Add keystone-api-proxy helm charts and overrides
This update adds the required helm charts, manifest and overrides to deploy the containerized keystone-api-proxy. It also configures the required chart groups for openstack services running on System Controller. Story: 2004766 Task: 30454 Change-Id: I3a8ac1f1ca811b3004c42a13c9bcab61e1c2f405 Signed-off-by: Tao Liu <tao.liu@windriver.com>
This commit is contained in:
parent
71720ae2f2
commit
e962470e7e
|
@ -59,6 +59,7 @@ make nova-api-proxy
|
|||
make rbd-provisioner
|
||||
make garbd
|
||||
make ceph-pools-audit
|
||||
make keystone-api-proxy
|
||||
|
||||
# terminate helm server (the last backgrounded task)
|
||||
kill %1
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
apiVersion: v1
|
||||
appVersion: "1.0"
|
||||
description: StarlingX-Helm keystone-api-proxy
|
||||
name: keystone-api-proxy
|
||||
version: 0.1.0
|
|
@ -0,0 +1,10 @@
|
|||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
dependencies:
|
||||
- name: helm-toolkit
|
||||
repository: http://localhost:8879/charts
|
||||
version: 0.1.0
|
|
@ -0,0 +1,35 @@
|
|||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
|
||||
# Get service id
|
||||
OS_SERVICE_ID=$( openstack service list -c Type -c ID -f value | \
|
||||
grep ${OS_SERVICE_TYPE} | cut -f1 -d" " )
|
||||
|
||||
# Check if endpoint exists
|
||||
OS_ENDPOINT_ID=$( openstack endpoint list --service ${OS_SERVICE_TYPE} \
|
||||
--region ${OS_SERVICE_REGION} \
|
||||
--interface ${OS_SVC_ENDPOINT} -c ID -f value )
|
||||
|
||||
# Delete the old endpoint
|
||||
if [[ -v $OS_ENDPOINT_ID ]]; then
|
||||
openstack endpoint delete ${OS_ENDPOINT_ID}
|
||||
fi
|
||||
|
||||
# Create the new endpoint
|
||||
OS_ENDPOINT_ID=$( openstack endpoint create -f value -c id \
|
||||
--region=${OS_SERVICE_REGION} \
|
||||
"${OS_SERVICE_ID}" \
|
||||
${OS_SVC_ENDPOINT} \
|
||||
"${OS_SERVICE_ENDPOINT}" )
|
||||
|
||||
# Display the Endpoint
|
||||
openstack endpoint show ${OS_ENDPOINT_ID}
|
|
@ -0,0 +1,13 @@
|
|||
#!/bin/bash
|
||||
|
||||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
set -ex
|
||||
|
||||
dcorch-api-proxy --config-file=/etc/dcorch/dcorch.conf --type identity
|
|
@ -0,0 +1,21 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.configmap_bin }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-api-proxy-bin
|
||||
data:
|
||||
keystone-api-proxy.sh: |
|
||||
{{ tuple "bin/_keystone-api-proxy.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
endpoint-update.sh: |
|
||||
{{ tuple "bin/_endpoint-update.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
{{- end }}
|
|
@ -0,0 +1,28 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- define "keystone_proxy.configmap.etc" }}
|
||||
{{- $envAll := index . 1 }}
|
||||
{{- with $envAll }}
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: keystone-api-proxy-etc
|
||||
data:
|
||||
dcorch.conf: |
|
||||
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone_api_proxy | indent 4 }}
|
||||
api-paste.ini : |
|
||||
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | indent 4 }}
|
||||
logging.conf: |
|
||||
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
{{- list "keystone-proxy-etc" . | include "keystone_proxy.configmap.etc" }}
|
||||
{{- end }}
|
|
@ -0,0 +1,88 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.deployment_api_proxy }}
|
||||
{{- $envAll := . }}
|
||||
|
||||
{{- $mounts_keystone_api_proxy := .Values.pod.mounts.keystone_api_proxy.keystone_api_proxy }}
|
||||
{{- $mounts_keystone_api_proxy_init := .Values.pod.mounts.keystone_api_proxy.init_container }}
|
||||
|
||||
{{- $serviceAccountName := "keystone-api-proxy" }}
|
||||
{{ tuple $envAll "keystone-api-proxy" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: keystone-api-proxy
|
||||
labels:
