openstack-helm chart rebase
Each patch included in this commit contains a commit message that describes the required purpose of the patch. Change-Id: Ied38e5cbedbe06fd0b6f27612aa0bddf60064dea Depends-On: Ic788a2c86edfbceca1f1ff18dd0344472546c81b Story: 2004520 Task: 29966 Signed-off-by: Robert Church <robert.church@windriver.com>
This commit is contained in:
parent
4556a85bd3
commit
f32827ca61
openstack-helm
centos
files
0001-Add-Aodh-Chart.patch0001-ceilometer-chart-updates.patch0002-Ceilometer-chart-add-the-ability-to-publish-events-t.patch0003-Add-Panko-Chart.patch0003-Remove-stale-Apache2-service-pids-when-a-POD-starts.patch0004-Fix-ssh-config-in-nova-to-support-cold-migrations.patch0005-Add-heat-purge-deleted-cron-job.patch0005-Nova-console-ip-address-search-optionality.patch0006-Nova-chart-Support-ephemeral-pool-creation.patch0007-Glance-chart-add-images-pool-replication.patch0007-Horizon-Disable-apache2-status_module.patch0007-Stein-Remove-ceilometer-upgrade-option.patch0008-Neutron-Add-support-for-disabling-Readiness-Liveness.patch0008-Stein-Update-Cinder-to-include-resource_filters.json.patch0009-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch0009-Stein-add-log_config_append-to-neutron-etc.patch0010-Enable-Ceph-Jewel-support-for-nova-cinder-glance.patch0010-Stein-Nova-console-address-config-optionality.patch0011-Support-per-host-overrides-of-auto_bridge_add.patch0013-neutron-up-interfaces-added-via-ovs-auto_bridge_add.patch
@ -1,8 +1,8 @@
|
||||
TAR_NAME=openstack-helm
|
||||
SHA=9d72fe1a501bc609a875eebf7b6274e18600ed70
|
||||
SHA=6c71637222f47d85681038994f02feac92f75bd2
|
||||
VERSION=1.0.0
|
||||
TAR="$TAR_NAME-$SHA.tar.gz"
|
||||
|
||||
COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* "
|
||||
|
||||
TIS_PATCH_VER=14
|
||||
TIS_PATCH_VER=15
|
||||
|
@ -1,4 +1,4 @@
|
||||
%global sha 9d72fe1a501bc609a875eebf7b6274e18600ed70
|
||||
%global sha 6c71637222f47d85681038994f02feac92f75bd2
|
||||
%global helm_folder /usr/lib/helm
|
||||
%global toolkit_version 0.1.0
|
||||
%global helmchart_version 0.1.0
|
||||
@ -19,20 +19,16 @@ Source2: index.yaml
|
||||
|
||||
BuildArch: noarch
|
||||
|
||||
Patch01: 0001-ceilometer-chart-updates.patch
|
||||
Patch02: 0002-Add-Aodh-Chart.patch
|
||||
Patch03: 0003-Add-Panko-Chart.patch
|
||||
Patch04: Remove-stale-Apache2-service-pids-when-a-POD-starts.patch
|
||||
Patch05: 0005-Add-heat-purge-deleted-cron-job.patch
|
||||
Patch06: 0006-Enable-cold-migration-in-nova-helm-chart.patch
|
||||
Patch07: 0007-Glance-chart-add-images-pool-replication.patch
|
||||
Patch08: 0007-Stein-Remove-ceilometer-upgrade-option.patch
|
||||
Patch09: 0008-Stein-Update-Cinder-to-include-resource_filters.json.patch
|
||||
Patch10: 0009-Stein-add-log_config_append-to-neutron-etc.patch
|
||||
Patch11: 0010-Stein-Nova-console-address-config-optionality.patch
|
||||
Patch12: 0011-Support-per-host-overrides-of-auto_bridge_add.patch
|
||||
Patch13: 0012-Nova-chart-Add-ephemeral-pool.patch
|
||||
Patch14: 0013-neutron-up-interfaces-added-via-ovs-auto_bridge_add.patch
|
||||
Patch01: 0001-Add-Aodh-Chart.patch
|
||||
Patch02: 0002-Ceilometer-chart-add-the-ability-to-publish-events-t.patch
|
||||
Patch03: 0003-Remove-stale-Apache2-service-pids-when-a-POD-starts.patch
|
||||
Patch04: 0004-Fix-ssh-config-in-nova-to-support-cold-migrations.patch
|
||||
Patch05: 0005-Nova-console-ip-address-search-optionality.patch
|
||||
Patch06: 0006-Nova-chart-Support-ephemeral-pool-creation.patch
|
||||
Patch07: 0007-Horizon-Disable-apache2-status_module.patch
|
||||
Patch08: 0008-Neutron-Add-support-for-disabling-Readiness-Liveness.patch
|
||||
