Merge "openstack-helm-infra: remove dl_hook"
This commit is contained in:
Zuul
Gerrit Code Review
commit
2a0a6f24a0
@ -0,0 +1,26 @@
|
||||
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
|
||||
From: Angie Wang <angie.wang@windriver.com>
|
||||
Date: Mon, 11 Feb 2019 11:29:03 -0500
|
||||
Subject: [PATCH 2/4] Add imagePullSecrets in service account
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
index b4cf1a6..2f4113b 100644
|
||||
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
|
||||
@@ -44,6 +44,8 @@ kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ $saName }}
|
||||
namespace: {{ $saNamespace }}
|
||||
+imagePullSecrets:
|
||||
+ - name: default-registry-key
|
||||
{{- range $k, $v := $deps -}}
|
||||
{{- if eq $k "services" }}
|
||||
{{- range $serv := $v }}
|
||||
--
|
||||
2.16.5
|
||||
|
||||
@ -0,0 +1,65 @@
|
||||
From b3829fef30e76fdf498fa1d0d35185f642dce5f6 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Mon, 8 Apr 2019 02:12:39 -0400
|
||||
Subject: [PATCH 4/4] Partial revert of
|
||||
31e3469d28858d7b5eb6355e88b6f49fd62032be
|
||||
|
||||
Suspect that new use of mergeOverwrite vs. merge is breaking the
|
||||
per-host DaemonSet overrides.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
|
||||
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index 10ab166..ab1177a 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -49,10 +49,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $host_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -89,10 +89,10 @@ limitations under the License.
|
||||
{{- $override_conf_copy := $label_data.conf }}
|
||||
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
|
||||
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
|
||||
- {{- $merged_dict := mergeOverwrite $root_conf_copy $override_conf_copy }}
|
||||
+ {{- $merged_dict := merge $override_conf_copy $root_conf_copy }}
|
||||
{{- $root_conf_copy2 := dict "conf" $merged_dict }}
|
||||
{{- $context_values := omit (omit ($context.Values | toYaml | fromYaml) "conf") "__daemonset_list" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -187,7 +187,7 @@ limitations under the License.
|
||||
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
|
||||
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
|
||||
{{- $context_values := omit $context.Values "conf" }}
|
||||
- {{- $root_conf_copy3 := mergeOverwrite $context_values $root_conf_copy2 }}
|
||||
+ {{- $root_conf_copy3 := merge $context_values $root_conf_copy2 }}
|
||||
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
|
||||
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
|
||||
|
||||
@@ -198,7 +198,7 @@ limitations under the License.
|
||||
{{- range $current_dict := $context.Values.__daemonset_list }}
|
||||
|
||||
{{- $context_novalues := omit $context "Values" }}
|
||||
- {{- $merged_dict := mergeOverwrite $context_novalues $current_dict.nodeData }}
|
||||
+ {{- $merged_dict := merge $current_dict.nodeData $context_novalues }}
|
||||
{{- $_ := set $current_dict "nodeData" $merged_dict }}
|
||||
{{/* Deep copy original daemonset_yaml */}}
|
||||
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -0,0 +1,46 @@
|
||||
From 326fcd76f54d7c099f4c3da6c31eefe0eef2e236 Mon Sep 17 00:00:00 2001
|
||||
From: Ovidiu Poncea <ovidiu.poncea@windriver.com>
|
||||
Date: Mon, 29 Jul 2019 08:00:01 -0400
|
||||
Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
|
||||
|
||||
---
|
||||
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 4 ++--
|
||||
helm-toolkit/templates/utils/_hash.tpl | 2 +-
|
||||
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
index ab1177a..e564869 100644
|
||||
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
|
||||
@@ -215,7 +215,7 @@ limitations under the License.
|
||||
name uniqueness */}}
|
||||
{{- $_ := set $current_dict "dns_1123_name" dict }}
|
||||
{{- if hasKey $current_dict "matchExpressions" }}
|
||||
- {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | quote | sha256sum | trunc 8))) }}
|
||||
+ {{- $_ := set $current_dict "dns_1123_name" (printf (print $name_format2 "-" ($current_dict.matchExpressions | toJson | sha256sum | trunc 8))) }}
|
||||
{{- else }}
|
||||
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
|
||||
{{- end }}
|
||||
@@ -258,7 +258,7 @@ limitations under the License.
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
|
||||
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
|
||||
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
|
||||
- {{- $values_hash := $cmap | quote | sha256sum }}
|
||||
+ {{- $values_hash := $cmap | toJson | sha256sum }}
|
||||
{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata.annotations "configmap-etc-hash" $values_hash }}
|
||||
|
||||
{{/* generate configmap */}}
|
||||
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
|
||||
index 1041ec0..e419e3b 100644
|
||||
--- a/helm-toolkit/templates/utils/_hash.tpl
|
||||
+++ b/helm-toolkit/templates/utils/_hash.tpl
|
||||
@@ -19,5 +19,5 @@ limitations under the License.
|
||||
{{- $context := index . 1 -}}
|
||||
{{- $last := base $context.Template.Name }}
|
||||
{{- $wtf := $context.Template.Name | replace $last $name -}}
|
||||
-{{- include $wtf $context | sha256sum | quote -}}
|
||||
+{{- include $wtf $context | toJson | sha256sum | quote -}}
|
||||
{{- end -}}
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -0,0 +1,55 @@
|
||||
From f4c56def0797f093f626720871bd5e525227685e Mon Sep 17 00:00:00 2001
|
||||
From: Bin Yang <bin.yang@intel.com>
|
||||
Date: Tue, 13 Aug 2019 10:15:14 +0800
|
||||
Subject: [PATCH] add io_thread_pool for rabbitmq
|
||||
|
||||
Signed-off-by: Bin Yang <bin.yang@intel.com>
|
||||
---
|
||||
rabbitmq/templates/statefulset.yaml | 8 ++++++++
|
||||
rabbitmq/values.yaml | 4 ++++
|
||||
2 files changed, 12 insertions(+)
|
||||
|
||||
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
|
||||
index 41dc198..e0e61e6 100644
|
||||
--- a/rabbitmq/templates/statefulset.yaml
|
||||
+++ b/rabbitmq/templates/statefulset.yaml
|
||||
@@ -105,6 +105,10 @@ spec:
|
||||
key: RABBITMQ_ADMIN_PASSWORD
|
||||
- name: RABBITMQ_DEFINITION_FILE
|
||||
value: "{{ index $envAll.Values.conf.rabbitmq "management.load_definitions" }}"
|
||||
+{{- if $envAll.Values.io_thread_pool.enabled }}
|
||||
+ - name: RABBITMQ_IO_THREAD_POOL_SIZE
|
||||
+ value: {{ $envAll.Values.io_thread_pool.size | quote }}
|
||||
+{{- end }}
|
||||
volumeMounts:
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
@@ -215,6 +219,10 @@ spec:
|
||||
{{- if ne (.Values.conf.feature_flags | default "") "default" }}
|
||||
- name: RABBITMQ_FEATURE_FLAGS
|
||||
value: "{{ .Values.conf.feature_flags }}"
|
||||
+{{- end }}
|
||||
+{{- if $envAll.Values.io_thread_pool.enabled }}
|
||||
+ - name: RABBITMQ_IO_THREAD_POOL_SIZE
|
||||
+ value: {{ $envAll.Values.io_thread_pool.size | quote }}
|
||||
{{- end }}
|
||||
readinessProbe:
|
||||
initialDelaySeconds: 10
|
||||
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
|
||||
index 6c95787..9cd3a91 100644
|
||||
--- a/rabbitmq/values.yaml
|
||||
+++ b/rabbitmq/values.yaml
|
||||
@@ -375,6 +375,10 @@ volume:
|
||||
# Set helm3_hook to false while using helm2
|
||||
helm3_hook: true
|
||||
|
||||
+io_thread_pool:
|
||||
+ enabled: false
|
||||
+ size: 64
|
||||
+
|
||||
manifests:
|
||||
certificates: false
|
||||
configmap_bin: true
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -0,0 +1,63 @@
|
||||
From 132df9829fa4c697e0b9701871888708973f9123 Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Fri, 16 Aug 2019 14:29:46 -0400
|
||||
Subject: [PATCH] Enable override of rabbitmq probe parameters
|
||||
|
||||
Add variables for initial delay, period and timeout for rabbitmq
|
||||
liveness and readiness probes.