|
||||
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
spec:
|
||||
replicas: {{ .Values.pod.replicas.proxy }}
|
||||
selector:
|
||||
matchLabels:
|
||||
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
|
||||
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
annotations:
|
||||
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
affinity:
|
||||
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||
nodeSelector:
|
||||
{{ .Values.labels.keystone_api_proxy.node_selector_key }}: {{ .Values.labels.keystone_api_proxy.node_selector_value }}
|
||||
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.keystone_api_proxy.timeout | default "30" }}
|
||||
initContainers:
|
||||
{{ tuple $envAll "api" $mounts_keystone_api_proxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
- name: keystone-api-proxy
|
||||
{{ tuple $envAll "keystone_api_proxy" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.keystone_api_proxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
runAsUser: {{ .Values.pod.user.keystone_api_proxy.uid }}
|
||||
command:
|
||||
- /tmp/keystone-api-proxy.sh
|
||||
ports:
|
||||
- name: ks-proxy
|
||||
containerPort: {{ tuple "keystone_api_proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "keystone_api_proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
volumeMounts:
|
||||
- name: keystone-api-proxy-bin
|
||||
mountPath: /tmp/keystone-api-proxy.sh
|
||||
subPath: keystone-api-proxy.sh
|
||||
readOnly: true
|
||||
- name: keystone-api-proxy-etc
|
||||
mountPath: /etc/dcorch/dcorch.conf
|
||||
subPath: dcorch.conf
|
||||
readOnly: true
|
||||
- name: keystone-api-proxy-etc
|
||||
mountPath: /etc/dcorch/logging.conf
|
||||
subPath: logging.conf
|
||||
readOnly: true
|
||||
- name: keystone-api-proxy-etc
|
||||
mountPath: /etc/dcorch/api-paste.ini
|
||||
subPath: api-paste.ini
|
||||
readOnly: true
|
||||
{{ if $mounts_keystone_api_proxy.volumeMounts }}{{ toYaml $mounts_keystone_api_proxy.volumeMounts | indent 12 }}{{ end }}
|
||||
volumes:
|
||||
- name: keystone-api-proxy-bin
|
||||
configMap:
|
||||
name: keystone-api-proxy-bin
|
||||
defaultMode: 0777
|
||||
- name: keystone-api-proxy-etc
|
||||
configMap:
|
||||
name: keystone-api-proxy-etc
|
||||
defaultMode: 0777
|
||||
{{ if $mounts_keystone_api_proxy.volumes}}{{ toYaml $mounts_keystone_api_proxy.volumes | indent 8 }}{{ end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,13 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
|
||||
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "keystone-api-proxy" -}}
|
||||
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
|
||||
{{- end }}
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.ingress_api .Values.network.keystone_api_proxy.ingress.public }}
|
||||
{{- $ingressOpts := dict "envAll" . "backendService" "keystone_api_proxy" "backendServiceType" "keystone_api_proxy" "backendPort" "ks-api-proxy" -}}
|
||||
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
||||
{{- end }}
|
|
@ -0,0 +1,75 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.job_ks_endpoints }}
|
||||
{{- $envAll := . }}
|
||||
{{- $serviceName := "keystone-api-proxy" }}
|
||||
{{- $serviceRegion := $envAll.Values.endpoints.keystone_api_proxy.region_name }}
|
||||
{{- $nodeSelector := dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value -}}
|
||||
{{- $configMapBin := printf "%s-%s" $serviceName "bin" }}
|
||||
|
||||
{{- $serviceAccountName := printf "%s-%s" $serviceName "ks-endpoints" }}
|
||||
{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
|
||||
---
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
metadata:
|
||||
name: {{ printf "%s-%s" $serviceName "ks-endpoints" | quote }}
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
