Cinder chart updates for volume backup and image caching

Pull in the two upstream changes since the last chart rebase and cherry pick the newly proposed changes for enabling Cinder volume backups. The following changes will be dropped on the next chart rebase: - Adding a cinder internal tenant to support image-volume caching - Allow configuring the RBD application name for volumes and backups Change-Id: I2d3e7d5440b55e0e9e3d053f645fc162736bbde6 Story: 2004520 Task: 33631 Signed-off-by: Robert Church <robert.church@windriver.com>
2019-06-08 22:29:54 -04:00 · 2019-06-08 22:29:54 -04:00 · ea876f584e
commit ea876f584e
parent 241a30e016
5 changed files with 644 additions and 1 deletions
--- a/openstack-helm/centos/build_srpm.data
+++ b/openstack-helm/centos/build_srpm.data
@ -5,4 +5,4 @@ TAR="$TAR_NAME-$SHA.tar.gz"

 COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* "

-TIS_PATCH_VER=16
+TIS_PATCH_VER=17
--- a/openstack-helm/centos/openstack-helm.spec
+++ b/openstack-helm/centos/openstack-helm.spec
@ -30,6 +30,9 @@ Patch08: 0008-Neutron-Add-support-for-disabling-Readiness-Liveness.patch
 Patch09: 0009-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch
 Patch10: 0010-Ironic-Add-pxe-boot-support-for-centos-image.patch
 Patch11: 0011-Use-nova-s-ping-method-to-find-out-if-the-service-is.patch
+Patch12: 0012-Add-internal-tenant-id-in-conf.patch
+Patch13: 0013-cinder-allow-configuring-the-rbd-app-name.patch
+Patch14: 0014-Cinder-Support-backup-driver-specification-by-module.patch

 BuildRequires: helm
 BuildRequires: openstack-helm-infra
@ -51,6 +54,9 @@ Openstack Helm charts
 %patch09 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1

 %build
 # initialize helm and build the toolkit
--- a/openstack-helm/files/0012-Add-internal-tenant-id-in-conf.patch
+++ b/openstack-helm/files/0012-Add-internal-tenant-id-in-conf.patch
@ -0,0 +1,307 @@
+From 1fa207d2a503e508f48407881b06e0beaa15b1fa Mon Sep 17 00:00:00 2001
+From: Liang Fang <liang.a.fang@intel.com>
+Date: Mon, 25 Mar 2019 10:29:42 -0400
+Subject: [PATCH 12/14] Add internal tenant id in conf
+
+Cinder raw cache feature requires internal tenant id be set in
+/etc/cinder/cinder.conf, something like:
+
+cinder_internal_tenant_project_id = b7455b8974bb4064ad247c8f375eae6c
+cinder_internal_tenant_user_id = f46924c112a14c80ab0a24a613d95eef
+
+This patch get or create if not exist intenal user id and project id, and then
+set in cinder.conf
+
+reference: Cinder cache feature:
+https://docs.openstack.org/cinder/latest/admin/blockstorage-image-volume-cache.html
+
+Story: 2004869
+Task: 29121
+Change-Id: I07954d2efa905a56ca8482d0ec147534c97d01ea
+Signed-off-by: Liang Fang <liang.a.fang@intel.com>
+(cherry picked from commit d1c8e778a733539695d89c21ed4746265e0f1edf)
+Signed-off-by: Robert Church <robert.church@windriver.com>
+---
+ cinder/templates/bin/_cinder-volume.sh.tpl         |  3 +-
+ .../bin/_create-internal-tenant-id.sh.tpl          | 31 ++++++++
+ .../bin/_retrieve-internal-tenant-id.sh.tpl        | 32 +++++++++
+ cinder/templates/configmap-bin.yaml                |  4 ++
+ cinder/templates/deployment-volume.yaml            | 31 ++++++++
+ cinder/templates/job-create-internal-tenant.yaml   | 83 ++++++++++++++++++++++
+ cinder/values.yaml                                 |  4 ++
+ 7 files changed, 187 insertions(+), 1 deletion(-)
+ create mode 100755 cinder/templates/bin/_create-internal-tenant-id.sh.tpl
+ create mode 100755 cinder/templates/bin/_retrieve-internal-tenant-id.sh.tpl
+ create mode 100644 cinder/templates/job-create-internal-tenant.yaml
+
+diff --git a/cinder/templates/bin/_cinder-volume.sh.tpl b/cinder/templates/bin/_cinder-volume.sh.tpl
+index 64aa3828..a248f352 100644
+--- a/cinder/templates/bin/_cinder-volume.sh.tpl
+++ b/cinder/templates/bin/_cinder-volume.sh.tpl
+@@ -19,4 +19,5 @@ limitations under the License.
