starlingx/openstack-armada-app
Code Issues Proposed changes

Upversion base openstack-helm-infra (6b6ca9e2)

Browse Source 
This change upversion our base commit SHA for openstack-helm-infra,
in order to be more updated in comparison with
openstack/openstack-helm-infra main branch. It also ports all
StarlingX specific patches on top of it, dropping patches that are no
longer needed and updating what needs to be updated in order to be
applied on top of the new base SHA. Taking this chance to also update
the numbering/ordering of stx patches.
Chartmuseum build dependency was removed since a local helm chart server
is not really required for building openstack-helm-infra.

Helm Releases are updated with newest version of each helm chart.

Since the helm-toolkit chart was upversioned (0.2.19 -> 0.2.53), it is
also reflected on both the openstack-helm and stx-openstack-helm-fluxcd
build instructions.

Added ingress and error_pages images tags to both Ingress and MariaDB
static overrides in order to use the tags that are already being used by
the platform nginx-ingress-controller application.
ingress-nginx/controller was on v1.5.1 in the newest charts, was updated
to v1.7.0 that is already used. defaultbackend was on 1.4 in the newest
charts, was updated to -amd64:1.5.
Both are upgrades and not downgrades, so we should be fine and aligned
with images already delivered by default platform applications.

Finally, a new patch had to be developed (0016) in order to Add the
ServiceAccount creation back to openvswitch Daemonset definition.
Originally openvswitch chart had two daemonset definitions: for the
db and for the server, but recently both were merged into a single
daemonset [1] and the template inclusion was dropped during this merge.
This fix will also be proposed to openstack/openstack-helm-infra [2]

[1] 73e2b3322d
[2] https://review.opendev.org/c/openstack/openstack-helm-infra/+/888504

Test Plan:
PASS - Build openstack-helm-infra package
PASS - Build openstack-helm package
PASS - build-pkgs -c -a
PASS - Build stx-openstack application tarball
PASS - Apply/Remove stx-openstack
PASS - Apply/Remove stx-openstack with TLS enabled
PASS - Run stx-openstack sanity tests (AIO-SX)*
* No major issue found, 2 TCs failed but does not seem related to this
  upversion and if a consistent failure is confirmed a launchpad can be
  created later.

Story: 2010715
Task: 47887

Depends-On: https://review.opendev.org/c/starlingx/SDO-rv-service/+/886739

Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: Ie83075dbe3f60f43be7f3eb5c4870a2745a358ed
This commit is contained in:
Thales Elero Cervi 2023-07-04 14:03:00 -03:00
parent b24b9c33c1
commit b1dfa417a4
37 changed files with 316 additions and 1925 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
openstack-helm-infra/debian/deb_folder/control
View File

@ -3,7 +3,6 @@ Section: libs
Priority: optional
Maintainer: StarlingX Developers <starlingx-discuss@lists.starlingx.io>
Build-Depends: debhelper-compat (= 13),
chartmuseum,
helm,
procps
Standards-Version: 4.5.1

18
openstack-helm-infra/debian/deb_folder/patches/0001-Add-imagePullSecrets-in-service-account.patch
View File

@ -1,26 +1,28 @@
From ac3f9db5ac1a19af71136752f5709ba1da55d201 Mon Sep 17 00:00:00 2001
From: Angie Wang <angie.wang@windriver.com>
Date: Mon, 11 Feb 2019 11:29:03 -0500
Subject: [PATCH 2/4] Add imagePullSecrets in service account
Subject: Add imagePullSecrets in service account
Signed-off-by: Robert Church <robert.church@windriver.com>
[ upversioned openstack-helm-infra base commit ]
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
---
helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
.../templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl | 2 ++
1 file changed, 2 insertions(+)
diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
index b4cf1a6..2f4113b 100644
index bc2045e5..b908feb2 100644
--- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
+++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl
@@ -44,6 +44,8 @@ kind: ServiceAccount
@@ -42,6 +42,8 @@ kind: ServiceAccount
metadata:
name: {{ $saName }}
namespace: {{ $saNamespace }}
+imagePullSecrets:
+ - name: default-registry-key
{{- range $k, $v := $deps -}}
{{- if eq $k "services" }}
{{- range $serv := $v }}
{{- if $envAll.Values.manifests.secret_registry }}
{{- if $envAll.Values.endpoints.oci_image_registry.auth.enabled }}
imagePullSecrets:
--
2.16.5
2.25.1

14
openstack-helm-infra/debian/deb_folder/patches/0003-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch → openstack-helm-infra/debian/deb_folder/patches/0002-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
View File

@ -9,14 +9,14 @@ per-host DaemonSet overrides.
Signed-off-by: Robert Church <robert.church@windriver.com>
---
helm-toolkit/templates/utils/_daemonset_overrides.tpl | 12 ++++++------
.../templates/utils/_daemonset_overrides.tpl | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
index 10ab166..ab1177a 100644
index 40359f0f..69dcd800 100644
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
@@ -49,10 +49,10 @@ limitations under the License.
@@ -47,10 +47,10 @@ limitations under the License.
{{- $override_conf_copy := $host_data.conf }}
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
@ -29,7 +29,7 @@ index 10ab166..ab1177a 100644
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $current_dict "nodeData" $root_conf_copy4 }}
@@ -89,10 +89,10 @@ limitations under the License.
@@ -87,10 +87,10 @@ limitations under the License.
{{- $override_conf_copy := $label_data.conf }}
{{/* Deep copy to prevent https://storyboard.openstack.org/#!/story/2005936 */}}
{{- $root_conf_copy := omit ($context.Values.conf | toYaml | fromYaml) "overrides" }}
@ -42,7 +42,7 @@ index 10ab166..ab1177a 100644
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $context.Values.__current_label "nodeData" $root_conf_copy4 }}
@@ -187,7 +187,7 @@ limitations under the License.
@@ -185,7 +185,7 @@ limitations under the License.
{{- $root_conf_copy1 := omit $context.Values.conf "overrides" }}
{{- $root_conf_copy2 := dict "conf" $root_conf_copy1 }}
{{- $context_values := omit $context.Values "conf" }}
@ -51,7 +51,7 @@ index 10ab166..ab1177a 100644
{{- $root_conf_copy4 := dict "Values" $root_conf_copy3 }}
{{- $_ := set $context.Values.__default "nodeData" $root_conf_copy4 }}
@@ -198,7 +198,7 @@ limitations under the License.
@@ -196,7 +196,7 @@ limitations under the License.
{{- range $current_dict := $context.Values.__daemonset_list }}
{{- $context_novalues := omit $context "Values" }}
@ -61,5 +61,5 @@ index 10ab166..ab1177a 100644
{{/* Deep copy original daemonset_yaml */}}
{{- $_ := set $context.Values "__daemonset_yaml" ($daemonset_yaml | toYaml | fromYaml) }}
--
2.7.4
2.25.1

12
openstack-helm-infra/debian/deb_folder/patches/0004-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch → openstack-helm-infra/debian/deb_folder/patches/0003-Fix-pod-restarts-on-all-workers-when-worker-added.patch
View File

@ -9,10 +9,10 @@ Subject: [PATCH] Fix pod restarts on all workers when worker added/removed
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/helm-toolkit/templates/utils/_daemonset_overrides.tpl b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
index ab1177a..e564869 100644
index 69dcd800..332b766e 100644
--- a/helm-toolkit/templates/utils/_daemonset_overrides.tpl
+++ b/helm-toolkit/templates/utils/_daemonset_overrides.tpl
@@ -215,7 +215,7 @@ limitations under the License.
@@ -213,7 +213,7 @@ limitations under the License.
name uniqueness */}}
{{- $_ := set $current_dict "dns_1123_name" dict }}
{{- if hasKey $current_dict "matchExpressions" }}
@ -21,7 +21,7 @@ index ab1177a..e564869 100644
{{- else }}
{{- $_ := set $current_dict "dns_1123_name" $name_format2 }}
{{- end }}
@@ -258,7 +258,7 @@ limitations under the License.
@@ -256,7 +256,7 @@ limitations under the License.
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template "metadata" dict }}{{- end }}
{{- if not $context.Values.__daemonset_yaml.spec.template.metadata.annotations }}{{- $_ := set $context.Values.__daemonset_yaml.spec.template.metadata "annotations" dict }}{{- end }}
{{- $cmap := list $current_dict.dns_1123_name $current_dict.nodeData | include $configmap_include }}
@ -31,10 +31,10 @@ index ab1177a..e564869 100644
{{/* generate configmap */}}
diff --git a/helm-toolkit/templates/utils/_hash.tpl b/helm-toolkit/templates/utils/_hash.tpl
index 1041ec0..e419e3b 100644
index d871b626..550fda4a 100644
--- a/helm-toolkit/templates/utils/_hash.tpl
+++ b/helm-toolkit/templates/utils/_hash.tpl
@@ -19,5 +19,5 @@ limitations under the License.
@@ -17,5 +17,5 @@ limitations under the License.
{{- $context := index . 1 -}}
{{- $last := base $context.Template.Name }}
{{- $wtf := $context.Template.Name | replace $last $name -}}
@ -42,5 +42,5 @@ index 1041ec0..e419e3b 100644
+{{- include $wtf $context | toJson | sha256sum | quote -}}
{{- end -}}
--
2.7.4
2.25.1

16
openstack-helm-infra/debian/deb_folder/patches/0005-Add-io_thread_pool-for-rabbitmq.patch → openstack-helm-infra/debian/deb_folder/patches/0004-Add-io_thread_pool-for-rabbitmq.patch
View File

@ -10,10 +10,10 @@ Signed-off-by: Bin Yang <bin.yang@intel.com>
2 files changed, 12 insertions(+)
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
index 41dc198..e0e61e6 100644
index 6b2143b4..35a482c1 100644
--- a/rabbitmq/templates/statefulset.yaml
+++ b/rabbitmq/templates/statefulset.yaml
@@ -105,6 +105,10 @@ spec:
@@ -135,6 +135,10 @@ spec:
key: RABBITMQ_ADMIN_PASSWORD
- name: RABBITMQ_DEFINITION_FILE
value: "{{ index $envAll.Values.conf.rabbitmq "management.load_definitions" }}"
@ -24,7 +24,7 @@ index 41dc198..e0e61e6 100644
volumeMounts:
- name: pod-tmp
mountPath: /tmp
@@ -215,6 +219,10 @@ spec:
@@ -233,6 +237,10 @@ spec:
{{- if ne (.Values.conf.feature_flags | default "") "default" }}
- name: RABBITMQ_FEATURE_FLAGS
value: "{{ .Values.conf.feature_flags }}"
@ -36,13 +36,13 @@ index 41dc198..e0e61e6 100644
readinessProbe:
initialDelaySeconds: 10
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
index 6c95787..9cd3a91 100644
index 2ec00310..6e6978c0 100644
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@@ -375,6 +375,10 @@ volume:
@@ -409,6 +409,10 @@ volume:
# Set helm3_hook to false while using helm2
helm3_hook: true
+io_thread_pool:
+ enabled: false
+ size: 64
@ -50,6 +50,6 @@ index 6c95787..9cd3a91 100644
manifests:
certificates: false
configmap_bin: true
--
2.7.4
--
2.25.1

10
openstack-helm-infra/debian/deb_folder/patches/0006-Enable-override-of-rabbitmq-probe-parameters.patch → openstack-helm-infra/debian/deb_folder/patches/0005-Enable-override-of-rabbitmq-probe-parameters.patch
View File