{{ tuple $envAll $serviceName "ks-endpoints" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
spec:
|
||||
serviceAccountName: {{ $serviceAccountName }}
|
||||
restartPolicy: OnFailure
|
||||
nodeSelector:
|
||||
{{ toYaml $nodeSelector | indent 8 }}
|
||||
initContainers:
|
||||
{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
containers:
|
||||
{{- range $key1, $osServiceType := tuple "identity" }}
|
||||
{{- range $key2, $osRealServiceType := tuple "keystone_api_proxy" }}
|
||||
{{- range $key3, $osServiceEndPoint := tuple "admin" "internal" "public" }}
|
||||
- name: {{ printf "%s-%s-%s" "keystone-proxy" "ks-endpoints" $osServiceEndPoint | quote }}
|
||||
image: {{ $envAll.Values.images.tags.ks_endpoints }}
|
||||
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
|
||||
{{- $osServiceRegion := $serviceRegion }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_endpoints | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
command:
|
||||
- /tmp/endpoint-update.sh
|
||||
volumeMounts:
|
||||
- name: endpoint-update-sh
|
||||
mountPath: /tmp/endpoint-update.sh
|
||||
subPath: endpoint-update.sh
|
||||
readOnly: true
|
||||
env:
|
||||
{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
|
||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||
{{- end }}
|
||||
- name: OS_SVC_ENDPOINT
|
||||
value: {{ $osServiceEndPoint | quote }}
|
||||
- name: OS_SERVICE_NAME
|
||||
value: {{ tuple $osServiceType $envAll | include "helm-toolkit.endpoints.keystone_endpoint_name_lookup" }}
|
||||
- name: OS_SERVICE_TYPE
|
||||
value: {{ $osServiceType | quote }}
|
||||
- name: OS_SERVICE_ENDPOINT
|
||||
value: {{ tuple $osRealServiceType $osServiceEndPoint "api" $envAll | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | quote }}
|
||||
- name: OS_SERVICE_REGION
|
||||
value: {{ $osServiceRegion | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
volumes:
|
||||
- name: endpoint-update-sh
|
||||
configMap:
|
||||
name: {{ $configMapBin | quote }}
|
||||
defaultMode: 0555
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,11 @@
|
|||
{{/*
|
||||
#
|
||||
#Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
#SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_ingress_tls }}
|
||||
{{ include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "keystone_api_proxy" ) }}
|
||||
{{- end }}
|
|
@ -0,0 +1,22 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.secret_keystone }}
|
||||
{{- $envAll := . }}
|
||||
{{- range $key1, $userClass := tuple "admin" }}
|
||||
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ $secretName }}
|
||||
type: Opaque
|
||||
data:
|
||||
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
|
||||
{{- end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,12 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if and .Values.manifests.service_ingress_api .Values.network.keystone_api_proxy.ingress.public }}
|
||||
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "keystone_api_proxy" -}}
|
||||
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
|
||||
{{- end }}
|
|
@ -0,0 +1,31 @@
|
|||
{{/*
|
||||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
*/}}
|
||||
|
||||
{{- if .Values.manifests.service_api }}
|
||||
{{- $envAll := . }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ tuple "keystone-api-proxy" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||
spec:
|
||||
ports:
|
||||
- name: ks-api-proxy
|
||||
port: {{ tuple "keystone-api-proxy" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
{{ if .Values.network.keystone_api_proxy.node_port.enabled }}
|
||||
nodePort: {{ .Values.network.keystone_api_proxy.node_port.port }}
|
||||
{{ end }}
|
||||
selector:
|
||||
{{ tuple $envAll "dcorch" "keystone-api-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
