }}
selector:
matchLabels:
{{ tuple $envAll "nova" "api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "nova" "api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "nova" "api-proxy" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.api_proxy.node_selector_key }}: {{ .Values.labels.api_proxy.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api_proxy.timeout | default "30" }}
initContainers:
{{ tuple $envAll "api" $mounts_nova_api_proxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: nova-api-proxy
{{ tuple $envAll "nova_api_proxy" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.api_proxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.nova_api_proxy.uid }}
command:
- /tmp/nova-api-proxy.sh
ports:
- name: n-api
containerPort: {{ tuple "compute" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
tcpSocket:
port: {{ tuple "compute" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
- name: nova-api-proxy-bin
mountPath: /tmp/nova-api-proxy.sh
subPath: nova-api-proxy.sh
readOnly: true
- name: nova-api-proxy-etc
mountPath: /etc/proxy/nova-api-proxy.conf
subPath: nova-api-proxy.conf
readOnly: true
- name: nova-api-proxy-etc
mountPath: /etc/proxy/logging.conf
subPath: logging.conf
readOnly: true
- name: nova-api-proxy-etc
mountPath: /etc/proxy/api-proxy-paste.ini
subPath: api-proxy-paste.ini
readOnly: true
{{ if $mounts_nova_api_proxy.volumeMounts }}{{ toYaml $mounts_nova_api_proxy.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: nova-api-proxy-bin
configMap:
name: nova-api-proxy-bin
defaultMode: 0777
- name: nova-api-proxy-etc
configMap:
name: nova-api-proxy-etc
defaultMode: 0777
{{ if $mounts_nova_api_proxy.volumes}}{{ toYaml $mounts_nova_api_proxy.volumes | indent 8 }}{{ end }}
{{- end }}

13
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/image_repo_sync.yaml
View File

@ -1,13 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "nova-api-proxy" -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/ingress.yaml
View File

@ -1,12 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.ingress_api .Values.network.api_proxy.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendService" "api_proxy" "backendServiceType" "compute" "backendPort" "n-api-proxy" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/job-ks-endpoints.yaml
View File

@ -1,12 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "nova" "serviceTypes" ( tuple "compute" ) -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}

11
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/secret-ingress-tls.yaml
View File

@ -1,11 +0,0 @@
{{/*
#
#Copyright (c) 2018 Wind River Systems, Inc.
#
#SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{ include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendService" "osapi" "backendServiceType" "compute" ) }}
{{- end }}

22
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/secret-keystone.yaml
View File

@ -1,22 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "nova" "test" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

12
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/service-ingress-api.yaml
View File

@ -1,12 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if and .Values.manifests.service_ingress_api .Values.network.api_proxy.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "compute" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

31
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/templates/service.yaml
View File

@ -1,31 +0,0 @@
{{/*
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
*/}}
{{- if .Values.manifests.service_api }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "compute" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: n-api-proxy
port: {{ tuple "compute" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.api_proxy.node_port.enabled }}
nodePort: {{ .Values.network.api_proxy.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "nova" "api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.api_proxy.node_port.enabled }}
type: NodePort
{{ if .Values.network.api_proxy.external_policy_local }}
externalTrafficPolicy: Local
{{ end }}
{{ end }}
{{- end }}

311
kubernetes/applications/stx-openstack/stx-openstack-helm/stx-openstack-helm/nova-api-proxy/values.yaml
View File