@ -6,20 +6,20 @@ Subject: [PATCH] Enable override of rabbitmq probe parameters
Add variables for initial delay, period and timeout for rabbitmq
liveness and readiness probes.
Change-Id: I8d2685118eb4ce3b8c27952892f7ad553fc5de77
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
[ fix duplicate yaml keys ]
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: I3db83ffd3c7856b099cc6fb488e3df4e8da7fb2c
---
rabbitmq/templates/statefulset.yaml | 10 ++++++----
rabbitmq/values.yaml | 8 ++++++++
2 files changed, 14 insertions(+), 4 deletions(-)
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
index 45f8271a..cd9f39d6 100644
index 35a482c1..5d013a1e 100644
--- a/rabbitmq/templates/statefulset.yaml
+++ b/rabbitmq/templates/statefulset.yaml
@@ -225,14 +225,16 @@ spec:
@@ -243,14 +243,16 @@ spec:
value: {{ $envAll.Values.io_thread_pool.size | quote }}
{{- end }}
readinessProbe:
@ -41,10 +41,10 @@ index 45f8271a..cd9f39d6 100644
command:
- /tmp/rabbitmq-liveness.sh
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
index 6a1bd85f..0d37e673 100644
index 6e6978c0..e24db892 100644
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@@ -48,6 +48,14 @@ images:
@@ -54,6 +54,14 @@ forceBoot:
pod:
probes:

45
openstack-helm-infra/debian/deb_folder/patches/0009-Enable-override-of-mariadb-server-probe-parameters.patch → openstack-helm-infra/debian/deb_folder/patches/0006-Enable-override-of-mariadb-server-probe-parameters.patch
View File

@ -12,55 +12,56 @@ be performed because only one signle mariadb-server exists, have to
take use of "startupProbe" to ensure the WSREP status are ready.
For all these exceptional cases above, which are different from the
default mariadb cluster with 3 nodes, we have to export the probe
parameters and override the related probe pareameters.
parameters and override the related probe parameters.
Signed-off-by: Hu, Yong <yong.hu@intel.com>
Co-Authored-By: Zhipeng, Liu <zhipengs.liu@intel.com>
[ upversioned openstack-helm-infra base commit ]
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: Idffb247ea722e53976238cfeacde4f70b9171393
---
mariadb/templates/statefulset.yaml | 3 +++-
mariadb/values.yaml | 20 +++++++++++++++
2 files changed, 23 insertions(+), 1 deletion(-)
mariadb/templates/statefulset.yaml | 1 +
mariadb/values.yaml | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
index e31d4ac..83e135f 100644
index 31d322b5..1185a41c 100644
--- a/mariadb/templates/statefulset.yaml
+++ b/mariadb/templates/statefulset.yaml
@@ -187,7 +187,9 @@ spec:
exec:
@@ -200,6 +200,7 @@ spec:
command:
- /tmp/stop.sh
-{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "readiness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "readiness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "readiness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "startup" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
+{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "liveness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
{{ dict "envAll" . "component" "server" "container" "mariadb" "type" "liveness" "probeTemplate" (include "mariadbReadinessProbe" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index 2d75f39..444bba3 100644
index 741a75fe..e4a0399e 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -69,6 +69,20 @@ pod:
@@ -68,12 +68,20 @@ pod:
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 15
+ failureThreshold: 3
liveness:
- enabled: true
+ enabled: false
params:
initialDelaySeconds: 120
periodSeconds: 30
timeoutSeconds: 15
+ failureThreshold: 5
+ startup:
+ enabled: false
+ params:
+ initialDelaySeconds: 60
+ periodSeconds: 60
+ failureThreshold: 10
+ liveness:
+ enabled: false
+ params:
+ initialDelaySeconds: 60
+ periodSeconds: 30
+ failureThreshold: 5
+ timeoutSeconds: 15
security_context:
server:
pod:
--
1.8.3.1
--
2.25.1

15
openstack-helm-infra/debian/deb_folder/patches/0011-Add-mariadb-database-config-override-to-support-ipv6.patch → openstack-helm-infra/debian/deb_folder/patches/0007-Add-mariadb-database-config-override-to-support-ipv6.patch
View File

@ -4,6 +4,7 @@ Date: Thu, 28 May 2020 08:03:42 +0000
Subject: [PATCH] Add mariadb database config override to support ipv6
Signed-off-by: Liu, ZhipengS <zhipengs.liu@intel.com>
Change-Id: Ib00ac93863f342d7b8d36d9a2fe5c1e558bcc71d
---
mariadb/templates/configmap-etc.yaml | 8 ++++++++
mariadb/templates/statefulset.yaml | 2 +-
@ -11,10 +12,10 @@ Signed-off-by: Liu, ZhipengS <zhipengs.liu@intel.com>
3 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/mariadb/templates/configmap-etc.yaml b/mariadb/templates/configmap-etc.yaml
index feb1714..866028d 100644
index 5367f18d..961cec26 100644
--- a/mariadb/templates/configmap-etc.yaml
+++ b/mariadb/templates/configmap-etc.yaml
@@ -26,6 +26,14 @@ data:
@@ -24,6 +24,14 @@ data:
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "00_base" ) "key" "00-base.cnf" ) | indent 2 }}
{{- if $envAll.Values.conf.database.config_override }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "config_override" ) "key" "20-override.cnf" ) | indent 2 }}
@ -30,10 +31,10 @@ index feb1714..866028d 100644
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "99_force" ) "key" "99-force.cnf" ) | indent 2 }}
{{- end }}
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
index 83e135f..3ef7383 100644
index 1185a41c..f08094ef 100644
--- a/mariadb/templates/statefulset.yaml
+++ b/mariadb/templates/statefulset.yaml
@@ -216,7 +216,7 @@ spec:
@@ -229,7 +229,7 @@ spec:
mountPath: /etc/mysql/conf.d/00-base.cnf
subPath: 00-base.cnf
readOnly: true
@ -43,15 +44,15 @@ index 83e135f..3ef7383 100644
mountPath: /etc/mysql/conf.d/20-override.cnf
subPath: 20-override.cnf
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index 444bba3..880b31e 100644
index 5f4d4f4c..6f325e9c 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -671,4 +671,5 @@ manifests:
@@ -730,4 +730,5 @@ manifests:
service_error: true
service: true
statefulset: true
+ config_ipv6: false
...
--
1.8.3.1
2.25.1

13
openstack-helm-infra/debian/deb_folder/patches/0012-enable-Values.conf.database.config_override-for-mari.patch → openstack-helm-infra/debian/deb_folder/patches/0008-Enable-Values.conf.database.config_override-for-mari.patch
View File

@ -1,19 +1,20 @@
From c75c04ea1c2250f16c1aabe57a2d4e94d986a90e Mon Sep 17 00:00:00 2001
From: "Chen, Haochuan Z" <haochuan.z.chen@intel.com>
Date: Wed, 5 Aug 2020 03:08:14 +0000
Subject: [PATCH 13/13] enable Values.conf.database.config_override for mariadb
Subject: [PATCH] Enable Values.conf.database.config_override for mariadb
option wsrep_provider_options override
Change-Id: I3889da9d7ea36f458616f38746b3b089b7878b7a
---
mariadb/templates/configmap-etc.yaml | 5 ++---
mariadb/templates/statefulset.yaml | 8 +++++++-
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/mariadb/templates/configmap-etc.yaml b/mariadb/templates/configmap-etc.yaml
index 53072f4..7bdfd8a 100644
index 961cec26..20edfd32 100644
--- a/mariadb/templates/configmap-etc.yaml
+++ b/mariadb/templates/configmap-etc.yaml
@@ -26,14 +26,13 @@ data:
@@ -24,14 +24,13 @@ data:
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "00_base" ) "key" "00-base.cnf" ) | indent 2 }}
{{- if $envAll.Values.conf.database.config_override }}
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "config_override" ) "key" "20-override.cnf" ) | indent 2 }}
@ -31,10 +32,10 @@ index 53072f4..7bdfd8a 100644
{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" ( index $envAll.Values.conf.database "99_force" ) "key" "99-force.cnf" ) | indent 2 }}
{{- end }}
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
index 3ef7383..88439e2 100644
index f08094ef..1a5125e5 100644
--- a/mariadb/templates/statefulset.yaml
+++ b/mariadb/templates/statefulset.yaml
@@ -216,12 +216,18 @@ spec:
@@ -229,12 +229,18 @@ spec:
mountPath: /etc/mysql/conf.d/00-base.cnf
subPath: 00-base.cnf
readOnly: true
@ -55,5 +56,5 @@ index 3ef7383..88439e2 100644
mountPath: /etc/mysql/conf.d/99-force.cnf
subPath: 99-force.cnf
--
1.8.3.1
2.25.1

9
openstack-helm-infra/debian/deb_folder/patches/0013-Allow-set-public-endpoint-url-for-all-openstack-types.patch → openstack-helm-infra/debian/deb_folder/patches/0009-Allow-set-public-endpoint-url-for-all-openstack-types.patch
View File

@ -1,18 +1,19 @@
From 7fd9d60e124868f277a1f2b0e86296dc50dd07ec Mon Sep 17 00:00:00 2001
From: Angie Wang <angie.wang@windriver.com>
Date: Mon, 31 Aug 2020 23:51:06 -0400
Subject: [PATCH 1/1] Allow set public endpoint url for all openstack
Subject: [PATCH] Allow set public endpoint url for all openstack
endpoint types
Change-Id: I4f4f5ab8ded72796ef509aa447f113a48a3b00b5
---
helm-toolkit/templates/manifests/_job-ks-endpoints.tpl | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
index 02f2013..39766f4 100644
index 3a7df7ff..f268947b 100644
--- a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
+++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
@@ -84,7 +84,11 @@ spec:
@@ -110,7 +110,11 @@ spec:
- name: OS_SERVICE_TYPE
value: {{ $osServiceType | quote }}
- name: OS_SERVICE_ENDPOINT
@ -25,5 +26,5 @@ index 02f2013..39766f4 100644
{{- end }}
volumes:
--
1.8.3.1
2.25.1

6
openstack-helm-infra/debian/deb_folder/patches/0018-Add-GaleraDB-Secure-Replica-Traffic.patch → openstack-helm-infra/debian/deb_folder/patches/0010-Add-GaleraDB-Secure-Replica-Traffic.patch
View File

@ -21,10 +21,10 @@ Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
2 files changed, 23 insertions(+), 4 deletions(-)
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index 362dab51..47029b08 100644
index 6f325e9c..72f5df7c 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -427,19 +427,25 @@ conf:
@@ -474,19 +474,25 @@ conf:
wsrep_cluster_name={{ tuple "oslo_db" "direct" . | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" | replace "." "_" }}
wsrep_on=1
wsrep_provider=/usr/lib/galera/libgalera_smm.so
@ -88,5 +88,5 @@ index b8da60f8..b09de17c 100644
certificates: true
...
--
2.17.1
2.25.1

4
openstack-helm-infra/debian/deb_folder/patches/0020-Fix-tls-in-openstack-helm-infra.patch → openstack-helm-infra/debian/deb_folder/patches/0011-Fix-tls-in-openstack-helm-infra.patch
View File

@ -3,8 +3,6 @@ From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Date: Wed, 19 Jan 2022 11:54:38 -0300
Subject: [PATCH] Fix Support for TLS in openstack-helm-infra
WIP
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I382e0fc68c9a92c6a9570097db2c6a959525059d
---
@ -132,5 +130,5 @@ index 24a70450..f34ac527 100644
+{{- end }}
\ No newline at end of file
--
2.17.1
2.25.1

92
openstack-helm-infra/debian/deb_folder/patches/0021-Remove-mariadb-tls.patch → openstack-helm-infra/debian/deb_folder/patches/0012-Remove-mariadb-tls.patch
View File