||||
{{ if .Values.network.keystone_api_proxy.node_port.enabled }}
|
||||
type: NodePort
|
||||
{{ if .Values.network.keystone_api_proxy.external_policy_local }}
|
||||
externalTrafficPolicy: Local
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{- end }}
|
|
@ -0,0 +1,274 @@
|
|||
#
|
||||
# Copyright (c) 2019 Wind River Systems, Inc.
|
||||
#
|
||||
# SPDX-License-Identifier: Apache-2.0
|
||||
#
|
||||
|
||||
# Default values for keystone-api-proxy.
|
||||
# This is a YAML-formatted file.
|
||||
# Declare variables to be passed into your templates.
|
||||
|
||||
replicaCount: 1
|
||||
|
||||
labels:
|
||||
keystone_api_proxy:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
job:
|
||||
node_selector_key: openstack-control-plane
|
||||
node_selector_value: enabled
|
||||
|
||||
images:
|
||||
tags:
|
||||
ks_endpoints: docker.io/openstackhelm/heat:pike
|
||||
keystone_api_proxy: docker.io/starlingx/stx-keystone-api-proxy:master-centos-stable-latest
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
pullPolicy: IfNotPresent
|
||||
local_registry:
|
||||
active: false
|
||||
exclude:
|
||||
- dep_check
|
||||
- image_repo_sync
|
||||
|
||||
network:
|
||||
keystone_api_proxy:
|
||||
ingress:
|
||||
public: true
|
||||
classes:
|
||||
namespace: "nginx"
|
||||
cluster: "nginx-cluster"
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
||||
external_policy_local: false
|
||||
node_port:
|
||||
enabled: false
|
||||
port: 25000
|
||||
|
||||
conf:
|
||||
keystone_api_proxy:
|
||||
DEFAULT:
|
||||
log_config_append: /etc/dcorch/logging.conf
|
||||
api_paste_config: api-paste.ini
|
||||
debug: False
|
||||
use_syslog: False
|
||||
transport_url: rabbit://guest:guess@127.0.0.1:5672
|
||||
database:
|
||||
connection: postgresql+psycopg2://admin-dcorch:admin-dcorch@127.0.0.1/dcorch
|
||||
identity:
|
||||
bind_host: 0.0.0.0
|
||||
bind_port: 25000
|
||||
remote_host: keystone-api.openstack.svc.cluster.local
|
||||
remote_port: 5000
|
||||
|
||||
paste:
|
||||
pipeline:dcorch-api-proxy:
|
||||
pipeline: filter acceptor proxyapp
|
||||
filter:filter:
|
||||
paste.filter_factory: dcorch.api.proxy.apps.filter:ApiFiller.factory
|
||||
filter:acceptor:
|
||||
paste.filter_factory: dcorch.api.proxy.apps.acceptor:Acceptor.factory
|
||||
app:proxyapp:
|
||||
paste.app_factory: dcorch.api.proxy.apps.proxy:Proxy.factory
|
||||
|
||||
logging:
|
||||
loggers:
|
||||
keys:
|
||||
- root
|
||||
- dcorch
|
||||
handlers:
|
||||
keys:
|
||||
- stdout
|
||||
- stderr
|
||||
- "null"
|
||||
formatters:
|
||||
keys:
|
||||
- context
|
||||
- default
|
||||
logger_root:
|
||||
level: WARNING
|
||||
handlers: null
|
||||
logger_dcorch:
|
||||
level: INFO
|
||||
handlers:
|
||||
- stdout
|
||||
qualname: dcorch
|
||||
logger_amqp:
|
||||
level: INFO
|
||||
handlers: stdout
|
||||
qualname: amqp
|
||||
logger_amqplib:
|
||||
level: INFO
|
||||
handlers: stdout
|
||||
qualname: amqplib
|
||||
logger_eventletwsgi:
|
||||
level: WARNING
|
||||
handlers: stderr
|
||||
qualname: eventlet.wsgi.server
|
||||
logger_sqlalchemy:
|
||||
level: WARNING
|
||||
handlers: stderr
|
||||
qualname: sqlalchemy
|
||||
logger_boto:
|
||||
level: WARNING
|
||||
handlers: stderr
|
||||
qualname: boto
|
||||
handler_null:
|
||||
class: logging.NullHandler
|
||||
formatter: default
|
||||
args: ()
|
||||
handler_stdout:
|
||||
class: StreamHandler
|
||||
args: (sys.stdout,)
|
||||
formatter: context
|
||||
handler_stderr:
|
||||
class: StreamHandler
|
||||
args: (sys.stderr,)
|
||||
formatter: context
|
||||
formatter_context:
|
||||
class: oslo_log.formatters.ContextFormatter
|
||||
formatter_default:
|
||||
format: "%(message)s"
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
common:
|
||||
local_image_registry:
|
||||
jobs:
|
||||
- image-repo-sync
|
||||
services:
|
||||
- endpoint: node
|
||||
service: local_image_registry
|
||||
static:
|
||||
ks_endpoints:
|
||||
services:
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
|
||||
|
||||
endpoints:
|
||||
cluster_domain_suffix: cluster.local
|
||||
local_image_registry:
|
||||
name: docker-registry
|
||||
namespace: docker-registry
|
||||
hosts:
|
||||
default: localhost
|
||||
internal: docker-registry
|
||||
node: localhost