|
||||
|
||||
Change-Id: I8d2685118eb4ce3b8c27952892f7ad553fc5de77
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
---
|
||||
rabbitmq/templates/statefulset.yaml | 10 ++++++----
|
||||
rabbitmq/values.yaml | 9 +++++++++
|
||||
2 files changed, 15 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
|
||||
index e0e61e6..f71dc3e 100644
|
||||
--- a/rabbitmq/templates/statefulset.yaml
|
||||
+++ b/rabbitmq/templates/statefulset.yaml
|
||||
@@ -225,14 +225,16 @@ spec:
|
||||
value: {{ $envAll.Values.io_thread_pool.size | quote }}
|
||||
{{- end }}
|
||||
readinessProbe:
|
||||
- initialDelaySeconds: 10
|
||||
- timeoutSeconds: 10
|
||||
+ initialDelaySeconds: {{ $envAll.Values.pod.probes.readiness.initialDelaySeconds }}
|
||||
+ periodSeconds: {{ $envAll.Values.pod.probes.readiness.periodSeconds }}
|
||||
+ timeoutSeconds: {{ $envAll.Values.pod.probes.readiness.timeoutSeconds }}
|
||||
exec:
|
||||
command:
|
||||
- /tmp/rabbitmq-readiness.sh
|
||||
livenessProbe:
|
||||
- initialDelaySeconds: 60
|
||||
- timeoutSeconds: 10
|
||||
+ initialDelaySeconds: {{ $envAll.Values.pod.probes.liveness.initialDelaySeconds }}
|
||||
+ periodSeconds: {{ $envAll.Values.pod.probes.liveness.periodSeconds }}
|
||||
+ timeoutSeconds: {{ $envAll.Values.pod.probes.liveness.timeoutSeconds }}
|
||||
exec:
|
||||
command:
|
||||
- /tmp/rabbitmq-liveness.sh
|
||||
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
|
||||
index 9cd3a91..2bae4cb 100644
|
||||
--- a/rabbitmq/values.yaml
|
||||
+++ b/rabbitmq/values.yaml
|
||||
@@ -145,6 +145,15 @@ pod:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
+ probes:
|
||||
+ readiness:
|
||||
+ initialDelaySeconds: 10
|
||||
+ periodSeconds: 10
|
||||
+ timeoutSeconds: 10
|
||||
+ liveness:
|
||||
+ initialDelaySeconds: 30
|
||||
+ periodSeconds: 10
|
||||
+ timeoutSeconds: 10
|
||||
|
||||
conf:
|
||||
enabled_plugins:
|
||||
--
|
||||
2.7.4
|
||||
|
||||
@ -0,0 +1,66 @@
|
||||
From a8ef0407811373b98a91be7787fcdcca18c76e23 Mon Sep 17 00:00:00 2001
|
||||
From: "Hu, Yong" <yong.hu@intel.com>
|
||||
Date: Tue, 17 Dec 2019 15:11:13 +0000
|
||||
Subject: [PATCH] Enable override of mariadb-server probe parameters
|
||||
|
||||
Parameters are exported for startupProbe and readinessProbe.
|
||||
They are set with the default values, and might be overridden in
|
||||
some special cases. For example, some cases require more times
|
||||
of "readinessProbe" failure before the peer mariadb-server node is
|
||||
recovered. Other cases, in which the regular readiness probe cannot
|
||||
be performed because only one signle mariadb-server exists, have to
|
||||
take use of "startupProbe" to ensure the WSREP status are ready.
|
||||
For all these exceptional cases above, which are different from the
|
||||
default mariadb cluster with 3 nodes, we have to export the probe
|
||||
parameters and override the related probe pareameters.
|
||||
|
||||
Signed-off-by: Hu, Yong <yong.hu@intel.com>
|
||||
Co-Authored-By: Zhipeng, Liu <zhipengs.liu@intel.com>
|
||||
---
|
||||
mariadb/templates/statefulset.yaml | 3 +++-
|
||||
mariadb/values.yaml | 20 +++++++++++++++
|
||||
2 files changed, 23 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
|
||||
index e31d4ac..83e135f 100644
|
||||
--- a/mariadb/templates/statefulset.yaml
|
||||
+++ b/mariadb/templates/statefulset.yaml
|
||||
@@ -187,7 +187,9 @@ spec:
|
||||
exec:
|
||||
command:
|
||||
- /tmp/stop.sh
|
||||
-{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "readiness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "readiness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "startup" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "liveness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
volumeMounts:
|
||||
- name: pod-tmp
|
||||
mountPath: /tmp
|
||||
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
|
||||
index 2d75f39..444bba3 100644
|
||||
--- a/mariadb/values.yaml
|
||||
+++ b/mariadb/values.yaml
|
||||
@@ -69,6 +69,20 @@ pod:
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 30
|
||||
timeoutSeconds: 15
|
||||
+ failureThreshold: 3
|
||||
+ startup:
|
||||
+ enabled: false
|
||||
+ params:
|
||||
+ initialDelaySeconds: 60
|
||||
+ periodSeconds: 60
|
||||
+ failureThreshold: 10
|
||||
+ liveness:
|
||||
+ enabled: false
|
||||
+ params:
|
||||
+ initialDelaySeconds: 60
|
||||
+ periodSeconds: 30
|
||||
+ failureThreshold: 5
|
||||
+ timeoutSeconds: 15
|
||||
security_context:
|
||||
server:
|
||||
pod:
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -0,0 +1,57 @@
|
||||
From 64815b6eef92a949e607c7382ac3c93f568497c1 Mon Sep 17 00:00:00 2001
|
||||
From: "Liu, ZhipengS" <zhipengs.liu@intel.com>
|
||||
Date: Thu, 28 May 2020 08:03:42 +0000
|
||||
Subject: [PATCH] Add mariadb database config override to support ipv6
|
||||
|
||||
Signed-off-by: Liu, ZhipengS <zhipengs.liu@intel.com>
|
||||
---
|
||||
mariadb/templates/configmap-etc.yaml | 8 ++++++++
|
||||
mariadb/templates/statefulset.yaml | 2 +-
|
||||
mariadb/values.yaml | 1 +
|
||||
3 files changed, 10 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/mariadb/templates/configmap-etc.yaml b/mariadb/templates/configmap-etc.yaml
|
||||
index feb1714..866028d 100644
|
||||
--- a/mariadb/templates/configmap-etc.yaml
|
||||
+++ b/mariadb/templates/configmap-etc.yaml
|
||||
@@ -26,6 +26,14 @@ data:
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "00_base" ) "key" "00-base.cnf" ) | indent 2 }}
|
||||
{{- if $envAll.Values.conf.database.config_override }}
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "config_override" ) "key" "20-override.cnf" ) | indent 2 }}
|
||||
+{{- else }}
|
||||
+# A user override for conf.database.config_override might break the IPv6 system overrides, need including below ipv6
|
||||
+# config for ipv6 case in user override as well.