@ -1,7 +1,7 @@
From 6fa2814271b7806aece4fb44f6d8eabe8c5ab6aa Mon Sep 17 00:00:00 2001
From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Date: Tue, 8 Feb 2022 09:18:02 -0300
Subject: [PATCH 21/22] Remove mariadb
Subject: Remove mariadb tls
Change-Id: I37405da8faab3495ebe55c81389e0d769aaeb1d1
---
@ -13,7 +13,7 @@ Change-Id: I37405da8faab3495ebe55c81389e0d769aaeb1d1
5 files changed, 6 insertions(+), 36 deletions(-)
diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
index 934a2435..8ae71c67 100644
index 62ed1191..49bd12d3 100644
--- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
@@ -37,7 +37,6 @@ limitations under the License.
@ -24,12 +24,44 @@ index 934a2435..8ae71c67 100644
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-drop" }}
{{ tuple $envAll "db_drop" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -133,9 +132,6 @@ spec:
@@ -134,9 +133,6 @@ spec:
subPath: {{ base $dbToDrop.logConfigFile | quote }}
readOnly: true
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
{{- end }}
volumes:
- name: pod-tmp
@@ -151,9 +147,6 @@ spec:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
{{- $local := dict "configMapBinFirst" true -}}
{{- range $key1, $dbToDrop := $dbsToDrop }}
{{- $dbToDropType := default "oslo" $dbToDrop.inputType }}
diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
index 745e8dab..fe27e6ff 100644
--- a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
@@ -37,7 +37,6 @@ limitations under the License.
{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $dbAdminTlsSecret := index . "dbAdminTlsSecret" | default "" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }}
{{ tuple $envAll "db_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -133,9 +132,6 @@ spec:
subPath: {{ base $dbToInit.logConfigFile | quote }}
readOnly: true
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
{{- end }}
volumes:
@ -40,44 +72,12 @@ index 934a2435..8ae71c67 100644
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
{{- $local := dict "configMapBinFirst" true -}}
{{- range $key1, $dbToDrop := $dbsToDrop }}
{{- $dbToDropType := default "oslo" $dbToDrop.inputType }}
diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
index c164ad0a..dcfbb35f 100644
--- a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
@@ -37,7 +37,6 @@ limitations under the License.
{{- $backoffLimit := index . "backoffLimit" | default "1000" -}}
{{- $activeDeadlineSeconds := index . "activeDeadlineSeconds" -}}
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
-{{- $dbAdminTlsSecret := index . "dbAdminTlsSecret" | default "" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }}
{{ tuple $envAll "db_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -132,9 +131,6 @@ spec:
subPath: {{ base $dbToInit.logConfigFile | quote }}
readOnly: true
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- end }}
{{- end }}
volumes:
- name: pod-tmp
@@ -149,9 +145,6 @@ spec:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}
-{{- if $envAll.Values.manifests.certificates }}
-{{- dict "enabled" $envAll.Values.manifests.certificates "name" $dbAdminTlsSecret | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
{{- $local := dict "configMapBinFirst" true -}}
{{- range $key1, $dbToInit := $dbsToInit }}
{{- $dbToInitType := default "oslo" $dbToInit.inputType }}
diff --git a/helm-toolkit/templates/manifests/_job-db-sync.tpl b/helm-toolkit/templates/manifests/_job-db-sync.tpl
index 659238a4..f181061f 100644
index 24d2496d..6b222945 100644
--- a/helm-toolkit/templates/manifests/_job-db-sync.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-sync.tpl
@@ -34,7 +34,6 @@ limitations under the License.
@ -88,7 +88,7 @@ index 659238a4..f181061f 100644
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-sync" }}
{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -106,7 +105,6 @@ spec:
@@ -107,7 +106,6 @@ spec:
mountPath: {{ $dbToSync.logConfigFile | quote }}
subPath: {{ base $dbToSync.logConfigFile | quote }}
readOnly: true
@ -96,7 +96,7 @@ index 659238a4..f181061f 100644
{{- if $podVolMounts }}
{{ $podVolMounts | toYaml | indent 12 }}
{{- end }}
@@ -129,7 +127,6 @@ spec:
@@ -130,7 +128,6 @@ spec:
secret:
secretName: {{ $configMapEtc | quote }}
defaultMode: 0444
@ -141,7 +141,7 @@ index 03884fa1..81447546 100644
database = user_engine.url.database
user = user_engine.url.username
diff --git a/helm-toolkit/templates/scripts/_db-init.py.tpl b/helm-toolkit/templates/scripts/_db-init.py.tpl
index 4294d40c..9671b734 100644
index 6027b951..321b82f1 100644
--- a/helm-toolkit/templates/scripts/_db-init.py.tpl
+++ b/helm-toolkit/templates/scripts/_db-init.py.tpl
@@ -54,12 +54,6 @@ else:
@ -179,13 +179,13 @@ index 4294d40c..9671b734 100644
# Create DB User
try:
root_engine.execute(
- "GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\' IDENTIFIED BY \'{2}\' {3}".format(
- database, user, password, mysql_x509))
+ "GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\' IDENTIFIED BY \'{2}\'".format(
+ database, user, password))
- "CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\' {2}".format(
- user, password, mysql_x509))
+ "CREATE USER IF NOT EXISTS \'{0}\'@\'%%\' IDENTIFIED BY \'{1}\'".format(
+ user, password))
root_engine.execute(
"GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\'".format(database, user))
logger.info("Created user {0} for {1}".format(user, database))
except:
logger.critical("Could not create user {0} for {1}".format(user, database))
--
2.17.1
2.25.1

14
openstack-helm-infra/debian/deb_folder/patches/0022-Remove-rabbitmq-tls.patch → openstack-helm-infra/debian/deb_folder/patches/0013-Remove-rabbitmq-tls.patch
View File

@ -1,7 +1,7 @@
From 4b2cc6a3c4b9af9dd2688d52b493828cef97cdb6 Mon Sep 17 00:00:00 2001
From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Date: Tue, 8 Feb 2022 09:20:36 -0300
Subject: [PATCH 22/22] remove rabbit tls
Subject: [PATCH] Remove rabbit tls
Change-Id: I04c4c25c72b10b87e71c2f286e21526e5e062b67
---
@ -10,7 +10,7 @@ Change-Id: I04c4c25c72b10b87e71c2f286e21526e5e062b67
2 files changed, 30 deletions(-)
diff --git a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
index 59e0da0f..b776d055 100644
index 69820642..1501563e 100644
--- a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
@@ -25,9 +25,6 @@ limitations under the License.
@ -23,7 +23,7 @@ index 59e0da0f..b776d055 100644
{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }}
{{ tuple $envAll "rabbit_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -85,9 +82,6 @@ spec:
@@ -86,9 +83,6 @@ spec:
mountPath: /tmp/rabbit-init.sh
subPath: rabbit-init.sh
readOnly: true
@ -33,7 +33,7 @@ index 59e0da0f..b776d055 100644
env:
- name: RABBITMQ_ADMIN_CONNECTION
valueFrom:
@@ -102,12 +96,6 @@ spec:
@@ -103,12 +97,6 @@ spec:
{{- if $envAll.Values.conf.rabbitmq }}
- name: RABBITMQ_AUXILIARY_CONFIGURATION
value: {{ toJson $envAll.Values.conf.rabbitmq | quote }}
@ -46,7 +46,7 @@ index 59e0da0f..b776d055 100644
{{- end }}
volumes:
- name: pod-tmp
@@ -122,7 +110,4 @@ spec:
@@ -123,7 +111,4 @@ spec:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end }}
@ -55,7 +55,7 @@ index 59e0da0f..b776d055 100644
-{{- end }}
{{- end -}}
diff --git a/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl b/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
index 87872d6f..7fb16a0f 100644
index 3739f955..75be73fe 100644
--- a/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
+++ b/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
@@ -47,27 +47,12 @@ RABBITMQ_VHOST=$(echo "${RABBITMQ_USER_CONNECTION}" | \
@ -87,5 +87,5 @@ index 87872d6f..7fb16a0f 100644
echo "Managing: User: ${RABBITMQ_USERNAME}"
--
2.17.1
2.25.1

83
openstack-helm-infra/debian/deb_folder/patches/0014-Update-openstack-Ingress-for-networking-api-v1.patch Normal file
View File

@ -0,0 +1,83 @@
From 04ef9a7ff789aeda4e2e80ae6bc70beb80507d6b Mon Sep 17 00:00:00 2001
From: Rafael Falcao <rafael.vieirafalcao@windriver.com>
Date: Mon, 18 Jul 2022 09:42:01 -0300
Subject: [PATCH] Update openstack Ingress for networking api v1
This change patches the correct apiVersion for Ingress resources created
by the openstack ingress chart to work correctly when stx-openstack is
applied on stx with kubernetes 1.22+ running, fixing the problem
described in [1].
Same applies to spec changes that need to be done according to
io.k8s.api.networking.v1.IngressBackend documentation.
It could be done by upversioning openstack-helm-infra to its latest
commit (currently 1147988b8eba6ab7d1e7af262843f641be6657ff) but this
upversion has a different series of complications that are being
discussed in [2]
[1] https://bugs.launchpad.net/starlingx/+bug/1980397
[2] https://review.opendev.org/c/starlingx/openstack-armada-app/+/848336
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Co-authored-by: Rafael Falcao <rafael.vieirafalcao@windriver.com>
[ upversioned openstack-helm-infra base commit ]
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: I0bbecc097fdafdf5ebbc3a164b80ba903b5623f2
---
ingress/templates/deployment-ingress.yaml | 1 +
ingress/templates/ingress.yaml | 3 ++-
mariadb/templates/deployment-ingress.yaml | 4 ++--
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/ingress/templates/deployment-ingress.yaml b/ingress/templates/deployment-ingress.yaml
index 56f169d5..4153b672 100644
--- a/ingress/templates/deployment-ingress.yaml
+++ b/ingress/templates/deployment-ingress.yaml
@@ -68,6 +68,7 @@ rules:
- "networking.k8s.io"
resources:
- ingresses
+ - ingressclasses
verbs:
- get
- list
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
index 1f67c7a7..3c39f180 100644
--- a/ingress/templates/ingress.yaml
+++ b/ingress/templates/ingress.yaml
@@ -16,7 +16,8 @@ limitations under the License.
{{- $envAll := . }}
{{- if eq .Values.deployment.mode "namespace" }}
{{- if empty (index .Values.network.ingress.annotations "kubernetes.io/ingress.class") -}}
-{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
+{{- $ingressClassName := "nginx" -}}
+{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" $ingressClassName -}}
{{- end -}}
{{- $serviceName := tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
{{- $servicePort := tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" -}}
diff --git a/mariadb/templates/deployment-ingress.yaml b/mariadb/templates/deployment-ingress.yaml
index 6fbf3389..ba0d64c9 100644
--- a/mariadb/templates/deployment-ingress.yaml
+++ b/mariadb/templates/deployment-ingress.yaml
@@ -21,7 +21,7 @@ limitations under the License.
{{- if .Values.manifests.deployment_ingress }}
{{- $envAll := . }}
-{{- $ingressClass := printf "%s-%s" .deployment_name "mariadb-ingress" }}
+{{- $ingressClass := printf "%s" "mariadb-ingress" }}
{{- $serviceAccountName := printf "%s-%s" .deployment_name "ingress" }}
{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -171,7 +171,7 @@ rules:
- apiGroups:
- ""
resourceNames:
- - {{ printf "%s-%s" .deployment_name $ingressClass | quote }}
+ - {{ printf "%s" .Release.Name | quote }}
resources:
- configmaps
verbs:
--
2.25.1

10
openstack-helm-infra/debian/deb_folder/patches/0026-Update-libvirt-configuration-script-for-Debian.patch → openstack-helm-infra/debian/deb_folder/patches/0015-Update-libvirt-configuration-script-for-Debian.patch
View File