@ -1,311 +0,0 @@
#
# Copyright (c) 2018 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# Default values for nova-api-proxy.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
labels:
api_proxy:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
nova_api_proxy: docker.io/starlingx/stx-nova-api-proxy:master-centos-stable-latest
ks_endpoints: docker.io/openstackhelm/heat:pike
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
pullPolicy: IfNotPresent
local_registry:
active: false
exclude:
- dep_check
- image_repo_sync
network:
api_proxy:
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
external_policy_local: false
node_port:
enabled: false
port: 8774
conf:
nova_api_proxy:
DEFAULT:
log_config_append: /etc/proxy/logging.conf
api_paste_config: api-proxy-paste.ini
auth_strategy: keystone
debug: False
use_syslog: False
show_request_body: False
pool_size: 256
osapi_proxy_listen: 0.0.0.0
osapi_proxy_listen_port: 8774
osapi_compute_listen: nova-api.openstack.svc.cluster.local
osapi_compute_listen_port: 8774
nfvi_compute_listen_port: 30003
nfvi_compute_listen: 0.0.0.0
keystone_authtoken:
auth_type: password
auth_version: v3
paste:
pipeline:nova-api-proxy:
pipeline: version authtoken acceptor proxyapp
filter:debug_header:
paste.filter_factory: nova_api_proxy.apps.acceptor:DebugHeaders.factory
filter:version:
paste.filter_factory: nova_api_proxy.apps.acceptor:VersionAcceptor.factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
filter:acceptor:
paste.filter_factory: nova_api_proxy.apps.acceptor:Acceptor.factory
app:proxyapp:
paste.app_factory: nova_api_proxy.apps.proxy:Proxy.factory
logging:
loggers:
keys:
- root
- nova_api_proxy
- keystonemiddleware
handlers:
keys:
- stdout
- stderr
- "null"
formatters:
keys:
- context
- default
logger_root:
level: WARNING
handlers: null
logger_nova_api_proxy:
level: INFO
handlers:
- stdout
qualname: nova_api_proxy
logger_keystonemiddleware:
level: INFO
handlers:
- stdout
qualname: keystonemiddleware
logger_amqp:
level: WARNING
handlers: stderr
qualname: amqp
logger_amqplib:
level: WARNING
handlers: stderr
qualname: amqplib
logger_eventletwsgi:
level: WARNING
handlers: stderr
qualname: eventlet.wsgi.server
logger_sqlalchemy:
level: WARNING
handlers: stderr
qualname: sqlalchemy
logger_boto:
level: WARNING
handlers: stderr
qualname: boto
handler_null:
class: logging.NullHandler
formatter: default
args: ()
handler_stdout:
class: StreamHandler
args: (sys.stdout,)
formatter: context
handler_stderr:
class: StreamHandler
args: (sys.stderr,)
formatter: context
formatter_context:
class: oslo_log.formatters.ContextFormatter
formatter_default:
format: "%(message)s"
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
ks_endpoints:
jobs:
- nova-ks-user
- nova-ks-service
services:
- endpoint: internal
service: identity
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
nova:
role: admin
region_name: RegionOne
username: nova
password: password
project_name: service
user_domain_name: service
project_domain_name: service
hosts:
default: keystone-api
public: keystone
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
api:
default: 80
internal: 5000
compute:
name: nova
hosts:
default: nova-api-proxy
public: nova
host_fqdn_override:
default: null
# NOTE(portdirect): this chart supports TLS for fqdn over-ridden public
# endpoints using the following format:
# public:
# host: null
# tls:
# crt: null
# key: null
path:
default: "/v2.1/%(tenant_id)s"
scheme:
default: 'http'
port:
api:
default: 8774
public: 80
pod:
user:
nova_api_proxy:
uid: 42424
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
nova_api_proxy:
init_container: null
nova_api_proxy:
replicas:
proxy: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
daemonsets:
pod_replacement_strategy: RollingUpdate
compute:
enabled: true
min_ready_seconds: 0
max_unavailable: 1
disruption_budget:
api_proxy:
min_available: 0
termination_grace_period:
api_proxy:
timeout: 30
resources:
enabled: false
api_proxy:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
secrets:
identity:
admin: nova-keystone-admin
nova: nova-keystone-user
tls:
compute:
api_proxy:
public: nova-api-proxy-tls-public
manifests:
configmap_bin: true
configmap_etc: true
deployment_api_proxy: true
ingress_api: true
service_api: true
service_ingress_api: true
job_ks_endpoints: true
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}

18
kubernetes/helm-charts/garbd/Chart.yaml
View File

@ -1,18 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm Garbd
name: garbd
version: 0.1.0

18
kubernetes/helm-charts/garbd/requirements.yaml
View File

@ -1,18 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

21
kubernetes/helm-charts/garbd/templates/bin/_garbd.sh.tpl
View File

@ -1,21 +0,0 @@
#!/bin/sh
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec garbd --group=${GROUP_NAME} --address="${GROUP_ADDRESS}"

32
kubernetes/helm-charts/garbd/templates/configmap-bin.yaml
View File

@ -1,32 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
{{- $configMapBinName := printf "%s-%s" $envAll.Release.Name "garbd-bin" }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ $configMapBinName }}
data:
{{- if .Values.images.local_registry.active }}
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
{{- end }}
garbd.sh: |
{{ tuple "bin/_garbd.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

76
kubernetes/helm-charts/garbd/templates/deployment.yaml
View File

@ -1,76 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment }}
{{- $envAll := . }}
{{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "garbd" }}
{{- $configMapBinName := printf "%s-%s" $envAll.Release.Name "garbd-bin" }}
{{ tuple $envAll "garbd" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ $rcControllerName | quote }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "garbd" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.server }}
selector:
matchLabels:
{{ tuple $envAll "garbd" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
labels:
{{ tuple $envAll "garbd" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
shareProcessNamespace: true
serviceAccountName: {{ $rcControllerName | quote }}
affinity:
{{ tuple $envAll "garbd" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value | quote }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.garbd.timeout | default "30" }}
initContainers:
{{ tuple $envAll "garbd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: garbd
{{ tuple $envAll "garbd" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: GROUP_NAME
value: {{ .Values.conf.garbd.group_name | quote }}
- name: GROUP_ADDRESS
value: {{ .Values.conf.garbd.group_address | quote }}
command:
- /tmp/garbd.sh
volumeMounts:
- name: garbd-bin
mountPath: /tmp/garbd.sh
subPath: garbd.sh
readOnly: true
volumes:
- name: garbd-bin
configMap:
name: {{ $configMapBinName | quote }}
defaultMode: 0555
{{- end }}