|
||||
+{{- if $envAll.Values.manifests.config_ipv6 }}
|
||||
+ 20-override.cnf: |
|
||||
+ [mysqld]
|
||||
+ bind_address=::
|
||||
+{{- end }}
|
||||
{{- end }}
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "99_force" ) "key" "99-force.cnf" ) | indent 2 }}
|
||||
{{- end }}
|
||||
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
|
||||
index 83e135f..3ef7383 100644
|
||||
--- a/mariadb/templates/statefulset.yaml
|
||||
+++ b/mariadb/templates/statefulset.yaml
|
||||
@@ -216,7 +216,7 @@ spec:
|
||||
mountPath: /etc/mysql/conf.d/00-base.cnf
|
||||
subPath: 00-base.cnf
|
||||
readOnly: true
|
||||
- {{- if .Values.conf.database.config_override }}
|
||||
+ {{- if or (.Values.conf.database.config_override) (.Values.manifests.config_ipv6) }}
|
||||
- name: mariadb-etc
|
||||
mountPath: /etc/mysql/conf.d/20-override.cnf
|
||||
subPath: 20-override.cnf
|
||||
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
|
||||
index 444bba3..880b31e 100644
|
||||
--- a/mariadb/values.yaml
|
||||
+++ b/mariadb/values.yaml
|
||||
@@ -671,4 +671,5 @@ manifests:
|
||||
service_error: true
|
||||
service: true
|
||||
statefulset: true
|
||||
+ config_ipv6: false
|
||||
...
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -0,0 +1,59 @@
|
||||
From c75c04ea1c2250f16c1aabe57a2d4e94d986a90e Mon Sep 17 00:00:00 2001
|
||||
From: "Chen, Haochuan Z" <haochuan.z.chen@intel.com>
|
||||
Date: Wed, 5 Aug 2020 03:08:14 +0000
|
||||
Subject: [PATCH 13/13] enable Values.conf.database.config_override for mariadb
|
||||
option wsrep_provider_options override
|
||||
|
||||
---
|
||||
mariadb/templates/configmap-etc.yaml | 5 ++---
|
||||
mariadb/templates/statefulset.yaml | 8 +++++++-
|
||||
2 files changed, 9 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/mariadb/templates/configmap-etc.yaml b/mariadb/templates/configmap-etc.yaml
|
||||
index 53072f4..7bdfd8a 100644
|
||||
--- a/mariadb/templates/configmap-etc.yaml
|
||||
+++ b/mariadb/templates/configmap-etc.yaml
|
||||
@@ -26,14 +26,13 @@ data:
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "00_base" ) "key" "00-base.cnf" ) | indent 2 }}
|
||||
{{- if $envAll.Values.conf.database.config_override }}
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "config_override" ) "key" "20-override.cnf" ) | indent 2 }}
|
||||
-{{- else }}
|
||||
+{{- end }}
|
||||
# A user override for conf.database.config_override might break the IPv6 system overrides, need including below ipv6
|
||||
# config for ipv6 case in user override as well.
|
||||
{{- if $envAll.Values.manifests.config_ipv6 }}
|
||||
- 20-override.cnf: |
|
||||
+ 30-override.cnf: |
|
||||
[mysqld]
|
||||
bind_address=::
|
||||
{{- end }}
|
||||
-{{- end }}
|
||||
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "99_force" ) "key" "99-force.cnf" ) | indent 2 }}
|
||||
{{- end }}
|
||||
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
|
||||
index 3ef7383..88439e2 100644
|
||||
--- a/mariadb/templates/statefulset.yaml
|
||||
+++ b/mariadb/templates/statefulset.yaml
|
||||
@@ -216,12 +216,18 @@ spec:
|
||||
mountPath: /etc/mysql/conf.d/00-base.cnf
|
||||
subPath: 00-base.cnf
|
||||
readOnly: true
|
||||
- {{- if or (.Values.conf.database.config_override) (.Values.manifests.config_ipv6) }}
|
||||
+ {{- if .Values.conf.database.config_override }}
|
||||
- name: mariadb-etc
|
||||
mountPath: /etc/mysql/conf.d/20-override.cnf
|
||||
subPath: 20-override.cnf
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
+ {{- if .Values.manifests.config_ipv6 }}
|
||||
+ - name: mariadb-etc
|
||||
+ mountPath: /etc/mysql/conf.d/30-override.cnf
|
||||
+ subPath: 30-override.cnf
|
||||
+ readOnly: true
|
||||
+ {{- end }}
|
||||
- name: mariadb-etc
|
||||
mountPath: /etc/mysql/conf.d/99-force.cnf
|
||||
subPath: 99-force.cnf
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -0,0 +1,29 @@
|
||||
From 7fd9d60e124868f277a1f2b0e86296dc50dd07ec Mon Sep 17 00:00:00 2001
|
||||
From: Angie Wang <angie.wang@windriver.com>
|
||||
Date: Mon, 31 Aug 2020 23:51:06 -0400
|
||||
Subject: [PATCH 1/1] Allow set public endpoint url for all openstack
|
||||
endpoint types
|
||||
|
||||
---
|
||||
helm-toolkit/templates/manifests/_job-ks-endpoints.tpl | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
index 02f2013..39766f4 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
@@ -84,7 +84,11 @@ spec:
|
||||
- name: OS_SERVICE_TYPE
|
||||
value: {{ $osServiceType | quote }}
|
||||
- name: OS_SERVICE_ENDPOINT
|
||||
+ {{- if and (hasKey $envAll.Values.endpoints.identity "force_public_endpoint") $envAll.Values.endpoints.identity.force_public_endpoint }}
|
||||
+ value: {{ tuple $osServiceType "public" "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
|
||||
+ {{- else }}
|
||||
value: {{ tuple $osServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
|
||||
+ {{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
--
|
||||
1.8.3.1
|
||||
|
||||
@ -0,0 +1,40 @@
|
||||
From 823eadb9068287c48121b9f3e1d63fee1d941493 Mon Sep 17 00:00:00 2001
|
||||
From: Thiago Brito <thiago.brito@windriver.com>
|
||||
Date: Fri, 24 Sep 2021 21:52:43 -0300
|
||||
Subject: [PATCH] Disabling helm3_hooks
|
||||
|
||||
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
|
||||
---
|
||||
mariadb/values.yaml | 2 +-
|
||||
rabbitmq/values.yaml | 2 +-
|
||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
|
||||
index 0144f91b..be9b1f60 100644
|
||||
--- a/mariadb/values.yaml
|
||||
+++ b/mariadb/values.yaml
|
||||
@@ -635,7 +635,7 @@ network_policy:
