From b7d7c7d63a66fbbfc17a1bcc44097488294c17c5 Mon Sep 17 00:00:00 2001 From: Andy Ning Date: Wed, 4 Dec 2019 14:17:03 -0500 Subject: [PATCH] Support ingress creation for keystone admin endpoint This update patched openstack keystone helm chart to support ingress creation for custom admin endpoint. It will be used in DC subcloud deployment to expose keystone admin endpoint to System Controller. The change has been submitted to upstream openstack-helm for review: https://review.opendev.org/#/c/697525/ Change-Id: I5792f3f9031470ab97a4dea8f47eff244160f8ee Story: 2006588 Task: 37747 Signed-off-by: Andy Ning --- openstack-helm/centos/build_srpm.data | 2 +- openstack-helm/centos/openstack-helm.spec | 2 ++ ...creation-for-keystone-admin-endpoint.patch | 36 +++++++++++++++++++ 3 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 openstack-helm/files/0007-Support-ingress-creation-for-keystone-admin-endpoint.patch diff --git a/openstack-helm/centos/build_srpm.data b/openstack-helm/centos/build_srpm.data index 90376583..425cd13e 100644 --- a/openstack-helm/centos/build_srpm.data +++ b/openstack-helm/centos/build_srpm.data @@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz" COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* " -TIS_PATCH_VER=22 +TIS_PATCH_VER=23 diff --git a/openstack-helm/centos/openstack-helm.spec b/openstack-helm/centos/openstack-helm.spec index 726fa57c..1b149be2 100644 --- a/openstack-helm/centos/openstack-helm.spec +++ b/openstack-helm/centos/openstack-helm.spec @@ -25,6 +25,7 @@ Patch03: 0003-Nova-console-ip-address-search-optionality.patch Patch04: 0004-Nova-chart-Support-ephemeral-pool-creation.patch Patch05: 0005-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch Patch06: 0006-Add-Placement-Chart.patch +Patch07: 0007-Support-ingress-creation-for-keystone-admin-endpoint.patch BuildRequires: helm BuildRequires: openstack-helm-infra @@ -41,6 +42,7 @@ Openstack Helm charts %patch04 -p1 %patch05 -p1 %patch06 -p1 +%patch07 -p1 %build # initialize helm and build the toolkit diff --git a/openstack-helm/files/0007-Support-ingress-creation-for-keystone-admin-endpoint.patch b/openstack-helm/files/0007-Support-ingress-creation-for-keystone-admin-endpoint.patch new file mode 100644 index 00000000..4d9aae5b --- /dev/null +++ b/openstack-helm/files/0007-Support-ingress-creation-for-keystone-admin-endpoint.patch @@ -0,0 +1,36 @@ +From db7a5422e48b963966c5e830d6f4391006a42578 Mon Sep 17 00:00:00 2001 +From: Andy Ning +Date: Wed, 4 Dec 2019 13:35:44 -0500 +Subject: [PATCH] Support ingress creation for keystone admin endpoint + +This update added support to create ingress for custom keystone admin +endpoint. It can be used by deployment to expose keytone admin endpoint +to outside of the cluster by ingress. + +Story: 2006588 +Task: 37747 +Signed-off-by: Andy Ning +--- + keystone/templates/ingress-api.yaml | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/keystone/templates/ingress-api.yaml b/keystone/templates/ingress-api.yaml +index de36571..37c3013 100644 +--- a/keystone/templates/ingress-api.yaml ++++ b/keystone/templates/ingress-api.yaml +@@ -18,3 +18,12 @@ limitations under the License. + {{- $ingressOpts := dict "envAll" . "backendServiceType" "identity" "backendPort" "ks-pub" -}} + {{ $ingressOpts | include "helm-toolkit.manifests.ingress" }} + {{- end }} ++ ++{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.admin }} ++{{ $ingressNamePublic := tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} ++{{ $ingressNameAdmin := tuple "identity" "admin" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} ++{{- if not (eq $ingressNamePublic $ingressNameAdmin) }} ++{{- $ingressOpts := dict "envAll" . "backendServiceType" "identity" "backendPort" "ks-pub" "endpoint" "admin" -}} ++{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }} ++{{- end }} ++{{- end }} +-- +1.8.3.1 +