+ set -ex
+ exec cinder-volume \
+      --config-file /etc/cinder/cinder.conf \
+-     --config-file /etc/cinder/conf/backends.conf
+     --config-file /etc/cinder/conf/backends.conf \
+     --config-file /tmp/pod-shared/internal_tenant.conf
+diff --git a/cinder/templates/bin/_create-internal-tenant-id.sh.tpl b/cinder/templates/bin/_create-internal-tenant-id.sh.tpl
+new file mode 100755
+index 00000000..10582564
+--- /dev/null
+++ b/cinder/templates/bin/_create-internal-tenant-id.sh.tpl
+@@ -0,0 +1,31 @@
+#!/bin/bash
+
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+
+USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \
+    --domain="${PROJECT_DOMAIN_ID}" \
+    "${INTERNAL_PROJECT_NAME}");
+
+USER_ID=$(openstack user create --or-show --enable -f value -c id \
+    --domain="${USER_DOMAIN_ID}" \
+    --project-domain="${PROJECT_DOMAIN_ID}" \
+    --project="${USER_PROJECT_ID}" \
+    "${INTERNAL_USER_NAME}");
+
+diff --git a/cinder/templates/bin/_retrieve-internal-tenant-id.sh.tpl b/cinder/templates/bin/_retrieve-internal-tenant-id.sh.tpl
+new file mode 100755
+index 00000000..b85f69fd
+--- /dev/null
+++ b/cinder/templates/bin/_retrieve-internal-tenant-id.sh.tpl
+@@ -0,0 +1,32 @@
+#!/bin/bash
+
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+
+USER_PROJECT_ID=$(openstack project show -f value -c id \
+    "${INTERNAL_PROJECT_NAME}");
+
+USER_ID=$(openstack user show -f value -c id \
+    "${INTERNAL_USER_NAME}");
+
+tee /tmp/pod-shared/internal_tenant.conf <<EOF
+[DEFAULT]
+cinder_internal_tenant_project_id = ${USER_PROJECT_ID}
+cinder_internal_tenant_user_id = ${USER_ID}
+EOF
+diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml
+index 0cfd6af2..df96fabf 100644
+--- a/cinder/templates/configmap-bin.yaml
+++ b/cinder/templates/configmap-bin.yaml
+@@ -41,6 +41,10 @@ data:
+ {{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
+   ks-user.sh: |
+ {{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
+  create-internal-tenant.sh: |
+{{ tuple "bin/_create-internal-tenant-id.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+  retrieve-internal-tenant.sh: |
+{{ tuple "bin/_retrieve-internal-tenant-id.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+   cinder-api.sh: |
+ {{ tuple "bin/_cinder-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+   cinder-backup.sh: |
+diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml
+index a34b4532..17902c02 100644
+--- a/cinder/templates/deployment-volume.yaml
+++ b/cinder/templates/deployment-volume.yaml
+@@ -90,6 +90,33 @@ spec:
+             - name: cinder-coordination
+               mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
+         {{ end }}
+        - name: init-cinder-conf
+          image: {{ .Values.images.tags.ks_user }}
+          imagePullPolicy: {{ .Values.images.pull_policy }}
+          securityContext:
+            runAsUser: 0
+          command:
+            - /tmp/retrieve-internal-tenant.sh
+          volumeMounts:
+            - name: cinder-bin
+              mountPath: /tmp/retrieve-internal-tenant.sh
+              subPath: retrieve-internal-tenant.sh
+              readOnly: true
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
+          env:
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
+{{- end }}
+            - name: INTERNAL_PROJECT_NAME
+              value: {{ .Values.conf.cinder.DEFAULT.internal_project_name | quote }}
+            - name: INTERNAL_USER_NAME
+              value: {{ .Values.conf.cinder.DEFAULT.internal_user_name | quote }}
+