|
||||
|
||||
# Helm hook breaks for helm2.
|
||||
# Set helm3_hook: false in case helm2 is used.
|
||||
-helm3_hook: true
|
||||
+helm3_hook: false
|
||||
|
||||
manifests:
|
||||
certificates: false
|
||||
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
|
||||
index 9f0e83d5..d16ba167 100644
|
||||
--- a/rabbitmq/values.yaml
|
||||
+++ b/rabbitmq/values.yaml
|
||||
@@ -382,7 +382,7 @@ volume:
|
||||
|
||||
# Hook break for helm2.
|
||||
# Set helm3_hook to false while using helm2
|
||||
-helm3_hook: true
|
||||
+helm3_hook: false
|
||||
|
||||
io_thread_pool:
|
||||
enabled: false
|
||||
--
|
||||
2.17.1
|
||||
|
||||
@ -0,0 +1,706 @@
|
||||
From 2538a3cb70606bf86851201e58fd341a55d9f5f5 Mon Sep 17 00:00:00 2001
|
||||
From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
|
||||
Date: Wed, 6 Oct 2021 18:52:35 -0300
|
||||
Subject: [PATCH] Enable taint toleration for Openstack services
|
||||
|
||||
This adds taint toleration support for openstack jobs
|
||||
|
||||
Also adds tolerations for:
|
||||
- rabbitmq
|
||||
- ingress
|
||||
- mariadb
|
||||
- memcached
|
||||
- libvirt
|
||||
- openvswitch
|
||||
|
||||
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
|
||||
Change-Id: I1c731c94e58895bd8bfc26d4300aac40a9111f12
|
||||
---
|
||||
.../templates/manifests/_job-bootstrap.tpl | 4 ++
|
||||
.../manifests/_job-db-drop-mysql.tpl | 4 ++
|
||||
.../manifests/_job-db-init-mysql.tpl | 4 ++
|
||||
.../templates/manifests/_job-db-sync.tpl | 4 ++
|
||||
.../templates/manifests/_job-ks-endpoints.tpl | 4 ++
|
||||
.../templates/manifests/_job-ks-service.tpl | 4 ++
|
||||
.../templates/manifests/_job-ks-user.yaml.tpl | 4 ++
|
||||
.../manifests/_job-rabbit-init.yaml.tpl | 4 ++
|
||||
.../manifests/_job-s3-bucket.yaml.tpl | 4 ++
|
||||
.../templates/manifests/_job-s3-user.yaml.tpl | 4 ++
|
||||
.../manifests/_job_image_repo_sync.tpl | 4 ++
|
||||
ingress/templates/deployment-error.yaml | 6 +++
|
||||
ingress/templates/deployment-ingress.yaml | 3 ++
|
||||
ingress/templates/job-image-repo-sync.yaml | 3 ++
|
||||
ingress/values.yaml | 7 +++
|
||||
libvirt/templates/daemonset-libvirt.yaml | 3 ++
|
||||
libvirt/templates/job-image-repo-sync.yaml | 3 ++
|
||||
libvirt/values.yaml | 7 +++
|
||||
.../templates/cron-job-backup-mariadb.yaml | 3 ++
|
||||
mariadb/templates/deployment-error.yaml | 3 ++
|
||||
mariadb/templates/deployment-ingress.yaml | 3 ++
|
||||
mariadb/templates/job-image-repo-sync.yaml | 3 ++
|
||||
mariadb/templates/job-ks-user.yaml | 3 ++
|
||||
mariadb/templates/pod-test.yaml | 3 ++
|
||||
mariadb/templates/statefulset.yaml | 3 ++
|
||||
mariadb/values.yaml | 7 +++
|
||||
memcached/templates/deployment.yaml | 3 ++
|
||||
memcached/templates/job-image-repo-sync.yaml | 3 ++
|
||||
memcached/values.yaml | 7 +++
|
||||
openvswitch/templates/daemonset-ovs-db.yaml | 3 ++
|
||||
.../templates/daemonset-ovs-vswitchd.yaml | 3 ++
|
||||
.../templates/job-image-repo-sync.yaml | 3 ++
|
||||
openvswitch/values.yaml | 7 +++
|
||||
rabbitmq/templates/job-cluster-wait.yaml | 3 ++
|
||||
rabbitmq/templates/job-image-repo-sync.yaml | 3 ++
|
||||
rabbitmq/templates/pod-test.yaml | 3 ++
|
||||
rabbitmq/templates/statefulset.yaml | 3 ++
|
||||
rabbitmq/values.yaml | 7 +++
|
||||
41 files changed, 245 insertions(+)
|
||||
create mode 100644 releasenotes/notes/helm-toolkit.yaml.orig
|
||||
create mode 100644 releasenotes/notes/libvirt.yaml.orig
|
||||
create mode 100644 releasenotes/notes/mariadb.yaml.orig
|
||||
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.tpl b/helm-toolkit/templates/manifests/_job-bootstrap.tpl
|
||||
index 65020e5d..b385199a 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-bootstrap.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-bootstrap.tpl
|
||||
@@ -23,6 +23,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $podVolMounts := index . "podVolMounts" | default false -}}
|
||||
{{- $podVols := index . "podVols" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
@@ -72,6 +73,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
|
||||
index 6edbdb3a..934a2435 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
|
||||
@@ -28,6 +28,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
|
||||
{{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
|
||||
@@ -73,6 +74,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "db_drop" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
|
||||
index bfed1968..c164ad0a 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
|
||||
@@ -28,6 +28,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
|
||||
{{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
|
||||
@@ -73,6 +74,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "db_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-db-sync.tpl b/helm-toolkit/templates/manifests/_job-db-sync.tpl
|
||||
index 71ff924b..659238a4 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-db-sync.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-db-sync.tpl
|
||||
@@ -23,6 +23,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
|
||||
{{- $podVolMounts := index . "podVolMounts" | default false -}}
|
||||
@@ -70,6 +71,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
index e06aeb65..a06d0906 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
|
||||
@@ -24,6 +24,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
{{- $tlsSecret := index . "tlsSecret" | default "" -}}
|
||||
@@ -71,6 +72,9 @@ spec:
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
restartPolicy: {{ $restartPolicy }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
initContainers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-ks-service.tpl b/helm-toolkit/templates/manifests/_job-ks-service.tpl
|
||||
index 93e64e1d..f5f195ca 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-ks-service.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-ks-service.tpl
|
||||
@@ -24,6 +24,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
{{- $tlsSecret := index . "tlsSecret" | default "" -}}
|
||||
@@ -73,6 +74,9 @@ spec:
|
||||
restartPolicy: {{ $restartPolicy }}
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
|
||||
index 39007de8..f6bbc148 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
|
||||
@@ -45,6 +45,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
@@ -96,6 +97,9 @@ spec:
|
||||
restartPolicy: {{ $restartPolicy }}
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
|
||||
index aae71ac5..59e0da0f 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
|
||||
@@ -18,6 +18,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
@@ -63,6 +64,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "rabbit_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
|
||||
index 42bb8548..240c29ca 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
|
||||
@@ -23,6 +23,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
@@ -68,6 +69,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "s3_bucket" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
|
||||
index 36fe3582..440e9590 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
|
||||
@@ -23,6 +23,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
|
||||
{{- $secretBin := index . "secretBin" -}}
|
||||
@@ -66,6 +67,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "s3_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
- name: ceph-keyring-placement
|
||||
diff --git a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
|
||||
index c1609195..6bcd8694 100644
|
||||
--- a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
|
||||
+++ b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
|
||||
@@ -23,6 +23,7 @@ limitations under the License.