@ -19,13 +19,13 @@ Change-Id: Ib2c3b0cbd0666ffd5dd310103c3f1a75b36c330c
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libvirt/templates/bin/_libvirt.sh.tpl b/libvirt/templates/bin/_libvirt.sh.tpl
index c419997e..d8085f5e 100644
index 74f7e32d..7f9177d7 100644
--- a/libvirt/templates/bin/_libvirt.sh.tpl
+++ b/libvirt/templates/bin/_libvirt.sh.tpl
@@ -33,9 +33,11 @@ fi
rm -f /var/run/libvirtd.pid
-if [[ -c /dev/kvm ]]; then
+if [ "$(cat /etc/os-release | grep -w NAME= | grep -w CentOS)" ]; then
+ if [[ -c /dev/kvm ]]; then
@ -33,8 +33,8 @@ index c419997e..d8085f5e 100644
chown root:kvm /dev/kvm
+ fi
fi
#Setup Cgroups to use when breaking out of Kubernetes defined groups
--
--
2.25.1

48
openstack-helm-infra/debian/deb_folder/patches/0016-Add-ServiceAccount-to-openvswitch-pod.patch Normal file
View File

@ -0,0 +1,48 @@
From 1a16da4ed0913c2de36b070326277a3aa555e376 Mon Sep 17 00:00:00 2001
From: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Date: Thu, 13 Jul 2023 16:35:40 -0300
Subject: [PATCH] Add ServiceAccount to openvswitch pod
This change includes back the the helm-toolkit snippet:
kubernetes_pod_rbac_serviceaccount to the openvswitch Daemonset
definition, since it is responsible for creating the POD's
ServiceAccount which contains imagePullSecrets that enable the POD to
retrieve images from private registries.
Originally openvswitch chart had two daemonset definitions: for the
db and for the server, but recently both were merged into a single
daemonset [1] and the template inclusion was dropped during this merge
[1] https://github.com/openstack/openstack-helm-infra/
commit/73e2b3322d3cc8ca4ee8453dd612266589d734b1
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Change-Id: I59ef955529a34020d4bba0da0b48d1f47e2e1039
---
openvswitch/templates/daemonset.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/openvswitch/templates/daemonset.yaml b/openvswitch/templates/daemonset.yaml
index 244ffb8e..bd37de14 100644
--- a/openvswitch/templates/daemonset.yaml
+++ b/openvswitch/templates/daemonset.yaml
@@ -56,6 +56,9 @@ exec:
{{- if .Values.manifests.daemonset }}
{{- $envAll := . }}
+
+{{- $serviceAccountName := "openvswitch-server" }}
+{{ tuple $envAll "vswitchd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: DaemonSet
@@ -257,4 +260,4 @@ It should be handled through lcore and pmd core masks. */}}
hostPath:
path: /sys/fs/cgroup
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
--
2.25.1

970
openstack-helm-infra/debian/deb_folder/patches/0017-Enable-taint-toleration-for-Openstack-services.patch
View File