Patch09: 0009-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch
|
||||
Patch10: 0010-Enable-Ceph-Jewel-support-for-nova-cinder-glance.patch
|
||||
|
||||
BuildRequires: helm
|
||||
BuildRequires: openstack-helm-infra
|
||||
@ -53,10 +49,6 @@ Openstack Helm charts
|
||||
%patch08 -p1
|
||||
%patch09 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
|
||||
%build
|
||||
# initialize helm and build the toolkit
|
||||
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,93 @@
|
||||
From 5302aa4e87694e96cc3dfc56ae494a1a8211cc37 Mon Sep 17 00:00:00 2001
|
||||
From: Angie Wang <angie.wang@windriver.com>
|
||||
Date: Wed, 6 Mar 2019 18:06:06 -0500
|
||||
Subject: [PATCH 02/10] Ceilometer chart: add the ability to publish events to
|
||||
panko
|
||||
|
||||
Ceilometer notification agent sends the events to panko via panko
|
||||
dispatcher/publisher which requires the db connection information
|
||||
in /etc/panko/panko.conf.
|
||||
This commit updates to mount the configuration file for panko in
|
||||
ceilometer notification pod.
|
||||
|
||||
Change-Id: I4ca524ed7462f945a245e9dbe1d69493dbc4211d
|
||||
Story: 2005019
|
||||
Task: 29498
|
||||
Depends-On: https://review.openstack.org/#/c/641144/
|
||||
Signed-off-by: Angie Wang <angie.wang@windriver.com>
|
||||
(cherry picked from commit 507bc47f1447808c57c1c8aa82b0639543083656)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
ceilometer/values.yaml | 34 ++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 34 insertions(+)
|
||||
|
||||
diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml
|
||||
index e6ae7e3a..9deade59 100644
|
||||
--- a/ceilometer/values.yaml
|
||||
+++ b/ceilometer/values.yaml
|
||||
@@ -728,6 +728,11 @@ conf:
|
||||
- name: event_sink
|
||||
publishers:
|
||||
- notifier://
|
||||
+ # The following publisher will enable to publish events to panko.
|
||||
+ # Ocata:
|
||||
+ # - direct://?dispatcher=panko
|
||||
+ # Pike:
|
||||
+ # - panko://
|
||||
transformers: null
|
||||
sources:
|
||||
- events:
|
||||
@@ -1618,6 +1623,8 @@ dependencies:
|
||||
service: mongodb
|
||||
- endpoint: internal
|
||||
service: metric
|
||||
+ - endpoint: internal
|
||||
+ service: event
|
||||
tests:
|
||||
services:
|
||||
- endpoint: internal
|
||||
@@ -1739,6 +1746,21 @@ endpoints:
|
||||
api:
|
||||
default: 8041
|
||||
public: 80
|
||||
+ event:
|
||||
+ name: panko
|
||||
+ hosts:
|
||||
+ default: panko-api
|
||||
+ public: panko
|
||||
+ host_fqdn_override:
|
||||
+ default: null
|
||||
+ path:
|
||||
+ default: null
|
||||
+ scheme:
|
||||
+ default: 'http'
|
||||
+ port:
|
||||
+ api:
|
||||
+ default: 8977
|
||||
+ public: 80
|
||||
alarming:
|
||||
name: aodh
|
||||
hosts:
|
||||
@@ -1865,7 +1887,19 @@ pod:
|
||||
init_container: null
|
||||
ceilometer_notification:
|
||||
volumeMounts:
|
||||
+ - name: etcpanko
|
||||
+ mountPath: /etc/panko
|
||||
+ - name: panko-etc
|
||||
+ mountPath: /etc/panko/panko.conf
|
||||
+ subPath: panko.conf
|
||||
+ readOnly: true
|
||||
volumes:
|
||||
+ - name: etcpanko
|
||||
+ emptyDir: {}
|
||||
+ - name: panko-etc
|
||||
+ secret:
|
||||
+ secretName: panko-etc
|
||||
+ defaultMode: 0444
|
||||
replicas:
|
||||
api: 1
|
||||
central: 1
|
||||
--
|
||||
2.16.5
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
From 44b9b086f22a561cec91519d03750c3e501d5739 Mon Sep 17 00:00:00 2001
|
||||
From a0e8c7e3764b168eaaa82d17d965f62d34766573 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Friesen <chris.friesen@windriver.com>
|
||||
Date: Wed, 28 Nov 2018 01:33:39 -0500
|
||||
Subject: [PATCH] Remove stale Apache2 service pids when a POD starts.