|
||||
{{- $jobAnnotations := index . "jobAnnotations" -}}
|
||||
{{- $jobLabels := index . "jobLabels" -}}
|
||||
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
|
||||
{{- $podVolMounts := index . "podVolMounts" | default false -}}
|
||||
{{- $podVols := index . "podVols" | default false -}}
|
||||
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||
@@ -65,6 +66,9 @@ spec:
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
+{{- if $tolerationsEnabled }}
|
||||
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{- end}}
|
||||
initContainers:
|
||||
{{ tuple $envAll "image_repo_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
diff --git a/ingress/templates/deployment-error.yaml b/ingress/templates/deployment-error.yaml
|
||||
index 417e63d4..0d417f98 100644
|
||||
--- a/ingress/templates/deployment-error.yaml
|
||||
+++ b/ingress/templates/deployment-error.yaml
|
||||
@@ -47,8 +47,14 @@ spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
affinity:
|
||||
{{ tuple $envAll "ingress" "error-pages" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.ingress.enabled }}
|
||||
+{{ tuple $envAll "ingress" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value | quote }}
|
||||
+{{ if $envAll.Values.pod.tolerations.ingress.enabled }}
|
||||
+{{ tuple $envAll "ingress" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }}
|
||||
initContainers:
|
||||
{{ tuple $envAll "error_pages" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
diff --git a/ingress/templates/deployment-ingress.yaml b/ingress/templates/deployment-ingress.yaml
|
||||
index c6aaf46a..780af3a3 100644
|
||||
--- a/ingress/templates/deployment-ingress.yaml
|
||||
+++ b/ingress/templates/deployment-ingress.yaml
|
||||
@@ -206,6 +206,9 @@ spec:
|
||||
affinity:
|
||||
{{ tuple $envAll "ingress" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
{{- end }}
|
||||
+{{ if $envAll.Values.pod.tolerations.ingress.enabled }}
|
||||
+{{ tuple $envAll "ingress" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value | quote }}
|
||||
{{- if .Values.network.host_namespace }}
|
||||
diff --git a/ingress/templates/job-image-repo-sync.yaml b/ingress/templates/job-image-repo-sync.yaml
|
||||
index c4841467..2132f9a3 100644
|
||||
--- a/ingress/templates/job-image-repo-sync.yaml
|
||||
+++ b/ingress/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ingress" -}}
|
||||
+{{- if .Values.pod.tolerations.ingress.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/ingress/values.yaml b/ingress/values.yaml
|
||||
index b70ec2a8..c326c15a 100644
|
||||
--- a/ingress/values.yaml
|
||||
+++ b/ingress/values.yaml
|
||||
@@ -81,6 +81,13 @@ pod:
|
||||
default: kubernetes.io/hostname
|
||||
weight:
|
||||
default: 10
|
||||
+ tolerations:
|
||||
+ ingress:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
dns_policy: "ClusterFirstWithHostNet"
|
||||
replicas:
|
||||
ingress: 1
|
||||
diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml
|
||||
index 2c0ccda8..4853d0c2 100644
|
||||
--- a/libvirt/templates/daemonset-libvirt.yaml
|
||||
+++ b/libvirt/templates/daemonset-libvirt.yaml
|
||||
@@ -69,6 +69,9 @@ spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.agent.libvirt.node_selector_key }}: {{ .Values.labels.agent.libvirt.node_selector_value }}
|
||||
+{{ if $envAll.Values.pod.tolerations.libvirt.enabled }}
|
||||
+{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
hostNetwork: true
|
||||
hostPID: true
|
||||
hostIPC: true
|
||||
diff --git a/libvirt/templates/job-image-repo-sync.yaml b/libvirt/templates/job-image-repo-sync.yaml
|
||||
index d359d1aa..91d52820 100644
|
||||
--- a/libvirt/templates/job-image-repo-sync.yaml
|
||||
+++ b/libvirt/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}}
|
||||
+{{- if .Values.pod.tolerations.libvirt.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/libvirt/values.yaml b/libvirt/values.yaml
|
||||
index b6cab8db..f23299e9 100644
|
||||
--- a/libvirt/values.yaml
|
||||
+++ b/libvirt/values.yaml
|
||||
@@ -137,6 +137,13 @@ pod:
|
||||
default: kubernetes.io/hostname
|
||||
weight:
|
||||
default: 10
|
||||
+ tolerations:
|
||||
+ libvirt:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
dns_policy: "ClusterFirstWithHostNet"
|
||||
mounts:
|
||||
libvirt:
|
||||
diff --git a/mariadb/templates/cron-job-backup-mariadb.yaml b/mariadb/templates/cron-job-backup-mariadb.yaml
|
||||
index 660c6557..c004b5f5 100644
|
||||
--- a/mariadb/templates/cron-job-backup-mariadb.yaml
|
||||
+++ b/mariadb/templates/cron-job-backup-mariadb.yaml
|
||||
@@ -52,6 +52,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "mariadb_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
restartPolicy: OnFailure
|
||||
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
|
||||
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 10 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
||||
initContainers:
|
||||
diff --git a/mariadb/templates/deployment-error.yaml b/mariadb/templates/deployment-error.yaml
|
||||
index ea085ae4..4f3b68bd 100644
|
||||
--- a/mariadb/templates/deployment-error.yaml
|
||||
+++ b/mariadb/templates/deployment-error.yaml
|
||||
@@ -47,6 +47,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "error_pages" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
affinity:
|
||||
{{ tuple $envAll "mariadb" "ingress-error-pages" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
|
||||
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }}
|
||||
diff --git a/mariadb/templates/deployment-ingress.yaml b/mariadb/templates/deployment-ingress.yaml
|
||||
index add8501c..a9fc9896 100644
|
||||
--- a/mariadb/templates/deployment-ingress.yaml
|
||||
+++ b/mariadb/templates/deployment-ingress.yaml
|
||||
@@ -234,6 +234,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "ingress" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
affinity:
|
||||
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
|
||||
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.ingress.node_selector_key }}: {{ .Values.labels.ingress.node_selector_value }}
|
||||
terminationGracePeriodSeconds: 60
|
||||
diff --git a/mariadb/templates/job-image-repo-sync.yaml b/mariadb/templates/job-image-repo-sync.yaml
|
||||
index 3c2b5d21..2121a397 100644
|
||||
--- a/mariadb/templates/job-image-repo-sync.yaml
|
||||
+++ b/mariadb/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mariadb" -}}
|
||||
+{{- if .Values.pod.tolerations.mariadb.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/mariadb/templates/job-ks-user.yaml b/mariadb/templates/job-ks-user.yaml
|
||||
index 99b384d6..fddf8858 100644
|
||||
--- a/mariadb/templates/job-ks-user.yaml
|
||||
+++ b/mariadb/templates/job-ks-user.yaml
|
||||
@@ -16,5 +16,8 @@ limitations under the License.