@ -1,970 +0,0 @@
From 1be5f40cac3ebc759e99540d6355ef98b47b51f4 Mon Sep 17 00:00:00 2001
From: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Date: Wed, 6 Oct 2021 18:52:35 -0300
Subject: [PATCH] Enable taint toleration for Openstack services
This adds taint toleration support for openstack jobs
Also adds tolerations for:
- ceph-rgw
- gnocchi
- ingress
- libvirt
- mariadb
- memcached
- openvswitch
- rabbitmq
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I1c731c94e58895bd8bfc26d4300aac40a9111f12
---
ceph-rgw/values.yaml | 3 +++
gnocchi/templates/cron-job-resources-cleaner.yaml | 3 +++
gnocchi/templates/daemonset-metricd.yaml | 3 +++
gnocchi/templates/daemonset-statsd.yaml | 3 +++
gnocchi/templates/deployment-api.yaml | 3 +++
gnocchi/templates/job-bootstrap.yaml | 3 +++
gnocchi/templates/job-clean.yaml | 3 +++
gnocchi/templates/job-db-drop.yaml | 3 +++
gnocchi/templates/job-db-init-indexer.yaml | 3 +++
gnocchi/templates/job-db-init.yaml | 3 +++
gnocchi/templates/job-db-sync.yaml | 3 +++
gnocchi/templates/job-image-repo-sync.yaml | 3 +++
gnocchi/templates/job-ks-endpoints.yaml | 7 +++++--
gnocchi/templates/job-ks-service.yaml | 3 +++
gnocchi/templates/job-ks-user.yaml | 3 +++
gnocchi/templates/job-storage-init.yaml | 3 +++
gnocchi/templates/pod-gnocchi-test.yaml | 3 +++
gnocchi/values.yaml | 7 +++++++
helm-toolkit/templates/manifests/_job-bootstrap.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-db-init-mysql.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-db-sync.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-ks-endpoints.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-ks-service.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl | 4 ++++
helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl | 4 ++++
helm-toolkit/templates/manifests/_job_image_repo_sync.tpl | 4 ++++
ingress/templates/deployment-error.yaml | 3 +++
ingress/templates/deployment-ingress.yaml | 3 +++
ingress/templates/job-image-repo-sync.yaml | 3 +++
ingress/values.yaml | 7 +++++++
libvirt/templates/daemonset-libvirt.yaml | 3 +++
libvirt/templates/job-image-repo-sync.yaml | 3 +++
libvirt/values.yaml | 7 +++++++
mariadb/templates/cron-job-backup-mariadb.yaml | 3 +++
mariadb/templates/deployment-error.yaml | 3 +++
mariadb/templates/deployment-ingress.yaml | 3 +++
mariadb/templates/job-image-repo-sync.yaml | 3 +++
mariadb/templates/job-ks-user.yaml | 3 +++
mariadb/templates/pod-test.yaml | 3 +++
mariadb/templates/statefulset.yaml | 3 +++
mariadb/values.yaml | 7 +++++++
memcached/templates/deployment.yaml | 3 +++
memcached/templates/job-image-repo-sync.yaml | 3 +++
memcached/values.yaml | 7 +++++++
openvswitch/templates/daemonset-ovs-db.yaml | 3 +++
openvswitch/templates/daemonset-ovs-vswitchd.yaml | 3 +++
openvswitch/templates/job-image-repo-sync.yaml | 3 +++
openvswitch/values.yaml | 7 +++++++
rabbitmq/templates/job-cluster-wait.yaml | 3 +++
rabbitmq/templates/job-image-repo-sync.yaml | 3 +++
rabbitmq/templates/pod-test.yaml | 3 +++
rabbitmq/templates/statefulset.yaml | 3 +++
rabbitmq/values.yaml | 7 +++++++
56 files changed, 209 insertions(+), 2 deletions(-)
diff --git a/ceph-rgw/values.yaml b/ceph-rgw/values.yaml
index a5147856..d3f01e90 100644
--- a/ceph-rgw/values.yaml
+++ b/ceph-rgw/values.yaml
@@ -233,6 +233,9 @@ pod:
key: node.kubernetes.io/unreachable
operator: Exists
tolerationSeconds: 60
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
network_policy:
rgw:
diff --git a/gnocchi/templates/cron-job-resources-cleaner.yaml b/gnocchi/templates/cron-job-resources-cleaner.yaml
index 115fc4ff..db4e4848 100644
--- a/gnocchi/templates/cron-job-resources-cleaner.yaml
+++ b/gnocchi/templates/cron-job-resources-cleaner.yaml
@@ -48,6 +48,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 10 }}
+{{ end }}
initContainers:
{{ tuple $envAll "resources_cleaner" $mounts_gnocchi_resources_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
containers:
diff --git a/gnocchi/templates/daemonset-metricd.yaml b/gnocchi/templates/daemonset-metricd.yaml
index 40daa26a..cc5c0cd0 100644
--- a/gnocchi/templates/daemonset-metricd.yaml
+++ b/gnocchi/templates/daemonset-metricd.yaml
@@ -44,6 +44,9 @@ spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.metricd.node_selector_key }}: {{ .Values.labels.metricd.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "metricd" $mounts_gnocchi_metricd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ceph-keyring-placement
diff --git a/gnocchi/templates/daemonset-statsd.yaml b/gnocchi/templates/daemonset-statsd.yaml
index 68f8f080..4dfc304e 100644
--- a/gnocchi/templates/daemonset-statsd.yaml
+++ b/gnocchi/templates/daemonset-statsd.yaml
@@ -43,6 +43,9 @@ spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.statsd.node_selector_key }}: {{ .Values.labels.statsd.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "statsd" $mounts_gnocchi_statsd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ceph-keyring-placement
diff --git a/gnocchi/templates/deployment-api.yaml b/gnocchi/templates/deployment-api.yaml
index b41f0743..0cc687fa 100644
--- a/gnocchi/templates/deployment-api.yaml
+++ b/gnocchi/templates/deployment-api.yaml
@@ -47,6 +47,9 @@ spec:
{{ tuple $envAll "gnocchi" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }}
initContainers:
{{ tuple $envAll "api" $mounts_gnocchi_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
diff --git a/gnocchi/templates/job-bootstrap.yaml b/gnocchi/templates/job-bootstrap.yaml
index 5f3cfae5..d2dbc51e 100644
--- a/gnocchi/templates/job-bootstrap.yaml
+++ b/gnocchi/templates/job-bootstrap.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
{{- $bootstrapJob := dict "envAll" . "serviceName" "gnocchi" "keystoneUser" .Values.bootstrap.ks_user -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $bootstrapJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}
diff --git a/gnocchi/templates/job-clean.yaml b/gnocchi/templates/job-clean.yaml
index 3e294bf1..ce816cb3 100644
--- a/gnocchi/templates/job-clean.yaml
+++ b/gnocchi/templates/job-clean.yaml
@@ -63,6 +63,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "clean" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/gnocchi/templates/job-db-drop.yaml b/gnocchi/templates/job-db-drop.yaml
index 056a95f2..5f9be1ef 100644
--- a/gnocchi/templates/job-db-drop.yaml
+++ b/gnocchi/templates/job-db-drop.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if .Values.manifests.job_db_drop }}
{{- $dbDropJob := dict "envAll" . "serviceName" "gnocchi" -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $dbDropJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
{{- end }}
diff --git a/gnocchi/templates/job-db-init-indexer.yaml b/gnocchi/templates/job-db-init-indexer.yaml
index ab078043..d0932840 100644
--- a/gnocchi/templates/job-db-init-indexer.yaml
+++ b/gnocchi/templates/job-db-init-indexer.yaml
@@ -34,6 +34,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "db_init_postgresql" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/gnocchi/templates/job-db-init.yaml b/gnocchi/templates/job-db-init.yaml
index dace5342..99ac8e21 100644
--- a/gnocchi/templates/job-db-init.yaml
+++ b/gnocchi/templates/job-db-init.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if .Values.manifests.job_db_init }}
{{- $dbInitJob := dict "envAll" . "serviceName" "gnocchi" -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $dbInitJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
{{- end }}
diff --git a/gnocchi/templates/job-db-sync.yaml b/gnocchi/templates/job-db-sync.yaml
index 60391847..45a11110 100644
--- a/gnocchi/templates/job-db-sync.yaml
+++ b/gnocchi/templates/job-db-sync.yaml
@@ -34,6 +34,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ceph-keyring-placement
diff --git a/gnocchi/templates/job-image-repo-sync.yaml b/gnocchi/templates/job-image-repo-sync.yaml
index 4ace9b9f..f4c4d018 100644
--- a/gnocchi/templates/job-image-repo-sync.yaml
+++ b/gnocchi/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "gnocchi" -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/gnocchi/templates/job-ks-endpoints.yaml b/gnocchi/templates/job-ks-endpoints.yaml
index 2f5c0555..47809e94 100644
--- a/gnocchi/templates/job-ks-endpoints.yaml
+++ b/gnocchi/templates/job-ks-endpoints.yaml
@@ -13,6 +13,9 @@ limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
-{{- $ksServiceJob := dict "envAll" . "serviceName" "gnocchi" "serviceTypes" ( tuple "metric" ) -}}
-{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
+{{- $ksEndpointsJob := dict "envAll" . "serviceName" "gnocchi" "serviceTypes" ( tuple "metric" ) -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $ksEndpointsJob "tolerationsEnabled" true -}}
+{{- end -}}
+{{ $ksEndpointsJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}
diff --git a/gnocchi/templates/job-ks-service.yaml b/gnocchi/templates/job-ks-service.yaml
index 24c2935e..76070d6e 100644
--- a/gnocchi/templates/job-ks-service.yaml
+++ b/gnocchi/templates/job-ks-service.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if .Values.manifests.job_ks_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "gnocchi" "serviceTypes" ( tuple "metric" ) -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
{{- end }}
diff --git a/gnocchi/templates/job-ks-user.yaml b/gnocchi/templates/job-ks-user.yaml
index 371f6b35..1dd7e5a0 100644
--- a/gnocchi/templates/job-ks-user.yaml
+++ b/gnocchi/templates/job-ks-user.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if .Values.manifests.job_ks_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "gnocchi" -}}
+{{- if .Values.pod.tolerations.gnocchi.enabled -}}
+{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}
diff --git a/gnocchi/templates/job-storage-init.yaml b/gnocchi/templates/job-storage-init.yaml
index e2736a5e..e4114e22 100644
--- a/gnocchi/templates/job-storage-init.yaml
+++ b/gnocchi/templates/job-storage-init.yaml
@@ -62,6 +62,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
initContainers:
{{ tuple $envAll "storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ceph-keyring-placement
diff --git a/gnocchi/templates/pod-gnocchi-test.yaml b/gnocchi/templates/pod-gnocchi-test.yaml
index 9ceda014..8defdca1 100644
--- a/gnocchi/templates/pod-gnocchi-test.yaml
+++ b/gnocchi/templates/pod-gnocchi-test.yaml
@@ -32,6 +32,9 @@ metadata:
spec:
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.gnocchi.enabled }}
+{{ tuple $envAll "gnocchi" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: Never
initContainers:
diff --git a/gnocchi/values.yaml b/gnocchi/values.yaml
index 4ed1ba66..74cf0163 100644
--- a/gnocchi/values.yaml
+++ b/gnocchi/values.yaml
@@ -207,6 +207,13 @@ pod:
default: kubernetes.io/hostname
weight:
default: 10
+ tolerations:
+ gnocchi:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
mounts:
gnocchi_api:
init_container: null
diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.tpl b/helm-toolkit/templates/manifests/_job-bootstrap.tpl
index 3cc07cc6..5d98c8b7 100644
--- a/helm-toolkit/templates/manifests/_job-bootstrap.tpl
+++ b/helm-toolkit/templates/manifests/_job-bootstrap.tpl
@@ -23,6 +23,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $podVolMounts := index . "podVolMounts" | default false -}}
{{- $podVols := index . "podVols" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
@@ -67,6 +68,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
index 91fd5ad7..62ed1191 100644
--- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.tpl
@@ -28,6 +28,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
@@ -68,6 +69,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "db_drop" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
index b3348f57..745e8dab 100644
--- a/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.tpl
@@ -28,6 +28,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}}
@@ -68,6 +69,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "db_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-db-sync.tpl b/helm-toolkit/templates/manifests/_job-db-sync.tpl
index 03763430..24d2496d 100644
--- a/helm-toolkit/templates/manifests/_job-db-sync.tpl
+++ b/helm-toolkit/templates/manifests/_job-db-sync.tpl
@@ -23,6 +23,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
{{- $podVolMounts := index . "podVolMounts" | default false -}}
@@ -65,6 +66,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
index 2d130e13..3a7df7ff 100644
--- a/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
+++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.tpl
@@ -24,6 +24,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $secretBin := index . "secretBin" -}}
{{- $tlsSecret := index . "tlsSecret" | default "" -}}
@@ -68,6 +69,9 @@ spec:
restartPolicy: {{ $restartPolicy }}
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-ks-service.tpl b/helm-toolkit/templates/manifests/_job-ks-service.tpl
index 8347b580..a109e3cc 100644
--- a/helm-toolkit/templates/manifests/_job-ks-service.tpl
+++ b/helm-toolkit/templates/manifests/_job-ks-service.tpl
@@ -24,6 +24,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $secretBin := index . "secretBin" -}}
{{- $tlsSecret := index . "tlsSecret" | default "" -}}
@@ -68,6 +69,9 @@ spec:
restartPolicy: {{ $restartPolicy }}
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
index 80960f47..905eb71a 100644
--- a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl
@@ -45,6 +45,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
{{- $secretBin := index . "secretBin" -}}
@@ -68,6 +69,9 @@ spec:
restartPolicy: {{ $restartPolicy }}
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
index 7ecacced..69820642 100644
--- a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl
@@ -18,6 +18,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
{{- $secretBin := index . "secretBin" -}}
@@ -58,6 +59,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "rabbit_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
index 9dc28597..29cb9937 100644
--- a/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-s3-bucket.yaml.tpl
@@ -23,6 +23,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
{{- $secretBin := index . "secretBin" -}}
@@ -63,6 +64,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "s3_bucket" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
index 3dd407ea..50d9af59 100644
--- a/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
+++ b/helm-toolkit/templates/manifests/_job-s3-user.yaml.tpl
@@ -23,6 +23,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $configMapCeph := index . "configMapCeph" | default (printf "ceph-etc" ) -}}
{{- $secretBin := index . "secretBin" -}}
@@ -61,6 +62,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "s3_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: ceph-keyring-placement
diff --git a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
index 6fed825f..0906df4c 100644
--- a/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
+++ b/helm-toolkit/templates/manifests/_job_image_repo_sync.tpl
@@ -23,6 +23,7 @@ limitations under the License.
{{- $jobAnnotations := index . "jobAnnotations" -}}
{{- $jobLabels := index . "jobLabels" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $tolerationsEnabled := index . "tolerationsEnabled" | default false -}}
{{- $podVolMounts := index . "podVolMounts" | default false -}}
{{- $podVols := index . "podVols" | default false -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
@@ -60,6 +61,9 @@ spec:
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
+{{- if $tolerationsEnabled }}
+{{ tuple $envAll $serviceName | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{- end}}
initContainers:
{{ tuple $envAll "image_repo_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
diff --git a/ingress/templates/deployment-error.yaml b/ingress/templates/deployment-error.yaml
index 417e63d4..ccd6c3b3 100644
--- a/ingress/templates/deployment-error.yaml
+++ b/ingress/templates/deployment-error.yaml
@@ -49,6 +49,9 @@ spec:
{{ tuple $envAll "ingress" "error-pages" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value | quote }}
+{{ if $envAll.Values.pod.tolerations.ingress.enabled }}
+{{ tuple $envAll "ingress" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }}
initContainers:
{{ tuple $envAll "error_pages" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
diff --git a/ingress/templates/deployment-ingress.yaml b/ingress/templates/deployment-ingress.yaml
index c6aaf46a..780af3a3 100644
--- a/ingress/templates/deployment-ingress.yaml
+++ b/ingress/templates/deployment-ingress.yaml
@@ -206,6 +206,9 @@ spec:
affinity:
{{ tuple $envAll "ingress" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
{{- end }}
+{{ if $envAll.Values.pod.tolerations.ingress.enabled }}
+{{ tuple $envAll "ingress" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value | quote }}
{{- if .Values.network.host_namespace }}
diff --git a/ingress/templates/job-image-repo-sync.yaml b/ingress/templates/job-image-repo-sync.yaml
index c4841467..2132f9a3 100644
--- a/ingress/templates/job-image-repo-sync.yaml
+++ b/ingress/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ingress" -}}
+{{- if .Values.pod.tolerations.ingress.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/ingress/values.yaml b/ingress/values.yaml
index b70ec2a8..c326c15a 100644
--- a/ingress/values.yaml
+++ b/ingress/values.yaml
@@ -81,6 +81,13 @@ pod:
default: kubernetes.io/hostname
weight:
default: 10
+ tolerations:
+ ingress:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
dns_policy: "ClusterFirstWithHostNet"
replicas:
ingress: 1
diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml
index 2c0ccda8..4853d0c2 100644
--- a/libvirt/templates/daemonset-libvirt.yaml
+++ b/libvirt/templates/daemonset-libvirt.yaml
@@ -69,6 +69,9 @@ spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.agent.libvirt.node_selector_key }}: {{ .Values.labels.agent.libvirt.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.libvirt.enabled }}
+{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
hostNetwork: true
hostPID: true
hostIPC: true
diff --git a/libvirt/templates/job-image-repo-sync.yaml b/libvirt/templates/job-image-repo-sync.yaml
index d359d1aa..91d52820 100644
--- a/libvirt/templates/job-image-repo-sync.yaml
+++ b/libvirt/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}}
+{{- if .Values.pod.tolerations.libvirt.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/libvirt/values.yaml b/libvirt/values.yaml
index b6cab8db..f23299e9 100644
--- a/libvirt/values.yaml
+++ b/libvirt/values.yaml
@@ -137,6 +137,13 @@ pod:
default: kubernetes.io/hostname
weight:
default: 10
+ tolerations:
+ libvirt:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
dns_policy: "ClusterFirstWithHostNet"
mounts:
libvirt:
diff --git a/mariadb/templates/cron-job-backup-mariadb.yaml b/mariadb/templates/cron-job-backup-mariadb.yaml
index 660c6557..c004b5f5 100644
--- a/mariadb/templates/cron-job-backup-mariadb.yaml
+++ b/mariadb/templates/cron-job-backup-mariadb.yaml
@@ -52,6 +52,9 @@ spec:
{{ dict "envAll" $envAll "application" "mariadb_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 10 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
initContainers:
diff --git a/mariadb/templates/deployment-error.yaml b/mariadb/templates/deployment-error.yaml
index ea085ae4..4f3b68bd 100644
--- a/mariadb/templates/deployment-error.yaml
+++ b/mariadb/templates/deployment-error.yaml
@@ -47,6 +47,9 @@ spec:
{{ dict "envAll" $envAll "application" "error_pages" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
{{ tuple $envAll "mariadb" "ingress-error-pages" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }}
diff --git a/mariadb/templates/deployment-ingress.yaml b/mariadb/templates/deployment-ingress.yaml
index add8501c..a9fc9896 100644
--- a/mariadb/templates/deployment-ingress.yaml
+++ b/mariadb/templates/deployment-ingress.yaml
@@ -234,6 +234,9 @@ spec:
{{ dict "envAll" $envAll "application" "ingress" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
{{ tuple $envAll "mariadb" "ingress" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.ingress.node_selector_key }}: {{ .Values.labels.ingress.node_selector_value }}
terminationGracePeriodSeconds: 60
diff --git a/mariadb/templates/job-image-repo-sync.yaml b/mariadb/templates/job-image-repo-sync.yaml
index 3c2b5d21..2121a397 100644
--- a/mariadb/templates/job-image-repo-sync.yaml
+++ b/mariadb/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mariadb" -}}
+{{- if .Values.pod.tolerations.mariadb.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/mariadb/templates/job-ks-user.yaml b/mariadb/templates/job-ks-user.yaml
index 99b384d6..fddf8858 100644
--- a/mariadb/templates/job-ks-user.yaml
+++ b/mariadb/templates/job-ks-user.yaml
@@ -16,5 +16,8 @@ limitations under the License.
{{- $backoffLimit := .Values.jobs.ks_user.backoffLimit }}
{{- $activeDeadlineSeconds := .Values.jobs.ks_user.activeDeadlineSeconds }}
{{- $ksUserJob := dict "envAll" . "serviceName" "mariadb" "configMapBin" "mariadb-bin" "backoffLimit" $backoffLimit "activeDeadlineSeconds" $activeDeadlineSeconds -}}
+{{- if .Values.pod.tolerations.mariadb.enabled -}}
+{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}
diff --git a/mariadb/templates/pod-test.yaml b/mariadb/templates/pod-test.yaml
index 940430a9..98bac8c8 100644
--- a/mariadb/templates/pod-test.yaml
+++ b/mariadb/templates/pod-test.yaml
@@ -33,6 +33,9 @@ spec:
shareProcessNamespace: true
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "tests" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
restartPolicy: Never
diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml
index d2d1c2e3..0a3fb15d 100644
--- a/mariadb/templates/statefulset.yaml
+++ b/mariadb/templates/statefulset.yaml
@@ -106,6 +106,9 @@ spec:
{{ dict "envAll" $envAll "application" "server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
{{ tuple $envAll "mariadb" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+{{ if $envAll.Values.pod.tolerations.mariadb.enabled }}
+{{ tuple $envAll "mariadb" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }}
initContainers:
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index b86bf925..c355d42a 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -135,6 +135,13 @@ pod:
default: kubernetes.io/hostname
weight:
default: 10
+ tolerations:
+ mariadb:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
replicas:
server: 3
ingress: 2
diff --git a/memcached/templates/deployment.yaml b/memcached/templates/deployment.yaml
index fc827495..0aa5f8ee 100644
--- a/memcached/templates/deployment.yaml
+++ b/memcached/templates/deployment.yaml
@@ -50,6 +50,9 @@ spec:
{{ tuple $envAll "memcached" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value | quote }}
+{{ if $envAll.Values.pod.tolerations.memcached.enabled }}
+{{ tuple $envAll "memcached" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.memcached.timeout | default "30" }}
initContainers:
{{ tuple $envAll "memcached" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
diff --git a/memcached/templates/job-image-repo-sync.yaml b/memcached/templates/job-image-repo-sync.yaml
index e2438d7e..ae519ff0 100644
--- a/memcached/templates/job-image-repo-sync.yaml
+++ b/memcached/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "memcached" -}}
+{{- if .Values.pod.tolerations.memcached.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/memcached/values.yaml b/memcached/values.yaml
index 889f8cb3..f03a6901 100644
--- a/memcached/values.yaml
+++ b/memcached/values.yaml
@@ -142,6 +142,13 @@ pod:
default: preferredDuringSchedulingIgnoredDuringExecution
weight:
default: 10
+ tolerations:
+ memcached:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
lifecycle:
upgrades:
deployments:
diff --git a/openvswitch/templates/daemonset-ovs-db.yaml b/openvswitch/templates/daemonset-ovs-db.yaml
index 8e8af636..17c343b4 100644
--- a/openvswitch/templates/daemonset-ovs-db.yaml
+++ b/openvswitch/templates/daemonset-ovs-db.yaml
@@ -59,6 +59,9 @@ spec:
{{ dict "envAll" $envAll "application" "openvswitch_db_server" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.openvswitch.enabled }}
+{{ tuple $envAll "openvswitch" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
dnsPolicy: {{ .Values.pod.dns_policy }}
hostNetwork: true
initContainers:
diff --git a/openvswitch/templates/daemonset-ovs-vswitchd.yaml b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
index d86d466a..97507b49 100644
--- a/openvswitch/templates/daemonset-ovs-vswitchd.yaml
+++ b/openvswitch/templates/daemonset-ovs-vswitchd.yaml
@@ -72,6 +72,9 @@ spec:
{{ dict "envAll" $envAll "application" "openvswitch_vswitchd" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
nodeSelector:
{{ .Values.labels.ovs.node_selector_key }}: {{ .Values.labels.ovs.node_selector_value }}
+{{ if $envAll.Values.pod.tolerations.openvswitch.enabled }}
+{{ tuple $envAll "openvswitch" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
dnsPolicy: {{ .Values.pod.dns_policy }}
hostNetwork: true
initContainers:
diff --git a/openvswitch/templates/job-image-repo-sync.yaml b/openvswitch/templates/job-image-repo-sync.yaml
index 4d1058ed..765061c3 100644
--- a/openvswitch/templates/job-image-repo-sync.yaml
+++ b/openvswitch/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "openvswitch" -}}
+{{- if .Values.pod.tolerations.openvswitch.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/openvswitch/values.yaml b/openvswitch/values.yaml
index de6169a1..c953a899 100644
--- a/openvswitch/values.yaml
+++ b/openvswitch/values.yaml
@@ -37,6 +37,13 @@ labels:
node_selector_value: enabled
pod:
+ tolerations:
+ openvswitch:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
probes:
ovs_db:
ovs_db:
diff --git a/rabbitmq/templates/job-cluster-wait.yaml b/rabbitmq/templates/job-cluster-wait.yaml
index b309e6e5..131cf456 100644
--- a/rabbitmq/templates/job-cluster-wait.yaml
+++ b/rabbitmq/templates/job-cluster-wait.yaml
@@ -50,6 +50,9 @@ spec:
{{ dict "envAll" $envAll "application" "cluster_wait" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ $envAll.Values.labels.jobs.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value | quote }}
initContainers:
diff --git a/rabbitmq/templates/job-image-repo-sync.yaml b/rabbitmq/templates/job-image-repo-sync.yaml
index 4875ed44..8fd379f9 100644
--- a/rabbitmq/templates/job-image-repo-sync.yaml
+++ b/rabbitmq/templates/job-image-repo-sync.yaml
@@ -14,5 +14,8 @@ limitations under the License.
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "rabbitmq" -}}
+{{- if .Values.pod.tolerations.rabbitmq.enabled -}}
+{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
+{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}
diff --git a/rabbitmq/templates/pod-test.yaml b/rabbitmq/templates/pod-test.yaml
index 2ee00d5d..a1d9639f 100644
--- a/rabbitmq/templates/pod-test.yaml
+++ b/rabbitmq/templates/pod-test.yaml
@@ -42,6 +42,9 @@ metadata:
spec:
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
serviceAccountName: {{ $serviceAccountName }}
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
+{{ end }}
nodeSelector:
{{ $envAll.Values.labels.test.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value | quote }}
restartPolicy: Never
diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml
index 578ea357..eebc8379 100644
--- a/rabbitmq/templates/statefulset.yaml
+++ b/rabbitmq/templates/statefulset.yaml
@@ -103,6 +103,9 @@ spec:
serviceAccountName: {{ $rcControllerName | quote }}
affinity:
{{ tuple $envAll "rabbitmq" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+{{ if $envAll.Values.pod.tolerations.rabbitmq.enabled }}
+{{ tuple $envAll "rabbitmq" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
+{{ end }}
nodeSelector:
{{ $envAll.Values.labels.server.node_selector_key }}: {{ $envAll.Values.labels.server.node_selector_value | quote }}
initContainers:
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
index c593966f..4e1f7328 100644
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@@ -112,6 +112,13 @@ pod:
default: kubernetes.io/hostname
weight:
default: 10
+ tolerations:
+ rabbitmq:
+ enabled: false
+ tolerations:
+ - key: node-role.kubernetes.io/master
+ operator: Exists
+ effect: NoSchedule
replicas:
server: 2
prometheus_rabbitmq_exporter: 1
--
2.17.1