+{{- with $env := dict "ksUserSecret" (index .Values.secrets.identity "cinder" ) }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
+{{- end }}
+
+       containers:
+         - name: cinder-volume
+ {{ tuple $envAll "cinder_volume" | include "helm-toolkit.snippets.image" | indent 10 }}
+@@ -102,6 +129,8 @@ spec:
+               mountPath: /tmp/cinder-volume.sh
+               subPath: cinder-volume.sh
+               readOnly: true
+            - name: pod-shared
+              mountPath: /tmp/pod-shared
+             - name: cinder-etc
+               mountPath: /etc/cinder/cinder.conf
+               subPath: cinder.conf
+@@ -168,6 +197,8 @@ spec:
+         {{- if include "cinder.utils.is_ceph_volume_configured" $envAll }}
+         - name: etcceph
+           emptyDir: {}
+        - name: pod-shared
+          emptyDir: {}
+         - name: ceph-etc
+           configMap:
+             name: {{ .Values.ceph_client.configmap }}
+diff --git a/cinder/templates/job-create-internal-tenant.yaml b/cinder/templates/job-create-internal-tenant.yaml
+new file mode 100644
+index 00000000..2371a922
+--- /dev/null
+++ b/cinder/templates/job-create-internal-tenant.yaml
+@@ -0,0 +1,83 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.job_create_internal_tenant }}
+{{- $envAll := . }}
+
+{{- $serviceName := "cinder" }}
+{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
+{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
+{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
+{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
+
+{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "create-internal-tenant" }}
+{{ tuple $envAll "create-internal-tenant" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ printf "%s-%s" $serviceUserPretty "create-internal-tenant" | quote }}
+spec:
+  template:
+    metadata:
+      labels:
+{{ tuple $envAll $serviceName "create-internal-tenant" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+    spec:
+      serviceAccountName: {{ $serviceAccountName | quote }}
+      restartPolicy: OnFailure
+      nodeSelector:
+{{ toYaml $nodeSelector | indent 8 }}
+      initContainers:
+{{ tuple $envAll "create_internal_tenant" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+      containers:
+        - name: create-internal-tenant
+          image: {{ $envAll.Values.images.tags.ks_user }}
+          imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
+{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+          command:
+            - /tmp/create-internal-tenant.sh
+          volumeMounts:
+            - name: create-internal-tenant-sh
+              mountPath: /tmp/create-internal-tenant.sh
+              subPath: create-internal-tenant.sh
+              readOnly: true
+          env:
+{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
+{{- end }}
+            - name: SERVICE_OS_SERVICE_NAME
+              value: {{ $serviceName | quote }}
+            - name: INTERNAL_PROJECT_NAME
+              value: {{ .Values.conf.cinder.DEFAULT.internal_project_name | quote }}
+            - name: INTERNAL_USER_NAME
+              value: {{ .Values.conf.cinder.DEFAULT.internal_user_name | quote }}
+
+{{- with $env := dict "ksUserSecret" (index $envAll.Values.secrets.identity $serviceUser ) }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 12 }}
+{{- end }}
+            - name: SERVICE_OS_ROLES
+            {{- $serviceOsRoles := index $envAll.Values.endpoints.identity.auth $serviceUser "role" }}
+            {{- if kindIs "slice" $serviceOsRoles }}