|
||||
{{- $backoffLimit := .Values.jobs.ks_user.backoffLimit }}
|
||||
{{- $activeDeadlineSeconds := .Values.jobs.ks_user.activeDeadlineSeconds }}
|
||||
{{- $ksUserJob := dict "envAll" . "serviceName" "mariadb" "configMapBin" "mariadb-bin" "backoffLimit" $backoffLimit "activeDeadlineSeconds" $activeDeadlineSeconds -}}
|
||||
+{{- if .Values.pod.tolerations.mariadb.enabled -}}
|
||||
+{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
|
||||
{{- end }}
|
||||
diff --git a/mariadb/templates/pod-test.yaml b/mariadb/templates/pod-test.yaml
|
||||
index 940430a9..98bac8c8 100644
|
||||
--- a/mariadb/templates/pod-test.yaml
|
||||
+++ b/mariadb/templates/pod-test.yaml
|
||||
@@ -33,6 +33,9 @@ spec:
|
||||
shareProcessNamespace: true
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
{{ dict "envAll" $envAll "application" "tests" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
|
||||
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
|
||||
restartPolicy: Never
|
||||
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
|
||||
index d2d1c2e3..0a3fb15d 100644
|
||||
--- a/mariadb/templates/statefulset.yaml
|
||||
+++ b/mariadb/templates/statefulset.yaml
|
||||
@@ -106,6 +106,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
affinity:
|
||||
{{ tuple $envAll "mariadb" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
|
||||
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
|
||||
initContainers:
|
||||
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
|
||||
index b86bf925..c355d42a 100644
|
||||
--- a/mariadb/values.yaml
|
||||
+++ b/mariadb/values.yaml
|
||||
@@ -135,6 +135,13 @@ pod:
|
||||
default: kubernetes.io/hostname
|
||||
weight:
|
||||
default: 10
|
||||
+ tolerations:
|
||||
+ mariadb:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
replicas:
|
||||
server: 3
|
||||
ingress: 2
|
||||
diff --git a/memcached/templates/deployment.yaml b/memcached/templates/deployment.yaml
|
||||
index 1b4e2027..221bfdbe 100644
|
||||
--- a/memcached/templates/deployment.yaml
|
||||
+++ b/memcached/templates/deployment.yaml
|
||||
@@ -50,6 +50,9 @@ spec:
|
||||
{{ tuple $envAll "memcached" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value | quote }}
|
||||
+{{ if $envAll.Values.pod.tolerations.memcached.enabled }}
|
||||
+{{ tuple $envAll "memcached" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.memcached.timeout | default "30" }}
|
||||
initContainers:
|
||||
{{ tuple $envAll "memcached" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
diff --git a/memcached/templates/job-image-repo-sync.yaml b/memcached/templates/job-image-repo-sync.yaml
|
||||
index e2438d7e..ae519ff0 100644
|
||||
--- a/memcached/templates/job-image-repo-sync.yaml
|
||||
+++ b/memcached/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "memcached" -}}
|
||||
+{{- if .Values.pod.tolerations.memcached.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/memcached/values.yaml b/memcached/values.yaml
|
||||
index 7ad6d29e..9cf3d3a2 100644
|
||||
--- a/memcached/values.yaml
|
||||
+++ b/memcached/values.yaml
|
||||
@@ -169,6 +169,13 @@ pod:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
weight:
|
||||
default: 10
|
||||
+ tolerations:
|
||||
+ memcached:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
lifecycle:
|
||||
upgrades:
|
||||
deployments:
|
||||
diff --git a/openvswitch/templates/daemonset-ovs-db.yaml b/openvswitch/templates/daemonset-ovs-db.yaml
|
||||
index 8e8af636..17c343b4 100644
|
||||
--- a/openvswitch/templates/daemonset-ovs-db.yaml
|
||||
+++ b/openvswitch/templates/daemonset-ovs-db.yaml
|
||||
@@ -59,6 +59,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "openvswitch_db_server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
|
||||
+{{ if $envAll.Values.pod.tolerations.openvswitch.enabled }}
|
||||
+{{ tuple $envAll "openvswitch" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
dnsPolicy: {{ .Values.pod.dns_policy }}
|
||||
hostNetwork: true
|
||||
initContainers:
|
||||
diff --git a/openvswitch/templates/daemonset-ovs-vswitchd.yaml b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
|
||||
index d86d466a..97507b49 100644
|
||||
--- a/openvswitch/templates/daemonset-ovs-vswitchd.yaml
|
||||
+++ b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
|
||||
@@ -72,6 +72,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "openvswitch_vswitchd" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
|
||||
+{{ if $envAll.Values.pod.tolerations.openvswitch.enabled }}
|
||||
+{{ tuple $envAll "openvswitch" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
dnsPolicy: {{ .Values.pod.dns_policy }}
|
||||
hostNetwork: true
|
||||
initContainers:
|
||||
diff --git a/openvswitch/templates/job-image-repo-sync.yaml b/openvswitch/templates/job-image-repo-sync.yaml
|
||||
index 4d1058ed..765061c3 100644
|
||||
--- a/openvswitch/templates/job-image-repo-sync.yaml
|
||||
+++ b/openvswitch/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "openvswitch" -}}
|
||||
+{{- if .Values.pod.tolerations.openvswitch.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/openvswitch/values.yaml b/openvswitch/values.yaml
|
||||
index de6169a1..c953a899 100644
|
||||
--- a/openvswitch/values.yaml
|
||||
+++ b/openvswitch/values.yaml
|
||||
@@ -37,6 +37,13 @@ labels:
|
||||
node_selector_value: enabled
|
||||
|
||||
pod:
|
||||
+ tolerations:
|
||||
+ openvswitch:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
probes:
|
||||
ovs_db:
|
||||
ovs_db:
|
||||
diff --git a/rabbitmq/templates/job-cluster-wait.yaml b/rabbitmq/templates/job-cluster-wait.yaml
|
||||
index b309e6e5..131cf456 100644
|
||||
--- a/rabbitmq/templates/job-cluster-wait.yaml
|
||||
+++ b/rabbitmq/templates/job-cluster-wait.yaml
|
||||
@@ -50,6 +50,9 @@ spec:
|
||||
{{ dict "envAll" $envAll "application" "cluster_wait" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
restartPolicy: OnFailure
|
||||
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
|
||||
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ $envAll.Values.labels.jobs.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value | quote }}
|
||||
initContainers:
|
||||
diff --git a/rabbitmq/templates/job-image-repo-sync.yaml b/rabbitmq/templates/job-image-repo-sync.yaml
|
||||
index 4875ed44..8fd379f9 100644
|
||||
--- a/rabbitmq/templates/job-image-repo-sync.yaml
|
||||
+++ b/rabbitmq/templates/job-image-repo-sync.yaml
|
||||
@@ -14,5 +14,8 @@ limitations under the License.