66
openstack-helm-infra/debian/deb_folder/patches/0019-Add-force_boot-command-to-rabbit-start-template.patch
View File

@ -1,66 +0,0 @@
From a0206d9626323ed4ef57bd4ecc072e3f96aa043a Mon Sep 17 00:00:00 2001
From: Maik Catrinque <maik.wandercatrinqueandrade@windriver.com>
Date: Fri, 14 Jan 2022 15:07:40 -0300
Subject: [PATCH] Add force_boot command to rabbit start template
Currently, if a multi-node cluster is shut down unexpectedly,
RabbitMQ is not able to boot and sync with the other nodes.
The purpose of this change is to add the possibility to use the
rabbitmqctl force_boot command to recover RabbitMQ cluster from
an unexpected shut down.
Test plan:
PASS: Shutdown and start a multi-node RabbitMQ cluster
Regression:
PASS: OpenStack can be applied successfully
PASS: RabbitMQ nodes can join the RabbitMQ cluster
Story: 2009784
Task: 44290
Ref:
[0] https://www.rabbitmq.com/rabbitmqctl.8.html#force_boot
Signed-off-by: Maik Catrinque <maik.wandercatrinqueandrade@windriver.com>
Co-authored-by: Andrew Martins Carletti <Andrew.MartinsCarletti@windriver.com>
Change-Id: I56e966ea64e8881ba436213f0c9e1cbe547098e3
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windrive.com>
---
rabbitmq/templates/bin/_rabbitmq-start.sh.tpl | 3 +++
rabbitmq/values.yaml | 6 ++++++
2 files changed, 9 insertions(+)
diff --git a/rabbitmq/templates/bin/_rabbitmq-start.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-start.sh.tpl
index 794f0919..4ef849fd 100644
--- a/rabbitmq/templates/bin/_rabbitmq-start.sh.tpl
+++ b/rabbitmq/templates/bin/_rabbitmq-start.sh.tpl
@@ -94,4 +94,7 @@ if ! [ "${POD_INCREMENT}" -eq "0" ] && ! [ -d "/var/lib/rabbitmq/mnesia" ] ; the
rm -fv /tmp/rabbit-disable-readiness /tmp/rabbit-disable-liveness-probe
fi
+{{- if .Values.forceBoot.enabled }}
+if [ "${POD_INCREMENT}" -eq "0" ] && [ -d "/var/lib/rabbitmq/mnesia/${RABBITMQ_NODENAME}" ]; then rabbitmqctl force_boot; fi
+{{- end}}
exec rabbitmq-server
diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml
index 90ed6d21..65a9526e 100644
--- a/rabbitmq/values.yaml
+++ b/rabbitmq/values.yaml
@@ -46,6 +46,12 @@ images:
- dep_check
- image_repo_sync
+# forceBoot: executes 'rabbitmqctl force_boot' to force boot on
+# cluster shut down unexpectedly in an unknown order.
+# ref: https://www.rabbitmq.com/rabbitmqctl.8.html#force_boot
+forceBoot:
+ enabled: false
+
pod:
probes:
readiness:
--
2.25.1

70
openstack-helm-infra/debian/deb_folder/patches/0023-Update-RabbitMQ-probes.patch
View File