20
kubernetes/helm-charts/garbd/templates/job-image-repo-sync.yaml
View File

@ -1,20 +0,0 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "garbd" -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

19
kubernetes/helm-charts/garbd/templates/network_policy.yaml
View File

@ -1,19 +0,0 @@
{{/*
Copyright 2017-2018 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.network_policy -}}
{{- $netpol_opts := dict "envAll" . "name" "application" "label" "garbd" -}}
{{ $netpol_opts | include "helm-toolkit.manifests.kubernetes_network_policy" }}
{{- end -}}

125
kubernetes/helm-charts/garbd/values.yaml
View File

@ -1,125 +0,0 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for garbd.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
conf:
garbd:
group_name: mariadb-server_openstack
group_address: gcomm://mariadb-server-0.mariadb-discovery.openstack.svc.cluster.local,mariadb-server-1.mariadb-discovery.openstack.svc.cluster.local
dependencies:
dynamic:
common:
local_image_registry:
jobs:
- garbd-image-repo-sync
services:
- endpoint: node
service: local_image_registry
static:
image_repo_sync:
services:
- endpoint: internal
service: local_image_registry
endpoints:
cluster_domain_suffix: cluster.local
local_image_registry:
name: docker-registry
namespace: docker-registry
hosts:
default: localhost
internal: docker-registry
node: localhost
host_fqdn_override:
default: null
port:
registry:
node: 5000
kube_dns:
namespace: kube-system
name: kubernetes-dns
hosts:
default: kube-dns
host_fqdn_override:
default: null
path:
default: null
scheme: http
port:
dns_tcp:
default: 53
dns:
default: 53
protocol: UDP
network_policy:
garbd:
ingress:
- {}
images:
pull_policy: IfNotPresent
tags:
dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.1'
garbd: 'docker.io/starlingx/stx-mariadb:master-centos-stable-latest'
image_repo_sync: docker.io/docker:17.07.0
local_registry:
active: false
exclude:
- image_repo_sync
labels:
server:
node_selector_key: openstack-compute-node
node_selector_value: enabled
manifests:
configmap_bin: true
deployment: true
network_policy: false
pod:
affinity:
anti:
topologyKey:
default: kubernetes.io/hostname
type:
default: preferredDuringSchedulingIgnoredDuringExecution
lifecycle:
upgrades:
deployments:
pod_replacement_strategy: RollingUpdate
revision_history: 3
rolling_update:
max_surge: 3
max_unavailable: 1
termination_grace_period:
garbd:
timeout: 10
replicas:
server: 1
resources:
enabled: false
garbd:
limits:
cpu: "2000m"
memory: "1024Mi"
requests:
cpu: "500m"
memory: "128Mi"

10
kubernetes/helm-charts/nginx-ports-control/Chart.yaml
View File

@ -1,10 +0,0 @@
#
# Copyright (c) 2019 Intel, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
apiVersion: v1
description: Nginx Ports Control
name: nginx-ports-control
version: 0.1.0

40
kubernetes/helm-charts/nginx-ports-control/templates/global_network_policy.yaml
View File

@ -1,40 +0,0 @@
{{/*
Copyright (c) 2019 Intel, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.global_network_policy -}}
{{- $http_port := .Values.global_network_policy.ingress.destination.http_port}}
{{- $https_port := .Values.global_network_policy.ingress.destination.https_port}}
---
apiVersion: "crd.projectcalico.org/v1"
kind: GlobalNetworkPolicy
metadata:
name: gnp-for-nginx-ports
namespace: openstack
spec:
selector: "has(iftype) && iftype == 'oam'"
order: 100
applyOnForward: false
types:
- Ingress
- Egress
ingress:
- action: Allow
ipVersion: {{ .Values.global_network_policy.ingress.ipVersion }}
protocol: {{ .Values.global_network_policy.ingress.protocol }}
destination:
ports: [{{$http_port}}, {{$https_port}}]
egress:
- action: Allow
{{- end -}}

21
kubernetes/helm-charts/nginx-ports-control/values.yaml
View File

@ -1,21 +0,0 @@
#
# Copyright (c) 2019 Intel, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# Default values for node-feature-discovery.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
global_network_policy:
ingress:
ipVersion: 4
protocol: TCP
destination:
http_port: 80
https_port: 443
manifests:
global_network_policy: true

5
tox.ini
View File

@ -34,11 +34,6 @@ commands =
-print0 | xargs -0 yamllint -f parsable \ -print0 | xargs -0 yamllint -f parsable \
-c {toxinidir}/.yamllint" -c {toxinidir}/.yamllint"
bash -c "find {toxinidir}/kubernetes/applications/*/*/*/manifests \
-type f -name '*.yaml' \
-print0 | xargs -0 yamllint -f parsable \
-c {toxinidir}/.yamllint"
[testenv:pep8] [testenv:pep8]
basepython = python3 basepython = python3
usedevelop = False usedevelop = False