[rook-ceph] client image and secret uuid overrides

This change makes it possible to upload the stx-openstack app on rook ceph deployments by dynamically setting the ceph client image (ceph-config-helper) and the rbd_secret_uuid (ceph_uuid). For this, this change makes use of the utils functions and image override introduced by [1]. [1]https://review.opendev.org/c/starlingx/openstack-armada-app/+/947284 Test Plan: [PASS] Build stx-openstack packages and tarball Baremetal Ceph deployment: [PASS] Upload and apply the stx-openstack tarball to a virtual AIO-SX [PASS] Overrides NOT applied to ceph-config-helper image Rook Ceph deployment: [PASS] upload the stx-openstack tarball to a virtual AIO-SX [PASS] overrides applied to ceph-config-helper image for the supported and dependent charts (cinder, glance, libvirt, nova) [PASS] rook ceph client image included in the "download_image" section of the stx-openstack-images.yaml Since stx-openstack still doesn't support 'system application-apply' for rook ceph deployments, the full validation of the app, the new ceph client image and the secret uuid overrides (including potential fixes) will occur in subsequent tasks. Story: 2011388 Task: 52001 Change-Id: I13b91e15aa907e248f9e41300bfbc2cc51139769 Signed-off-by: Alex Figueiredo <alex.fernandesfigueiredo@windriver.com>
2025-04-16 14:55:35 -03:00 · 2025-04-16 14:55:35 -03:00 · 6b481aeb37
commit 6b481aeb37
parent 05b355aee5
7 changed files with 101 additions and 12 deletions
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/cinder.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/cinder.py
@ -15,10 +15,12 @@ from k8sapp_openstack.common import constants as app_constants
 from k8sapp_openstack.helm import openstack
 from k8sapp_openstack.utils import check_netapp_backends
 from k8sapp_openstack.utils import get_ceph_uuid
+from k8sapp_openstack.utils import get_image_rook_ceph
 from k8sapp_openstack.utils import is_netapp_available
+from k8sapp_openstack.utils import is_rook_ceph_backend_available


-ROOK_CEPH_BACKEND_NAME = 'ceph-store'
+ROOK_CEPH_BACKEND_NAME = app_constants.CEPH_ROOK_BACKEND_NAME
 NETAPP_NFS_BACKEND_NAME = 'netapp-nfs'
 NETAPP_ISCSI_BACKEND_NAME = 'netapp-iscsi'

@ -115,6 +117,23 @@ class CinderHelm(openstack.OpenstackBaseHelm):
            overrides[common.HELM_NS_OPENSTACK] = \
                self._enable_certificates(overrides[common.HELM_NS_OPENSTACK])

+        # The ceph client versions supported by baremetal and rook ceph backends
+        # are not necessarily the same. Therefore, the ceph client image must be
+        # dynamically configured based on the ceph backend currently deployed.
+        if is_rook_ceph_backend_available():
+            rook_ceph_config_helper = get_image_rook_ceph()
+            overrides[common.HELM_NS_OPENSTACK] = self._update_overrides(
+                overrides[common.HELM_NS_OPENSTACK],
+                {
+                    'images': {
+                        'tags': {
+                            'cinder_backup_storage_init': rook_ceph_config_helper,
+                            'cinder_storage_init': rook_ceph_config_helper
+                        }
+                    }
+                }
+            )
+
        if namespace in self.SUPPORTED_NAMESPACES:
            return overrides[namespace]
        elif namespace:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/glance.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/glance.py
@ -13,6 +13,8 @@ from sysinv.helm import common

 from k8sapp_openstack.common import constants as app_constants
 from k8sapp_openstack.helm import openstack
+from k8sapp_openstack.utils import get_image_rook_ceph
+from k8sapp_openstack.utils import is_rook_ceph_backend_available


 # Info used in the Glance Helm chart.
@ -47,6 +49,22 @@ class GlanceHelm(openstack.OpenstackBaseHelm):
            overrides[common.HELM_NS_OPENSTACK] = \
                self._enable_certificates(overrides[common.HELM_NS_OPENSTACK])

+        # The ceph client versions supported by baremetal and rook ceph backends
+        # are not necessarily the same. Therefore, the ceph client image must be
+        # dynamically configured based on the ceph backend currently deployed.
+        if is_rook_ceph_backend_available():
+            rook_ceph_config_helper = get_image_rook_ceph()
+            overrides[common.HELM_NS_OPENSTACK] = self._update_overrides(
+                overrides[common.HELM_NS_OPENSTACK],
+                {
+                    'images': {
+                        'tags': {
+                            'glance_storage_init': rook_ceph_config_helper,
+                        }
+                    }
+                }
+            )
+
        if namespace in self.SUPPORTED_NAMESPACES:
            return overrides[namespace]
        elif namespace:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/gnocchi.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/gnocchi.py
@ -9,6 +9,8 @@ from sysinv.helm import common

 from k8sapp_openstack.common import constants as app_constants
 from k8sapp_openstack.helm import openstack
+from k8sapp_openstack.utils import get_image_rook_ceph
+from k8sapp_openstack.utils import is_rook_ceph_backend_available


 class GnocchiHelm(openstack.OpenstackBaseHelm):
@ -38,6 +40,22 @@ class GnocchiHelm(openstack.OpenstackBaseHelm):
            overrides[common.HELM_NS_OPENSTACK] = \
                self._enable_certificates(overrides[common.HELM_NS_OPENSTACK])