@ -1,70 +0,0 @@
From 3a76480c003dc6c1a522fba1c70278bad04930c2 Mon Sep 17 00:00:00 2001
From: Roy Tang <rt7380@att.com>
Date: Fri, 13 Aug 2021 19:08:21 -0400
Subject: [PATCH] Update RabbitMQ probes
The current health check that is used for readiness and liveness
probes is considered intrusive and is prompt to produce false
positives[0]. The command is also deprecated and will be removed
in future version. Updating the probes based on current
recommenation from community[1].
Ref:
[0] https://www.rabbitmq.com/monitoring.html#deprecations
[1] https://www.rabbitmq.com/monitoring.html#health-checks
Change-Id: I83750731150ff9a276f59e3c1288129581fceba5
---
rabbitmq/Chart.yaml | 2 +-
rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl | 3 +--
rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl | 2 +-
releasenotes/notes/rabbitmq.yaml | 1 +
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/rabbitmq/Chart.yaml b/rabbitmq/Chart.yaml
index 79b0daff..061ead2d 100644
--- a/rabbitmq/Chart.yaml
+++ b/rabbitmq/Chart.yaml
@@ -15,6 +15,6 @@ apiVersion: v1
appVersion: v3.7.26
description: OpenStack-Helm RabbitMQ
name: rabbitmq
-version: 0.1.13
+version: 0.1.14
home: https://github.com/rabbitmq/rabbitmq-server
...
diff --git a/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
index 943209aa..d07626b2 100644
--- a/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
+++ b/rabbitmq/templates/bin/_rabbitmq-liveness.sh.tpl
@@ -19,6 +19,5 @@ set -e
if [ -f /tmp/rabbit-disable-liveness-probe ]; then
exit 0
else
- timeout 5 bash -c "true &>/dev/null </dev/tcp/${MY_POD_IP}/${PORT_AMPQ}"
- exec rabbitmqctl node_health_check
+ exec rabbitmq-diagnostics -q check_port_connectivity
fi
diff --git a/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl b/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
index 6184b35c..14ef11cd 100644
--- a/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
+++ b/rabbitmq/templates/bin/_rabbitmq-readiness.sh.tpl
@@ -19,5 +19,5 @@ set -e
if [ -f /tmp/rabbit-disable-readiness ]; then
exit 1
else
- exec rabbitmqctl node_health_check
+ exec rabbitmq-diagnostics ping
fi
diff --git a/releasenotes/notes/rabbitmq.yaml b/releasenotes/notes/rabbitmq.yaml
index 95bf38e5..cdc2841d 100644
--- a/releasenotes/notes/rabbitmq.yaml
+++ b/releasenotes/notes/rabbitmq.yaml
@@ -13,4 +13,5 @@ rabbitmq:
- 0.1.11 Add TLS support for helm test
- 0.1.12 Added helm hook post-install and post-upgrade for rabbitmq wait cluster job
- 0.1.13 Add prestop action and version 3.8.x upgrade prep
+ - 0.1.14 Update readiness and liveness probes
...
--
2.17.1

604
openstack-helm-infra/debian/deb_folder/patches/0024-Update-openstack-Ingress-for-networking-api-v1.patch
View File

@ -1,604 +0,0 @@
From 04ef9a7ff789aeda4e2e80ae6bc70beb80507d6b Mon Sep 17 00:00:00 2001
From: Rafael Falcao <rafael.vieirafalcao@windriver.com>
Date: Mon, 18 Jul 2022 09:42:01 -0300
Subject: [PATCH] Update openstack Ingress for networking api v1
This change patches the correct apiVersion for Ingress resources created
by the openstack ingress chart to work correctly when stx-openstack is
applied on stx with kubernetes 1.22+ running, fixing the problem
described in [1].
Same applies to spec changes that need to be done according to
io.k8s.api.networking.v1.IngressBackend documentation.
It could be done by upversioning openstack-helm-infra to its latest
commit (currently 1147988b8eba6ab7d1e7af262843f641be6657ff) but this
upversion has a different series of complications that are being
discussed in [2]
[1] https://bugs.launchpad.net/starlingx/+bug/1980397
[2] https://review.opendev.org/c/starlingx/openstack-armada-app/+/848336
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Co-authored-by: Rafael Falcao <rafael.vieirafalcao@windriver.com>
Change-Id: I0bbecc097fdafdf5ebbc3a164b80ba903b5623f2
---
helm-toolkit/templates/manifests/_ingress.tpl | 180 ++++++++++++------
ingress/templates/deployment-ingress.yaml | 3 +-
ingress/templates/ingress.yaml | 18 +-
ingress/values.yaml | 2 +-
mariadb/files/nginx.tmpl | 38 ++--
mariadb/templates/deployment-ingress.yaml | 4 +-
mariadb/values.yaml | 2 +-
7 files changed, 172 insertions(+), 75 deletions(-)
diff --git a/helm-toolkit/templates/manifests/_ingress.tpl b/helm-toolkit/templates/manifests/_ingress.tpl
index 2d62a170..c1693aa4 100644
--- a/helm-toolkit/templates/manifests/_ingress.tpl
+++ b/helm-toolkit/templates/manifests/_ingress.tpl
@@ -62,7 +62,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
return: |
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -76,25 +76,34 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican-namespace-fqdn
@@ -112,11 +121,14 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican-cluster-fqdn
@@ -134,9 +146,12 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- values: |
network:
api:
@@ -182,7 +197,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" ) -}}
return: |
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -202,23 +217,32 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- values: |
cert_issuer_type: issuer
network:
@@ -273,7 +297,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer" ) -}}
return: |
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -295,23 +319,32 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- values: |
network:
@@ -366,7 +399,7 @@ examples:
{{- include "helm-toolkit.manifests.ingress" ( dict "envAll" . "backendServiceType" "key-manager" "backendPort" "b-api" "endpoint" "public" "certIssuer" "ca-issuer") -}}
return: |
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: barbican
@@ -388,23 +421,32 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
- host: barbican.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: barbican-api
- servicePort: b-api
+ service:
+ name: barbican-api
+ port:
+ name: b-api
# Sample usage for multiple DNS names associated with the same public
# endpoint and certificate
- values: |
@@ -441,7 +483,7 @@ examples:
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
return: |
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana
@@ -455,25 +497,34 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
- host: grafana.default
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
- host: grafana.default.svc.cluster.local
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana-namespace-fqdn
@@ -492,18 +543,24 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
- host: grafana-alt.openstackhelm.example
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
---
- apiVersion: networking.k8s.io/v1beta1
+ apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: grafana-cluster-fqdn
@@ -522,16 +579,22 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
- host: grafana-alt.openstackhelm.example
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: grafana-dashboard
- servicePort: dashboard
+ service:
+ name: grafana-dashboard
+ port:
+ name: dashboard
*/}}
@@ -543,9 +606,16 @@ examples:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: {{ $backendName }}
- servicePort: {{ $backendPort }}
+ service:
+ name: {{ $backendName }}
+ port:
+{{- if or (kindIs "int" $backendPort) (regexMatch "^[0-9]{1,5}$" $backendPort) }}
+ number: {{ $backendPort | int }}
+{{- else }}
+ name: {{ $backendPort | quote }}
+{{- end }}
{{- end }}
{{- define "helm-toolkit.manifests.ingress" -}}
@@ -564,7 +634,7 @@ examples:
{{- $certIssuerType = $envAll.Values.cert_issuer_type }}
{{- end }}
---
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $ingressName }}
@@ -618,7 +688,7 @@ spec:
{{- range $key2, $ingressController := tuple "namespace" "cluster" }}
{{- $vHosts := list $hostNameFull }}
---
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ printf "%s-%s-%s" $ingressName $ingressController "fqdn" }}
diff --git a/ingress/templates/deployment-ingress.yaml b/ingress/templates/deployment-ingress.yaml
index 780af3a3..508e58ed 100644
--- a/ingress/templates/deployment-ingress.yaml
+++ b/ingress/templates/deployment-ingress.yaml
@@ -68,6 +68,7 @@ rules:
- "networking.k8s.io"
resources:
- ingresses
+ - ingressclasses
verbs:
- get
- list
@@ -113,7 +114,7 @@ rules:
resources:
- configmaps
resourceNames:
- - {{ printf "%s-%s" .Release.Name .Values.conf.controller.INGRESS_CLASS | quote }}
+ - {{ printf "%s" .Release.Name | quote }}
verbs:
- get
- update
diff --git a/ingress/templates/ingress.yaml b/ingress/templates/ingress.yaml
index ecc275e8..3c39f180 100644
--- a/ingress/templates/ingress.yaml
+++ b/ingress/templates/ingress.yaml
@@ -16,10 +16,13 @@ limitations under the License.
{{- $envAll := . }}
{{- if eq .Values.deployment.mode "namespace" }}
{{- if empty (index .Values.network.ingress.annotations "kubernetes.io/ingress.class") -}}
-{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" .Values.deployment.cluster.class -}}
+{{- $ingressClassName := "nginx" -}}
+{{- $_ := set .Values.network.ingress.annotations "kubernetes.io/ingress.class" $ingressClassName -}}
{{- end -}}
+{{- $serviceName := tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}
+{{- $servicePort := tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" -}}
---
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Namespace }}-{{ .Release.Name }}
@@ -31,8 +34,15 @@ spec:
http:
paths:
- path: /
+ pathType: ImplementationSpecific
backend:
- serviceName: {{ tuple "ingress" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
- servicePort: {{ tuple "ingress" "internal" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ service:
+ name: {{ $serviceName }}
+ port:
+{{- if or (kindIs "int" $servicePort) (regexMatch "^[0-9]{1,5}$" $servicePort) }}
+ number: {{ $servicePort | int }}
+{{- else }}
+ name: {{ $servicePort | quote }}
+{{- end }}
{{- end }}
{{- end }}
diff --git a/ingress/values.yaml b/ingress/values.yaml
index c326c15a..d966f7f3 100644
--- a/ingress/values.yaml
+++ b/ingress/values.yaml
@@ -25,7 +25,7 @@ deployment:
images:
tags:
entrypoint: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
- ingress: k8s.gcr.io/ingress-nginx/controller:v0.42.0
+ ingress: k8s.gcr.io/ingress-nginx/controller:v1.1.1
ingress_module_init: docker.io/openstackhelm/neutron:stein-ubuntu_bionic
ingress_routed_vip: docker.io/openstackhelm/neutron:stein-ubuntu_bionic
error_pages: k8s.gcr.io/defaultbackend:1.4
diff --git a/mariadb/files/nginx.tmpl b/mariadb/files/nginx.tmpl
index fc069b2f..aec6efa3 100644
--- a/mariadb/files/nginx.tmpl
+++ b/mariadb/files/nginx.tmpl
@@ -280,12 +280,21 @@ http {
client_header_buffer_size {{ $cfg.ClientHeaderBufferSize }};
client_header_timeout {{ $cfg.ClientHeaderTimeout }}s;
large_client_header_buffers {{ $cfg.LargeClientHeaderBuffers }};
- client_body_buffer_size {{ $cfg.ClientBodyBufferSize }};
+ # NOTE: obsolete directive. removed.
+ #client_body_buffer_size {{ $cfg.ClientBodyBufferSize }};
client_body_timeout {{ $cfg.ClientBodyTimeout }}s;
- http2_max_field_size {{ $cfg.HTTP2MaxFieldSize }};
- http2_max_header_size {{ $cfg.HTTP2MaxHeaderSize }};
- http2_max_requests {{ $cfg.HTTP2MaxRequests }};
+ # NOTE: the "http2_max_field_size" directive is obsolete,
+ # use the "large_client_header_buffers" directive instead
+ #http2_max_field_size {{ $cfg.HTTP2MaxFieldSize }};
+
+ # NOTE: the "http2_max_header_size" directive is obsolete,
+ # use the "large_client_header_buffers" directive instead
+ #http2_max_header_size {{ $cfg.HTTP2MaxHeaderSize }};
+
+ # NOTE: the "http2_max_requests" directive is obsolete,
+ # use the "keepalive_requests" directive instead
+ #http2_max_requests {{ $cfg.HTTP2MaxRequests }};
http2_max_concurrent_streams {{ $cfg.HTTP2MaxConcurrentStreams }};
types_hash_max_size 2048;
@@ -669,8 +678,11 @@ http {
}
location /configuration {
- client_max_body_size {{ luaConfigurationRequestBodySize $cfg }}m;
- client_body_buffer_size {{ luaConfigurationRequestBodySize $cfg }}m;
+ # NOTE: obsolete directive. removed.
+ #client_max_body_size {{ luaConfigurationRequestBodySize $cfg }}m;
+
+ # NOTE: obsolete directive. removed.
+ #client_body_buffer_size {{ luaConfigurationRequestBodySize $cfg }}m;
proxy_buffering off;
content_by_lua_block {
@@ -1053,10 +1065,12 @@ stream {
proxy_ssl_server_name on;
proxy_pass_request_headers on;
{{ if isValidByteSize $location.Proxy.BodySize true }}
- client_max_body_size {{ $location.Proxy.BodySize }};
+ # NOTE: obsolete directive. removed.
+ #client_max_body_size {{ $location.Proxy.BodySize }};
{{ end }}
{{ if isValidByteSize $location.ClientBodyBufferSize false }}
- client_body_buffer_size {{ $location.ClientBodyBufferSize }};
+ # NOTE: obsolete directive. removed.
+ #client_body_buffer_size {{ $location.ClientBodyBufferSize }};
{{ end }}
# Pass the extracted client certificate to the auth provider
@@ -1102,7 +1116,7 @@ stream {
set $service_port {{ $ing.ServicePort | quote }};
set $location_path {{ $ing.Path | escapeLiteralDollar | quote }};
- {{ buildOpentracingForLocation $all.Cfg.EnableOpentracing $location }}
+ {{ buildOpentracingForLocation $all.Cfg.EnableOpentracing true $location }}
{{ if $location.Mirror.Source }}
mirror {{ $location.Mirror.Source }};
@@ -1217,10 +1231,12 @@ stream {
{{ buildInfluxDB $location.InfluxDB }}
{{ if isValidByteSize $location.Proxy.BodySize true }}
- client_max_body_size {{ $location.Proxy.BodySize }};
+ # NOTE: obsolete directive. removed.
+ #client_max_body_size {{ $location.Proxy.BodySize }};
{{ end }}
{{ if isValidByteSize $location.ClientBodyBufferSize false }}
- client_body_buffer_size {{ $location.ClientBodyBufferSize }};
+ # NOTE: obsolete directive. removed.
+ #client_body_buffer_size {{ $location.ClientBodyBufferSize }};
{{ end }}
{{/* By default use vhost as Host to upstream, but allow overrides */}}
diff --git a/mariadb/templates/deployment-ingress.yaml b/mariadb/templates/deployment-ingress.yaml
index a9fc9896..9834c64f 100644
--- a/mariadb/templates/deployment-ingress.yaml
+++ b/mariadb/templates/deployment-ingress.yaml
@@ -15,7 +15,7 @@ limitations under the License.
{{- if .Values.manifests.deployment_ingress }}
{{- $envAll := . }}
-{{- $ingressClass := printf "%s-%s" .Release.Name "mariadb-ingress" }}
+{{- $ingressClass := printf "%s" "mariadb-ingress" }}
{{- $serviceAccountName := printf "%s-%s" .Release.Name "ingress" }}
{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
@@ -156,7 +156,7 @@ rules:
- apiGroups:
- ""
resourceNames:
- - {{ printf "%s-%s" .Release.Name $ingressClass | quote }}
+ - {{ printf "%s" .Release.Name | quote }}
resources:
- configmaps
verbs:
diff --git a/mariadb/values.yaml b/mariadb/values.yaml
index df6b9f84..dcef171e 100644
--- a/mariadb/values.yaml
+++ b/mariadb/values.yaml
@@ -21,7 +21,7 @@ release_group: null
images:
tags:
mariadb: docker.io/openstackhelm/mariadb:latest-ubuntu_focal
- ingress: k8s.gcr.io/ingress-nginx/controller:v0.42.0
+ ingress: k8s.gcr.io/ingress-nginx/controller:v1.1.1
error_pages: k8s.gcr.io/defaultbackend:1.4
prometheus_create_mysql_user: docker.io/library/mariadb:10.5.9-focal
prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.12.1
--
2.25.1