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "rabbitmq" -}}
|
||||
+{{- if .Values.pod.tolerations.rabbitmq.enabled -}}
|
||||
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
|
||||
+{{- end -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
diff --git a/rabbitmq/templates/pod-test.yaml b/rabbitmq/templates/pod-test.yaml
|
||||
index 2ee00d5d..a1d9639f 100644
|
||||
--- a/rabbitmq/templates/pod-test.yaml
|
||||
+++ b/rabbitmq/templates/pod-test.yaml
|
||||
@@ -42,6 +42,9 @@ metadata:
|
||||
spec:
|
||||
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
|
||||
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ $envAll.Values.labels.test.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value | quote }}
|
||||
restartPolicy: Never
|
||||
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
|
||||
index 578ea357..eebc8379 100644
|
||||
--- a/rabbitmq/templates/statefulset.yaml
|
||||
+++ b/rabbitmq/templates/statefulset.yaml
|
||||
@@ -103,6 +103,9 @@ spec:
|
||||
serviceAccountName: {{ $rcControllerName | quote }}
|
||||
affinity:
|
||||
{{ tuple $envAll "rabbitmq" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
|
||||
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
||||
+{{ end }}
|
||||
nodeSelector:
|
||||
{{ $envAll.Values.labels.server.node_selector_key }}: {{ $envAll.Values.labels.server.node_selector_value | quote }}
|
||||
initContainers:
|
||||
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
|
||||
index c593966f..4e1f7328 100644
|
||||
--- a/rabbitmq/values.yaml
|
||||
+++ b/rabbitmq/values.yaml
|
||||
@@ -112,6 +112,13 @@ pod:
|
||||
default: kubernetes.io/hostname
|
||||
weight:
|
||||
default: 10
|
||||
+ tolerations:
|
||||
+ rabbitmq:
|
||||
+ enabled: false
|
||||
+ tolerations:
|
||||
+ - key: node-role.kubernetes.io/master
|
||||
+ operator: Exists
|
||||
+ effect: NoSchedule
|
||||
replicas:
|
||||
server: 2
|
||||
prometheus_rabbitmq_exporter: 1
|
||||
--
|
||||
2.17.1
|
||||
|
||||
@ -0,0 +1,92 @@
|
||||
From e363f54d69001789051d1564e9454ea74868b357 Mon Sep 17 00:00:00 2001
|
||||
From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
|
||||
Date: Thu, 23 Dec 2021 10:15:07 -0300
|
||||
Subject: [PATCH] Add GaleraDB Secure Replica Traffic
|
||||
|
||||
This sets `wsrep_provider_options` for GaleraDB when TLS is enabled
|
||||
|
||||
NOTE: The recommended SST (state snapshot transfer) for mariadb>=10.2
|
||||
is `mariabackup`. mariabackup ONLY works connecting to localhost
|
||||
see: https://github.com/MariaDB/server/blob/fe7e44d8ad5d7fe9c91f476353a3e1749f18afc6/scripts/wsrep_sst_mariabackup.sh#L711
|
||||
Therefore, you MUST create a certificate with SAN `localhost` or cert
|
||||
verification will fail.
|
||||
|
||||
Example provided at values_overrides/tls.yaml
|
||||
|
||||
Change-Id: Ie9f81d5cfb7e0388f7c061e54342d052a0441647
|
||||
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
|
||||
---
|
||||
mariadb/values.yaml | 12 +++++++++---
|
||||
mariadb/values_overrides/tls.yaml | 15 ++++++++++++++-
|
||||
2 files changed, 23 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
|
||||
index 362dab51..47029b08 100644
|
||||
--- a/mariadb/values.yaml
|
||||
+++ b/mariadb/values.yaml
|
||||
@@ -427,19 +427,25 @@ conf:
|
||||
wsrep_cluster_name={{ tuple "oslo_db" "direct" . | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" | replace "." "_" }}
|
||||
wsrep_on=1
|
||||
wsrep_provider=/usr/lib/galera/libgalera_smm.so
|
||||
- wsrep_provider_options="evs.suspect_timeout=PT30S; gmcast.peer_timeout=PT15S; gmcast.listen_addr=tcp://0.0.0.0:{{ tuple "oslo_db" "direct" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
|
||||
wsrep_slave_threads=12
|
||||
wsrep_sst_auth={{ .Values.endpoints.oslo_db.auth.sst.username }}:{{ .Values.endpoints.oslo_db.auth.sst.password }}
|
||||
wsrep_sst_method=mariabackup
|
||||
-
|
||||
{{ if .Values.manifests.certificates }}
|
||||
+ wsrep_provider_options="socket.ssl_ca=/etc/mysql/certs/ca.crt; socket.ssl_cert=/etc/mysql/certs/tls.crt; socket.ssl_key=/etc/mysql/certs/tls.key; evs.suspect_timeout=PT30S; gmcast.peer_timeout=PT15S; gmcast.listen_addr=tcp://0.0.0.0:{{ tuple "oslo_db" "direct" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
|
||||
# TLS
|
||||
ssl_ca=/etc/mysql/certs/ca.crt
|
||||
ssl_key=/etc/mysql/certs/tls.key
|
||||
ssl_cert=/etc/mysql/certs/tls.crt
|
||||
# tls_version = TLSv1.2,TLSv1.3
|
||||
- {{ end }}
|
||||
|
||||
+ [sst]
|
||||
+ encrypt = 3
|
||||
+ tca=/etc/mysql/certs/ca.crt
|
||||
+ tkey=/etc/mysql/certs/tls.key
|
||||
+ tcert=/etc/mysql/certs/tls.crt
|
||||
+ {{ else }}
|
||||
+ wsrep_provider_options="evs.suspect_timeout=PT30S; gmcast.peer_timeout=PT15S; gmcast.listen_addr=tcp://0.0.0.0:{{ tuple "oslo_db" "direct" "wsrep" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
|
||||
+ {{ end }}
|
||||
|
||||
[mysqldump]
|
||||
max-allowed-packet=16M
|
||||
diff --git a/mariadb/values_overrides/tls.yaml b/mariadb/values_overrides/tls.yaml
|
||||