|
||||
Subject: [PATCH 03/10] Remove stale Apache2 service pids when a POD starts.
|
||||
|
||||
Stale Apache2 pids will prevent Apache2 from starting and will leave
|
||||
the POD in a crashed state.
|
||||
@ -12,30 +12,16 @@ Note: the pid file is somewhat confusingly called
|
||||
|
||||
This is loosely based off the in-review upstream commit at
|
||||
https://review.openstack.org/#/c/619747
|
||||
---
|
||||
aodh/templates/bin/_aodh-api.sh.tpl | 3 +++
|
||||
ceilometer/templates/bin/_ceilometer-api.sh.tpl | 3 +++
|
||||
keystone/templates/bin/_keystone-api.sh.tpl | 3 +++
|
||||
nova/templates/bin/_nova-placement-api.sh.tpl | 3 +++
|
||||
panko/templates/bin/_panko-api.sh.tpl | 3 +++
|
||||
5 files changed, 15 insertions(+)
|
||||
|
||||
diff --git a/aodh/templates/bin/_aodh-api.sh.tpl b/aodh/templates/bin/_aodh-api.sh.tpl
|
||||
index 708b327..dfc7abc 100644
|
||||
--- a/aodh/templates/bin/_aodh-api.sh.tpl
|
||||
+++ b/aodh/templates/bin/_aodh-api.sh.tpl
|
||||
@@ -28,6 +28,9 @@ function start () {
|
||||
source /etc/apache2/envvars
|
||||
fi
|
||||
|
||||
+ # Get rid of stale pid file if present.
|
||||
+ rm -f /var/run/apache2/*.pid
|
||||
+
|
||||
# Start Apache2
|
||||
exec apache2 -DFOREGROUND
|
||||
}
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
ceilometer/templates/bin/_ceilometer-api.sh.tpl | 3 +++
|
||||
keystone/templates/bin/_keystone-api.sh.tpl | 6 ++----
|
||||
nova/templates/bin/_nova-placement-api.sh.tpl | 3 +++
|
||||
3 files changed, 8 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/ceilometer/templates/bin/_ceilometer-api.sh.tpl b/ceilometer/templates/bin/_ceilometer-api.sh.tpl
|
||||
index cdb02f7..0950f03 100644
|
||||
index cdb02f79..392873c7 100644
|
||||
--- a/ceilometer/templates/bin/_ceilometer-api.sh.tpl
|
||||
+++ b/ceilometer/templates/bin/_ceilometer-api.sh.tpl
|
||||
@@ -25,6 +25,9 @@ function start () {
|
||||
@ -49,41 +35,30 @@ index cdb02f7..0950f03 100644
|
||||
exec apache2 -DFOREGROUND
|
||||
}
|
||||
diff --git a/keystone/templates/bin/_keystone-api.sh.tpl b/keystone/templates/bin/_keystone-api.sh.tpl
|
||||
index 217d942..a5950a4 100644
|
||||
index 2f127b94..11726809 100644
|
||||
--- a/keystone/templates/bin/_keystone-api.sh.tpl
|
||||
+++ b/keystone/templates/bin/_keystone-api.sh.tpl
|
||||
@@ -31,6 +31,9 @@ function start () {
|
||||
@@ -31,10 +31,8 @@ function start () {
|
||||
source /etc/apache2/envvars
|
||||
fi
|
||||
|
||||
- if [ -f /var/run/apache2/apache2.pid ]; then
|
||||
- # Remove the stale pid for debian/ubuntu images
|
||||
- rm -f /var/run/apache2/apache2.pid
|
||||
- fi
|
||||
+ # Get rid of stale pid, shared memory segment and wsgi sock files if present.