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
port:
|
||||
registry:
|
||||
node: 5000
|
||||
identity:
|
||||
name: keystone
|
||||
auth:
|
||||
admin:
|
||||
region_name: RegionOne
|
||||
username: admin
|
||||
password: password
|
||||
project_name: admin
|
||||
user_domain_name: default
|
||||
project_domain_name: default
|
||||
hosts:
|
||||
default: keystone
|
||||
internal: keystone-api
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path:
|
||||
default: /v3
|
||||
scheme:
|
||||
default: http
|
||||
port:
|
||||
api:
|
||||
default: 80
|
||||
internal: 5000
|
||||
keystone_api_proxy:
|
||||
name: keystone-proxy
|
||||
region_name: SystemController
|
||||
hosts:
|
||||
default: keystone-api-proxy
|
||||
public: keystone-proxy
|
||||
host_fqdn_override:
|
||||
default: null
|
||||
path:
|
||||
default: /v3
|
||||
scheme:
|
||||
default: 'http'
|
||||
port:
|
||||
api:
|
||||
default: 25000
|
||||
public: 80
|
||||
|
||||
pod:
|
||||
user:
|
||||
keystone_api_proxy:
|
||||
uid: 0
|
||||
affinity:
|
||||
anti:
|
||||
type:
|
||||
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||
topologyKey:
|
||||
default: kubernetes.io/hostname
|
||||
mounts:
|
||||
keystone_api_proxy:
|
||||
init_container: null
|
||||
keystone_api_proxy:
|
||||
replicas:
|
||||
proxy: 1
|
||||
lifecycle:
|
||||
upgrades:
|
||||
deployments:
|
||||
revision_history: 3
|
||||
pod_replacement_strategy: RollingUpdate
|
||||
rolling_update:
|
||||
max_unavailable: 1
|
||||
max_surge: 3
|
||||
disruption_budget:
|
||||
keystone_api_proxy:
|
||||
min_available: 0
|
||||
termination_grace_period:
|
||||
keystone_api_proxy:
|
||||
timeout: 60
|
||||
resources:
|
||||
enabled: false
|
||||
keystone_api_proxy:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
jobs:
|
||||
ks_endpoints:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
cpu: "100m"
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
|
||||
secrets:
|
||||
identity:
|
||||
admin: dcorch-keystone-admin
|
||||
tls:
|
||||
keystone_api_proxy:
|
||||
keystone_api_proxy:
|
||||
public: keystone-api-proxy-tls-public
|
||||
|
||||
manifests:
|
||||
configmap_bin: true
|
||||
configmap_etc: true
|
||||
deployment_api_proxy: true
|
||||
ingress_api: true
|
||||
secret_keystone: true
|
||||
service_api: true
|
||||
service_ingress_api: true
|
||||
job_ks_endpoints: true
|
||||
|
||||
resources: {}
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
affinity: {}
|
|
@ -426,6 +426,46 @@ data:
|
|||
- helm-toolkit
|
||||
---
|
||||
schema: armada/Chart/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: openstack-keystone-api-proxy
|
||||
data:
|
||||
chart_name: keystone-api-proxy
|
||||
release: openstack-keystone-api-proxy
|
||||
namespace: openstack
|
||||
wait:
|
||||
timeout: 1800
|
||||
labels:
|
||||
release_group: osh-openstack-keystone-api-proxy
|
||||
test:
|
||||
enabled: false
|
||||
install:
|
||||
no_hooks: false
|
||||
upgrade:
|
||||
no_hooks: false
|
||||
pre:
|
||||
delete:
|
||||
- type: job
|
||||
labels:
|
||||
release_group: osh-openstack-keystone-api-proxy
|
||||
- type: pod
|
||||
labels:
|
||||
release_group: osh-openstack-keystone-api-proxy
|
||||
component: test
|
||||
values:
|
||||
images:
|
||||
tags:
|
||||
keystone_api_proxy: docker.io/starlingx/stx-keystone-api-proxy:master-centos-stable-latest
|
||||
ks_endpoints: docker.io/starlingx/stx-heat:master-centos-stable-latest
|
||||
source:
|
||||
type: tar
|
||||
location: http://172.17.0.1/helm_charts/keystone-api-proxy-0.1.0.tgz
|
||||
subpath: keystone-api-proxy
|
||||
reference: master
|
||||
dependencies:
|
||||
- helm-toolkit
|
||||
---
|
||||
schema: armada/Chart/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: openstack-barbican
|
||||
|
@ -3006,6 +3046,16 @@ data:
|
|||
- openstack-keystone
|
||||
---
|
||||
schema: armada/ChartGroup/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: openstack-keystone-api-proxy
|
||||
data:
|
||||
description: "Deploy keystone api proxy"
|
||||
sequenced: true
|
||||
chart_group:
|
||||
- openstack-keystone-api-proxy
|
||||
---
|
||||
schema: armada/ChartGroup/v1
|
||||
metadata:
|
||||
schema: metadata/Document/v1
|
||||
name: openstack-barbican
|
||||
|
|
Loading…
Reference in New Issue