index b8da60f8..b09de17c 100644
|
||||
--- a/mariadb/values_overrides/tls.yaml
|
||||
+++ b/mariadb/values_overrides/tls.yaml
|
||||
@@ -9,6 +9,7 @@ pod:
|
||||
runAsUser: 0
|
||||
allowPrivilegeEscalation: true
|
||||
readOnlyRootFilesystem: false
|
||||
+
|
||||
endpoints:
|
||||
oslo_db:
|
||||
host_fqdn_override:
|
||||
@@ -16,8 +17,20 @@ endpoints:
|
||||
tls:
|
||||
secretName: mariadb-tls-direct
|
||||
issuerRef:
|
||||
- name: ca-issuer
|
||||
+ name: rootca-issuer
|
||||
kind: ClusterIssuer
|
||||
+ dnsNames:
|
||||
+ # localhost is needed for mariabackup
|
||||
+ - localhost
|
||||
+ - mariadb
|
||||
+ - mariadb.openstack
|
||||
+ - mariadb.openstack.svc.cluster.local
|
||||
+ - mariadb-discovery
|
||||
+ - mariadb-discovery.openstack
|
||||
+ - mariadb-server-1.mariadb-discovery.openstack.svc.cluster.local
|
||||
+ - mariadb-server-0.mariadb-discovery.openstack.svc.cluster.local
|
||||
+ - mariadb-discovery.openstack.svc.cluster.local
|
||||
+
|
||||
manifests:
|
||||
certificates: true
|
||||
...
|
||||
--
|
||||
2.17.1
|
||||
|
||||
12
openstack-helm-infra/debian/deb_folder/patches/series
Normal file
12
openstack-helm-infra/debian/deb_folder/patches/series
Normal file
@ -0,0 +1,12 @@
|
||||
0001-Add-imagePullSecrets-in-service-account.patch
|
||||
0003-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
||||
0004-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
||||
0005-Add-io_thread_pool-for-rabbitmq.patch
|
||||
0006-Enable-override-of-rabbitmq-probe-parameters.patch
|
||||
0009-Enable-override-of-mariadb-server-probe-parameters.patch
|
||||
0011-Add-mariadb-database-config-override-to-support-ipv6.patch
|
||||
0012-enable-Values.conf.database.config_override-for-mari.patch
|
||||
0013-Allow-set-public-endpoint-url-for-all-openstack-types.patch
|
||||
0016-Disabling-helm3_hooks.patch
|
||||
0017-Enable-taint-toleration-for-Openstack-services.patch
|
||||
0018-Add-GaleraDB-Secure-Replica-Traffic.patch
|
||||
@ -8,20 +8,6 @@ export HELM_FOLDER = $(ROOT)/usr/lib/helm
|
||||
dh $@
|
||||
|
||||
override_dh_auto_build:
|
||||
# Move the source files from the extracted root directory to build root.
|
||||
mv openstack-helm-infra/* .
|
||||
# Apply the openstack-helm-infra patches.
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0001-Add-imagePullSecrets-in-service-account.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0003-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0004-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0005-Add-io_thread_pool-for-rabbitmq.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0006-Enable-override-of-rabbitmq-probe-parameters.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0009-Enable-override-of-mariadb-server-probe-parameters.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0011-Add-mariadb-database-config-override-to-support-ipv6.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0012-enable-Values.conf.database.config_override-for-mari.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0013-Allow-set-public-endpoint-url-for-all-openstack-types.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0016-Disabling-helm3_hooks.patch
|
||||
patch --no-backup-if-mismatch --fuzz=0 -p1 < 0017-Enable-taint-toleration-for-Openstack-services.patch
|
||||
# Host a server for the helm charts.
|
||||
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
|
||||
sleep 2
|
||||
|
||||
@ -1,26 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -x
|
||||
|
||||
PKG_BUILD_NAME=$1
|
||||
PKG_BUILD_ROOT=$(realpath `pwd`/${PKG_BUILD_NAME})
|
||||
PKG_DIR="openstack-helm-infra"
|
||||
STX_BASE=$(realpath ${MY_REPO}/stx)
|
||||
SRC=$(realpath ${STX_BASE}/openstack-armada-app/${PKG_DIR})
|
||||
|
||||
mkdir -p ${PKG_BUILD_ROOT}
|
||||
pushd ${PKG_BUILD_ROOT}
|
||||
|
||||
# Local mirror workaround until CGCS_BASE mirror is supported.
|
||||
STX_MIRROR=$(realpath "/import/mirrors/starlingx")
|
||||
|
||||
# Download openstack-helm-infra source package.
|
||||
SHA="8351fdd0f1228717342c2accc96977b0cdc36dc3"
|
||||
OPENSTACK_PKG="openstack-helm-infra-${SHA}.tar.gz"
|
||||
OPENSTACK_SRC_PATH=$(realpath ${STX_MIRROR}/downloads/${OPENSTACK_PKG})
|
||||
cp ${OPENSTACK_SRC_PATH} ${PKG_BUILD_ROOT}
|
||||
|
||||
# Extract the openstack-helm-infra tar file.
|
||||
tar xfz ${OPENSTACK_PKG}
|
||||
|
||||
# Copy source files to the build directory.
|
||||
cp -pr ${SRC}/files/* ${PKG_BUILD_ROOT}
|
||||
@ -1,7 +1,12 @@
|
||||
---
|
||||
debname: openstack-helm-infra
|
||||
debver: 1.0-1
|
||||
dl_hook: dl_hook
|
||||
dl_path:
|
||||
name: openstack-helm-infra-8351fdd0f1228717342c2accc96977b0cdc36dc3.tar.gz
|
||||
url: https://github.com/openstack/openstack-helm-infra/archive/8351fdd0f1228717342c2accc96977b0cdc36dc3.tar.gz
|
||||
md5sum: 2f02e67fbc216e2de1d95d7a67b4731a
|
||||
src_files:
|
||||
- files/repositories.yaml
|
||||
revision:
|
||||
dist: $STX_DIST
|
||||
PKG_GITREVCOUNT: true
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user