+              value: {{ include "helm-toolkit.utils.joinListWithComma" $serviceOsRoles | quote }}
+            {{- else }}
+              value: {{ $serviceOsRoles | quote }}
+            {{- end }}
+      volumes:
+        - name: create-internal-tenant-sh
+          configMap:
+            name: {{ $configMapBin | quote }}
+            defaultMode: 0555
+{{- end -}}
+diff --git a/cinder/values.yaml b/cinder/values.yaml
+index 0256bf3f..39027e9b 100644
+--- a/cinder/values.yaml
+++ b/cinder/values.yaml
+@@ -771,6 +771,9 @@ conf:
+       # Backup: Posix options
+       backup_posix_path: /var/lib/cinder/backup
+       auth_strategy: keystone
+      # Internal tenant id
+      internal_project_name: internal_cinder
+      internal_user_name: internal_cinder
+     database:
+       max_retries: -1
+     keystone_authtoken:
+@@ -1349,6 +1352,7 @@ manifests:
+   job_backup_storage_init: true
+   job_bootstrap: true
+   job_clean: true
+  job_create_internal_tenant: true
+   job_db_init: true
+   job_image_repo_sync: true
+   job_rabbit_init: true
+-- 
+2.16.5
+
--- a/openstack-helm/files/0013-cinder-allow-configuring-the-rbd-app-name.patch
+++ b/openstack-helm/files/0013-cinder-allow-configuring-the-rbd-app-name.patch
@ -0,0 +1,89 @@
+From 88656adf554e01d851c297533ceb1dced329bc2c Mon Sep 17 00:00:00 2001
+From: Itxaka <igarcia@suse.com>
+Date: Tue, 28 May 2019 13:21:40 +0200
+Subject: [PATCH 13/14] cinder: allow configuring the rbd app name
+
+Instead of hardcoding it, let us override it with
+custom values for normal volumes and backups
+
+Change-Id: I3abb343877abd0436c592a3371372f82ef581790
+(cherry picked from commit c38443de4c852e86fb9845777bd67657392835fc)
+Signed-off-by: Robert Church <robert.church@windriver.com>
+---
+ cinder/templates/bin/_backup-storage-init.sh.tpl | 2 +-
+ cinder/templates/bin/_storage-init.sh.tpl        | 2 +-
+ cinder/templates/job-backup-storage-init.yaml    | 2 ++
+ cinder/templates/job-storage-init.yaml           | 2 ++
+ cinder/values.yaml                               | 4 ++++
+ 5 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/cinder/templates/bin/_backup-storage-init.sh.tpl b/cinder/templates/bin/_backup-storage-init.sh.tpl
+index 52c8e6bf..af9886ad 100644
+--- a/cinder/templates/bin/_backup-storage-init.sh.tpl
+++ b/cinder/templates/bin/_backup-storage-init.sh.tpl
+@@ -44,7 +44,7 @@ elif [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.ceph" ]; then
+     ceph osd pool set $1 nosizechange ${size_protection}
+     ceph osd pool set $1 crush_rule "${RBD_POOL_CRUSH_RULE}"
+   }
+-  ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "cinder-backup"
+  ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} ${RBD_POOL_APP_NAME}
+ 
+   if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
+     echo "Cephx user client.${RBD_POOL_USER} already exists"
+diff --git a/cinder/templates/bin/_storage-init.sh.tpl b/cinder/templates/bin/_storage-init.sh.tpl
+index 9288ec5f..bbc31938 100644
+--- a/cinder/templates/bin/_storage-init.sh.tpl
+++ b/cinder/templates/bin/_storage-init.sh.tpl
+@@ -41,7 +41,7 @@ if [ "x$STORAGE_BACKEND" == "xcinder.volume.drivers.rbd.RBDDriver" ]; then
+     ceph osd pool set $1 nosizechange ${size_protection}
+     ceph osd pool set $1 crush_rule "${RBD_POOL_CRUSH_RULE}"
+   }
+-  ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "cinder-volume"
+  ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} ${RBD_POOL_APP_NAME}
+ 
+   if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
+     echo "Cephx user client.${RBD_POOL_USER} already exist."