+        # The ceph client versions supported by baremetal and rook ceph backends
+        # are not necessarily the same. Therefore, the ceph client image must be
+        # dynamically configured based on the ceph backend currently deployed.
+        if is_rook_ceph_backend_available():
+            rook_ceph_config_helper = get_image_rook_ceph()
+            overrides[common.HELM_NS_OPENSTACK] = self._update_overrides(
+                overrides[common.HELM_NS_OPENSTACK],
+                {
+                    'images': {
+                        'tags': {
+                            'gnocchi_storage_init': rook_ceph_config_helper,
+                        }
+                    }
+                }
+            )
+
        if namespace in self.SUPPORTED_NAMESPACES:
            return overrides[namespace]
        elif namespace:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/libvirt.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/libvirt.py
@ -12,6 +12,8 @@ from sysinv.helm import common
 from k8sapp_openstack.common import constants as app_constants
 from k8sapp_openstack.helm import openstack
 from k8sapp_openstack.utils import get_ceph_uuid
+from k8sapp_openstack.utils import get_image_rook_ceph
+from k8sapp_openstack.utils import is_rook_ceph_backend_available


 class LibvirtHelm(openstack.OpenstackBaseHelm):
@ -47,6 +49,22 @@ class LibvirtHelm(openstack.OpenstackBaseHelm):
            }
        }

+        # The ceph client versions supported by baremetal and rook ceph backends
+        # are not necessarily the same. Therefore, the ceph client image must be
+        # dynamically configured based on the ceph backend currently deployed.
+        if is_rook_ceph_backend_available():
+            rook_ceph_config_helper = get_image_rook_ceph()
+            overrides[common.HELM_NS_OPENSTACK] = self._update_overrides(
+                overrides[common.HELM_NS_OPENSTACK],
+                {
+                    'images': {
+                        'tags': {
+                            'ceph_config_helper': rook_ceph_config_helper,
+                        }
+                    }
+                }
+            )
+
        if namespace in self.SUPPORTED_NAMESPACES:
            return overrides[namespace]
        elif namespace:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/nova.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/nova.py
@ -19,7 +19,9 @@ from sysinv.helm import common
 from k8sapp_openstack.common import constants as app_constants
 from k8sapp_openstack.helm import openstack
 from k8sapp_openstack.utils import get_ceph_uuid
+from k8sapp_openstack.utils import get_image_rook_ceph
 from k8sapp_openstack.utils import get_services_fqdn_pattern
+from k8sapp_openstack.utils import is_rook_ceph_backend_available

 LOG = logging.getLogger(__name__)

@ -163,6 +165,23 @@ class NovaHelm(openstack.OpenstackBaseHelm):
            overrides[common.HELM_NS_OPENSTACK] = \
                self._enable_certificates(overrides[common.HELM_NS_OPENSTACK])

+        # The ceph client versions supported by baremetal and rook ceph backends
+        # are not necessarily the same. Therefore, the ceph client image must be
+        # dynamically configured based on the ceph backend currently deployed.
+        if is_rook_ceph_backend_available():
+            rook_ceph_config_helper = get_image_rook_ceph()
+            overrides[common.HELM_NS_OPENSTACK] = self._update_overrides(
+                overrides[common.HELM_NS_OPENSTACK],
+                {
+                    'images': {
+                        'tags': {
+                            'nova_service_cleaner': rook_ceph_config_helper,
+                            'nova_storage_init': rook_ceph_config_helper
+                        }
+                    }
+                }
+            )
+
        if namespace in self.SUPPORTED_NAMESPACES:
            return overrides[namespace]
        elif namespace:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/openstack.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/openstack.py
@ -711,17 +711,11 @@ class OpenstackBaseHelm(FluxCDBaseHelm):
            app_name, chart_name, namespace)

    def _is_rook_ceph(self):
-        try:
-            # check function getLabels in rook/pkg/operator/ceph/cluster/mon/spec.go
-            # rook will assign label "mon_cluster=kube-system" to monitor pods
-            label = "mon_cluster=" + common.HELM_NS_STORAGE_PROVISIONER
-            kube = kubernetes.KubeOperator()
-            pods = kube.kube_get_pods_by_selector(common.HELM_NS_STORAGE_PROVISIONER, label, "")
-            if len(pods) > 0:
-                return True
-        except Exception:
-            pass
-        return False
+        # TODO: this function can be completely replaced by the app utils
+        # function in the future. For now, it will be left here for backward
+        # compatibility, reducing the code changes initially required for rook
+        # ceph integration.
+        return app_utils.is_rook_ceph_backend_available()

    def _get_rook_ceph_admin_keyring(self):
        try:
--- a/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/utils.py
+++ b/python3-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/utils.py
@ -409,6 +409,9 @@ def get_ceph_uuid():

    :returns: str -- The Ceph's secret UUID
    """
+    if is_rook_ceph_backend_available():
+        return get_rook_ceph_uuid()
+
    ceph_config_file = os.path.join(constants.CEPH_CONF_PATH,
                                    constants.SB_TYPE_CEPH_CONF_FILENAME)