29
openstack-helm-infra/debian/deb_folder/patches/0025-Update-templates-syntax-for-fluxcd-helm-v3.patch
View File

@ -1,29 +0,0 @@
From cd93bff5ca808e5a58c10f5f7e9b882357188923 Mon Sep 17 00:00:00 2001
From: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Date: Mon, 8 Aug 2022 16:42:03 -0300
Subject: [PATCH] Update templates syntax for fluxcd helm v3
The code changes here are needed in order for the stx-openstack
application to work after the FluxCD migration.
Some parsing/rendering differences were noticed between
Armada (helmv2) and FluxCD (helmv3).
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
---
mariadb/templates/configmap-services-tcp.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mariadb/templates/configmap-services-tcp.yaml b/mariadb/templates/configmap-services-tcp.yaml
index 5b3a7afd..0cd6cb1e 100644
--- a/mariadb/templates/configmap-services-tcp.yaml
+++ b/mariadb/templates/configmap-services-tcp.yaml
@@ -20,5 +20,5 @@ kind: ConfigMap
metadata:
name: mariadb-services-tcp
data:
- {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}: "{{ .Release.Namespace }}/{{ tuple "oslo_db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}:{{ tuple "oslo_db" "direct" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
+ {{ tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{ .Release.Namespace }}/{{ tuple "oslo_db" "direct" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}:{{ tuple "oslo_db" "direct" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}"
{{- end }}
--
2.25.1

33
openstack-helm-infra/debian/deb_folder/patches/series
View File

@ -1,19 +1,16 @@
0001-Add-imagePullSecrets-in-service-account.patch
0003-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
0004-Fix-pod-restarts-on-all-workers-when-worker-added-re.patch
0005-Add-io_thread_pool-for-rabbitmq.patch
0006-Enable-override-of-rabbitmq-probe-parameters.patch
0009-Enable-override-of-mariadb-server-probe-parameters.patch
0011-Add-mariadb-database-config-override-to-support-ipv6.patch
0012-enable-Values.conf.database.config_override-for-mari.patch
0013-Allow-set-public-endpoint-url-for-all-openstack-types.patch
0017-Enable-taint-toleration-for-Openstack-services.patch
0018-Add-GaleraDB-Secure-Replica-Traffic.patch
0019-Add-force_boot-command-to-rabbit-start-template.patch
0020-Fix-tls-in-openstack-helm-infra.patch
0021-Remove-mariadb-tls.patch
0022-Remove-rabbitmq-tls.patch
0023-Update-RabbitMQ-probes.patch
0024-Update-openstack-Ingress-for-networking-api-v1.patch
0025-Update-templates-syntax-for-fluxcd-helm-v3.patch
0026-Update-libvirt-configuration-script-for-Debian.patch
0002-Partial-revert-of-31e3469d28858d7b5eb6355e88b6f49fd6.patch
0003-Fix-pod-restarts-on-all-workers-when-worker-added.patch
0004-Add-io_thread_pool-for-rabbitmq.patch
0005-Enable-override-of-rabbitmq-probe-parameters.patch
0006-Enable-override-of-mariadb-server-probe-parameters.patch
0007-Add-mariadb-database-config-override-to-support-ipv6.patch
0008-Enable-Values.conf.database.config_override-for-mari.patch
0009-Allow-set-public-endpoint-url-for-all-openstack-types.patch
0010-Add-GaleraDB-Secure-Replica-Traffic.patch
0011-Fix-tls-in-openstack-helm-infra.patch
0012-Remove-mariadb-tls.patch
0013-Remove-rabbitmq-tls.patch
0014-Update-openstack-Ingress-for-networking-api-v1.patch
0015-Update-libvirt-configuration-script-for-Debian.patch
0016-Add-ServiceAccount-to-openvswitch-pod.patch

6
openstack-helm-infra/debian/deb_folder/rules
View File

@ -8,10 +8,6 @@ export HELM_FOLDER = $(ROOT)/usr/lib/helm
dh $@
override_dh_auto_build:
# Host a server for the helm charts.
chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="." &
sleep 2
helm repo add local http://localhost:8879/charts
# Create the chart TGZ files.
make helm-toolkit
make gnocchi
@ -22,8 +18,6 @@ override_dh_auto_build:
make openvswitch
make rabbitmq
make ceph-rgw
# Terminate the helm chart server.
pkill chartmuseum
override_dh_auto_install:
# Install the chart tar files.

9
openstack-helm-infra/debian/meta_data.yaml
View File

@ -2,9 +2,10 @@
debname: openstack-helm-infra
debver: 1.0-1
dl_path:
name: openstack-helm-infra-8351fdd0f1228717342c2accc96977b0cdc36dc3.tar.gz
url: https://github.com/openstack/openstack-helm-infra/archive/8351fdd0f1228717342c2accc96977b0cdc36dc3.tar.gz
md5sum: 0ce0b49b041689860383eaa528c304c6
name: openstack-helm-infra-6b6ca9e26c5193e1920f65adfac2fd4b15c2f341.tar.gz
url: https://github.com/openstack/openstack-helm-infra/archive/6b6ca9e26c5193e1920f65adfac2fd4b15c2f341.tar.gz
md5sum: 45cb758230a82ab64d618f92f10c676b
sha256sum: d290a8622f985912bee98d0a63e458cbb75080384414303d7472782442fff2b7
src_files:
- files/repositories.yaml
revision:
@ -12,4 +13,4 @@ revision:
PKG_GITREVCOUNT: true
GITREVCOUNT:
BASE_SRCREV: fbf8dd7772c43978d1b5a79c1358d64adf857c9e
SRC_DIR: ${MY_REPO}/stx/openstack-armada-app/openstack-helm-infra/files
SRC_DIR: ${MY_REPO}/stx/openstack-armada-app/openstack-helm-infra/files

2
openstack-helm/debian/deb_folder/rules
View File

@ -5,7 +5,7 @@ export ROOT = debian/tmp
export APP_FOLDER = $(ROOT)/usr/lib/helm
export HELM_FOLDER=/usr/lib/helm
export TOOLKIT_VERSION = 0.2.19
export TOOLKIT_VERSION = 0.2.53
%:
dh $@

2
stx-openstack-helm-fluxcd/debian/deb_folder/rules
View File

@ -5,7 +5,7 @@ export ROOT = debian/tmp
export APP_FOLDER = $(ROOT)/usr/lib/application
export FLUXCD_FOLDER = $(ROOT)/usr/lib/fluxcd
export HELM_FOLDER = /usr/lib/helm
export TOOLKIT_VERSION = 0.2.19
export TOOLKIT_VERSION = 0.2.53
%:
dh $@

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/ceph-rgw/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: ceph-rgw
version: 0.1.15
version: 0.1.27
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/gnocchi/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: gnocchi
version: 0.1.2
version: 0.1.10
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/ingress/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: ingress
version: 0.2.3
version: 0.2.15
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/ingress/ingress-static-overrides.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -15,6 +15,8 @@ labels:
node_selector_value: enabled
images:
tags:
ingress: registry.k8s.io/ingress-nginx/controller:v1.7.0
error_pages: registry.k8s.io/defaultbackend-amd64:1.5
image_repo_sync: null
ingress_module_init: null
ingress_routed_vip: null

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/libvirt/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: libvirt
version: 0.1.7
version: 0.1.20
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/mariadb/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: mariadb
version: 0.2.5
version: 0.2.31
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/mariadb/mariadb-static-overrides.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -20,6 +20,8 @@ labels:
node_selector_value: enabled
images:
tags:
ingress: registry.k8s.io/ingress-nginx/controller:v1.7.0
error_pages: registry.k8s.io/defaultbackend-amd64:1.5
image_repo_sync: null
prometheus_mysql_exporter: null
prometheus_mysql_exporter_helm_tests: null

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/memcached/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: memcached
version: 0.1.4
version: 0.1.13
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/openvswitch/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: openvswitch
version: 0.1.5
version: 0.1.14
sourceRef:
kind: HelmRepository
name: starlingx

4
stx-openstack-helm-fluxcd/stx-openstack-helm-fluxcd/manifests/rabbitmq/helmrelease.yaml
View File

@ -1,5 +1,5 @@
#
# Copyright (c) 2022 Wind River Systems, Inc.
# Copyright (c) 2022-2023 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
@ -16,7 +16,7 @@ spec:
chart:
spec:
chart: rabbitmq
version: 0.1.14
version: 0.1.27
sourceRef:
kind: HelmRepository
name: starlingx