+diff --git a/cinder/templates/job-backup-storage-init.yaml b/cinder/templates/job-backup-storage-init.yaml
+index a073940c..7b0e50e1 100644
+--- a/cinder/templates/job-backup-storage-init.yaml
+++ b/cinder/templates/job-backup-storage-init.yaml
+@@ -109,6 +109,8 @@ spec:
+             {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+             - name: RBD_POOL_NAME
+               value: {{ .Values.conf.cinder.DEFAULT.backup_ceph_pool | quote }}
+            - name: RBD_POOL_APP_NAME
+              value: {{ .Values.conf.software.rbd.rbd_pool_app_name_backup | quote }}
+             - name: RBD_POOL_USER
+               value: {{ .Values.conf.cinder.DEFAULT.backup_ceph_user | quote }}
+             - name: RBD_POOL_CRUSH_RULE
+diff --git a/cinder/templates/job-storage-init.yaml b/cinder/templates/job-storage-init.yaml
+index 1d4819c2..27081816 100644
+--- a/cinder/templates/job-storage-init.yaml
+++ b/cinder/templates/job-storage-init.yaml
+@@ -100,6 +100,8 @@ spec:
+               value: {{ index (index .Values.conf.backends (include "cinder.utils.ceph_volume_section_name" $envAll)) "volume_driver" | quote }}
+             - name: RBD_POOL_NAME
+               value: {{ index (index .Values.conf.backends (include "cinder.utils.ceph_volume_section_name" $envAll)) "rbd_pool" | quote }}
+            - name: RBD_POOL_APP_NAME
+              value: {{ .Values.conf.software.rbd.rbd_pool_app_name | quote }}
+             - name: RBD_POOL_USER
+               value: {{ index (index .Values.conf.backends (include "cinder.utils.ceph_volume_section_name" $envAll)) "rbd_user" | quote }}
+             - name: RBD_POOL_CRUSH_RULE
+diff --git a/cinder/values.yaml b/cinder/values.yaml
+index 39027e9b..bef7b374 100644
+--- a/cinder/values.yaml
+++ b/cinder/values.yaml
+@@ -302,6 +302,10 @@ ceph_client:
+   user_secret_name: pvc-ceph-client-key
+ 
+ conf:
+  software:
+    rbd:
+      rbd_pool_app_name_backup: cinder-backup
+      rbd_pool_app_name: cinder-volume
+   paste:
+     composite:osapi_volume:
+       use: call:cinder.api:root_app_factory
+-- 
+2.16.5
+
--- a/openstack-helm/files/0014-Cinder-Support-backup-driver-specification-by-module.patch
+++ b/openstack-helm/files/0014-Cinder-Support-backup-driver-specification-by-module.patch
@ -0,0 +1,241 @@
+From a5c47db5550926bcf2d4dbd5667ad74e00b2ed97 Mon Sep 17 00:00:00 2001
+From: Robert Church <robert.church@windriver.com>
+Date: Fri, 24 May 2019 02:43:15 -0400
+Subject: [PATCH 14/14] Cinder: Support backup driver specification by module
+ or class name
+
+During the Queens cycle, Cinder introduced the ability to specify the
+backup driver via class name and deprecated backup driver initialization
+using the module name. (Id6bee9e7d0da8ead224a04f86fe79ddfb5b286cf)
+
+Legacy support for initialization by module name was dropped in Stein.
+(I3ada2dee1857074746b1893b82dd5f6641c6e579)
+
+This change will support both methods of initialization and leave the
+driver defaults enabled for module based initialization (valid through
+Rocky images).
+
+This change has been tested using the OSH default Cinder (Ocata) images
+and StarlingX images based on master (Train).
+
+Change-Id: Iec7bc6f4dd089aaa08ca652bebd9a10ef49da556
+Signed-off-by: Robert Church <robert.church@windriver.com>
+---
+ cinder/templates/bin/_backup-storage-init.sh.tpl |  8 ++++----
+ cinder/templates/configmap-etc.yaml              |  2 +-
+ cinder/templates/deployment-backup.yaml          | 16 ++++++++--------
+ cinder/templates/job-backup-storage-init.yaml    |  8 ++++----
+ cinder/templates/job-clean.yaml                  |  4 ++--
+ cinder/templates/pvc-backup.yaml                 |  2 +-
+ cinder/values.yaml                               |  4 ++++
+ 7 files changed, 24 insertions(+), 20 deletions(-)
+
+diff --git a/cinder/templates/bin/_backup-storage-init.sh.tpl b/cinder/templates/bin/_backup-storage-init.sh.tpl
+index af9886ad..10069f17 100644
+--- a/cinder/templates/bin/_backup-storage-init.sh.tpl
+++ b/cinder/templates/bin/_backup-storage-init.sh.tpl
+@@ -17,7 +17,7 @@ limitations under the License.
+ */}}
+ 
+ set -x
+-if [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.ceph" ]; then
+if [[ $STORAGE_BACKEND =~ 'cinder.backup.drivers.ceph' ]]; then
+   SECRET=$(mktemp --suffix .yaml)
+   KEYRING=$(mktemp --suffix .keyring)
+   function cleanup {
+@@ -27,10 +27,10 @@ if [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.ceph" ]; then
+ fi
+ 
+ set -ex
+-if [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.swift" ] || \
+-     [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.posix" ]; then
+if [[ $STORAGE_BACKEND =~ 'cinder.backup.drivers.swift' ]] || \
+     [[ $STORAGE_BACKEND =~ 'cinder.backup.drivers.posix' ]]; then
+   echo "INFO: no action required to use $STORAGE_BACKEND"
+-elif [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.ceph" ]; then
+elif [[ $STORAGE_BACKEND =~ 'cinder.backup.drivers.ceph' ]]; then
+   ceph -s
+   function ensure_pool () {
+     ceph osd pool stats $1 || ceph osd pool create $1 $2
+diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml
+index 5ed73db6..e13851ed 100644
+--- a/cinder/templates/configmap-etc.yaml
+++ b/cinder/templates/configmap-etc.yaml
+@@ -63,7 +63,7 @@ limitations under the License.
+ {{- $_ := tuple "image" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.cinder.DEFAULT "glance_api_servers" -}}
+ {{- end -}}
+ 
+-{{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.swift" }}
+{{- if (contains "cinder.backup.drivers.swift" .Values.conf.cinder.DEFAULT.backup_driver) }}
+ {{- if empty .Values.conf.cinder.DEFAULT.backup_swift_auth_version -}}
+ {{- $_ := set .Values.conf.cinder.DEFAULT "backup_swift_auth_version" "3" -}}
+ {{- end -}}
+diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml
+index fdce03a9..bffd774c 100644
+--- a/cinder/templates/deployment-backup.yaml
+++ b/cinder/templates/deployment-backup.yaml
+@@ -54,7 +54,7 @@ spec:
+         {{ .Values.labels.backup.node_selector_key }}: {{ .Values.labels.backup.node_selector_value }}
+       initContainers:
+ {{ tuple $envAll "backup" $mounts_cinder_backup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: ceph-backup-keyring-placement
+ {{ tuple $envAll "cinder_backup" | include "helm-toolkit.snippets.image" | indent 10 }}
+           securityContext:
+@@ -98,7 +98,7 @@ spec:
+               subPath: key
+               readOnly: true
+         {{ end }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.posix" }}
+        {{- if (contains "cinder.backup.drivers.posix" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: ceph-backup-volume-perms
+ {{ tuple $envAll "cinder_backup" | include "helm-toolkit.snippets.image" | indent 10 }}
+           securityContext:
+@@ -150,7 +150,7 @@ spec:
+               mountPath: {{ .Values.conf.cinder.DEFAULT.log_config_append }}
+               subPath: {{ base .Values.conf.cinder.DEFAULT.log_config_append }}
+               readOnly: true
+-            {{ if or (eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph") (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+            {{ if or (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+             - name: etcceph
+               mountPath: /etc/ceph
+             {{- if not .Values.backup.external_ceph_rbd.enabled }}
+@@ -164,7 +164,7 @@ spec:
+               subPath: external-backup-ceph.conf
+               readOnly: true
+             {{- end }}
+-            {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+            {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+             - name: ceph-backup-keyring
+               mountPath: /tmp/client-keyring
+               subPath: key
+@@ -176,7 +176,7 @@ spec:
+               readOnly: true
+             {{- end }}
+             {{- end }}
+-            {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.posix" }}
+            {{- if (contains "cinder.backup.drivers.posix" .Values.conf.cinder.DEFAULT.backup_driver) }}
+             - name: cinder-backup
+               mountPath: {{ .Values.conf.cinder.DEFAULT.backup_posix_path }}
+             {{- end }}
+@@ -213,7 +213,7 @@ spec:
+           configMap:
+             name: cinder-bin
+             defaultMode: 0555
+-        {{ if or (eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph") (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+        {{ if or (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+         - name: etcceph
+           emptyDir: {}
+         - name: ceph-etc
+@@ -221,7 +221,7 @@ spec:
+             name: {{ .Values.ceph_client.configmap }}
+             defaultMode: 0444
+         {{ end }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: ceph-backup-keyring
+           secret:
+             secretName: {{ .Values.secrets.rbd.backup | quote }}
+@@ -231,7 +231,7 @@ spec:
+           secret:
+             secretName: {{ .Values.secrets.rbd.volume | quote }}
+         {{ end }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.posix" }}
+        {{- if (contains "cinder.backup.drivers.posix" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: cinder-backup
+           persistentVolumeClaim:
+             claimName: cinder-backup
+diff --git a/cinder/templates/job-backup-storage-init.yaml b/cinder/templates/job-backup-storage-init.yaml
+index 7b0e50e1..a43ba998 100644
+--- a/cinder/templates/job-backup-storage-init.yaml
+++ b/cinder/templates/job-backup-storage-init.yaml
+@@ -67,7 +67,7 @@ spec:
+         {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+       initContainers:
+ {{ tuple $envAll "backup_storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: ceph-keyring-placement
+ {{ tuple $envAll "cinder_backup_storage_init" | include "helm-toolkit.snippets.image" | indent 10 }}
+           securityContext:
+@@ -106,7 +106,7 @@ spec:
+                   fieldPath: metadata.namespace
+             - name: STORAGE_BACKEND
+               value: {{ .Values.conf.cinder.DEFAULT.backup_driver | quote }}
+-            {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+            {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+             - name: RBD_POOL_NAME
+               value: {{ .Values.conf.cinder.DEFAULT.backup_ceph_pool | quote }}
+             - name: RBD_POOL_APP_NAME
+@@ -129,7 +129,7 @@ spec:
+               mountPath: /tmp/backup-storage-init.sh
+               subPath: backup-storage-init.sh
+               readOnly: true
+-            {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+            {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+             - name: etcceph
+               mountPath: /etc/ceph
+             {{- if not .Values.backup.external_ceph_rbd.enabled }}
+@@ -155,7 +155,7 @@ spec:
+           configMap:
+             name: cinder-bin
+             defaultMode: 0555
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: etcceph
+           emptyDir: {}
+         - name: ceph-etc
+diff --git a/cinder/templates/job-clean.yaml b/cinder/templates/job-clean.yaml
+index d85234ed..54fd41e7 100644
+--- a/cinder/templates/job-clean.yaml
+++ b/cinder/templates/job-clean.yaml
+@@ -16,7 +16,7 @@ limitations under the License.
+ 
+ {{- if .Values.manifests.job_clean }}
+ {{- $envAll := . }}
+-{{ if or (eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph") (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+{{ if or (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) (include "cinder.utils.is_ceph_volume_configured" $envAll) }}
+ 
+ {{- $serviceAccountName := print "cinder-clean" }}
+ {{ tuple $envAll "clean" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+@@ -87,7 +87,7 @@ spec:
+               subPath: clean-secrets.sh
+               readOnly: true
+         {{ end }}
+-        {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }}
+        {{- if (contains "cinder.backup.drivers.ceph" .Values.conf.cinder.DEFAULT.backup_driver) }}
+         - name: cinder-volume-backup-secret-clean
+ {{ tuple $envAll "cinder_backup_storage_init" | include "helm-toolkit.snippets.image" | indent 10 }}
+ {{ tuple $envAll $envAll.Values.pod.resources.jobs.clean | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+diff --git a/cinder/templates/pvc-backup.yaml b/cinder/templates/pvc-backup.yaml
+index b2e851dc..94d63d0e 100644
+--- a/cinder/templates/pvc-backup.yaml
+++ b/cinder/templates/pvc-backup.yaml
+@@ -16,7 +16,7 @@ limitations under the License.
+ 
+ {{- if .Values.manifests.pvc_backup }}
+ {{- $envAll := . }}
+-{{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.posix" }}
+{{- if (contains "cinder.backup.drivers.posix" .Values.conf.cinder.DEFAULT.backup_driver) }}
+ ---
+ kind: PersistentVolumeClaim
+ apiVersion: v1
+diff --git a/cinder/values.yaml b/cinder/values.yaml
+index bef7b374..362f6918 100644
+--- a/cinder/values.yaml
+++ b/cinder/values.yaml
+@@ -767,6 +767,10 @@ conf:
+       enabled_backends: "rbd1"
+       # NOTE(portdirect): "cinder.backup.drivers.ceph"  and
+       # "cinder.backup.drivers.posix" also supported
+      # NOTE(rchurch): As of Stein, drivers by class name are required
+      # - cinder.backup.drivers.swift.SwiftBackupDriver
+      # - cinder.backup.drivers.ceph.CephBackupDriver
+      # - cinder.backup.drivers.posix.PosixBackupDriver
+       backup_driver: "cinder.backup.drivers.swift"
+       # Backup: Ceph RBD options
+       backup_ceph_conf: "/etc/ceph/ceph.conf"
+-- 
+2.16.5
+