|
||||
+ rm -f /var/run/apache2/*
|
||||
+
|
||||
|
||||
# Start Apache2
|
||||
exec apache2 -DFOREGROUND
|
||||
}
|
||||
diff --git a/nova/templates/bin/_nova-placement-api.sh.tpl b/nova/templates/bin/_nova-placement-api.sh.tpl
|
||||
index f9c8d7c..a7d753e 100644
|
||||
index f9c8d7c5..b4bcf178 100644
|
||||
--- a/nova/templates/bin/_nova-placement-api.sh.tpl
|
||||
+++ b/nova/templates/bin/_nova-placement-api.sh.tpl
|
||||
@@ -28,6 +28,9 @@ function start () {
|
||||
source /etc/apache2/envvars
|
||||
fi
|
||||
|
||||
+ # Get rid of stale pid file if present.
|
||||
+ rm -f /var/run/apache2/*.pid
|
||||
+
|
||||
# Start Apache2
|
||||
exec apache2 -DFOREGROUND
|
||||
}
|
||||
diff --git a/panko/templates/bin/_panko-api.sh.tpl b/panko/templates/bin/_panko-api.sh.tpl
|
||||
index bd08a43..c4ffc3f 100755
|
||||
--- a/panko/templates/bin/_panko-api.sh.tpl
|
||||
+++ b/panko/templates/bin/_panko-api.sh.tpl
|
||||
@@ -28,6 +28,9 @@ function start () {
|
||||
source /etc/apache2/envvars
|
||||
fi
|
||||
|
||||
+ # Get rid of stale pid file if present.
|
||||
+ rm -f /var/run/apache2/*.pid
|
||||
+
|
||||
@ -91,5 +66,5 @@ index bd08a43..c4ffc3f 100755
|
||||
exec apache2 -DFOREGROUND
|
||||
}
|
||||
--
|
||||
1.8.3.1
|
||||
2.16.5
|
||||
|
@ -1,16 +1,26 @@
|
||||
From 7760815c98231ffd431f053f8fac35902f420118 Mon Sep 17 00:00:00 2001
|
||||
From 6a023c248b3cbd093b8f4480f4b2cca5a3c8600d Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Thu, 10 Jan 2019 00:12:21 -0500
|
||||
Subject: [PATCH] Enable cold migration in nova helm chart
|
||||
Subject: [PATCH 04/10] Fix ssh config in nova to support cold migrations
|
||||
|
||||
- Move private key from sshd container to nova-compute container.
|
||||
- Fix .ssh/config file mapping
|
||||
- Move private key from nova-compute-ssh container to nova-compute
|
||||
container.
|
||||
- Map private and public keys to configmap-ssh which will default to
|
||||
correct file permissions.
|
||||
the appropriate file permissions.
|
||||
- Add additional config to /etc/ssh/sshd_config to allow passwordless
|
||||
root logins over appropriate subnet passed in from overrides.
|
||||
- Remove chmods from sshd bash script as they are failing.
|
||||
|
||||
Depends on helm-toolkit supporting multiple containers per pod.
|
||||
Depends on helm-toolkit supporting multiple containers per daemonset
|
||||
pod.
|
||||
|
||||
Story: 2003463
|
||||
Task: 24723
|
||||
Change-Id: Idd2e802c293f1e14991ee787ade9a4936fb373ff
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
(cherry picked from commit 9e9d8aa5e6d4239b40c6c9668592ea799cd6814d)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
nova/templates/bin/_ssh-start.sh.tpl | 19 ++++++++++++++++---
|
||||
nova/templates/configmap-etc.yaml | 4 ++--
|
||||
@ -21,7 +31,7 @@ Depends on helm-toolkit supporting multiple containers per pod.
|
||||
create mode 100755 nova/templates/configmap-ssh.yaml
|
||||
|
||||
diff --git a/nova/templates/bin/_ssh-start.sh.tpl b/nova/templates/bin/_ssh-start.sh.tpl
|
||||
index 1c10cb0..158090b 100644
|
||||
index 1c10cb07..158090b0 100644
|
||||
--- a/nova/templates/bin/_ssh-start.sh.tpl
|
||||
+++ b/nova/templates/bin/_ssh-start.sh.tpl
|
||||
@@ -33,8 +33,21 @@ if [[ $(stat -c %U:%G ~nova/.ssh) != "nova:nova" ]]; then
|
||||
@ -50,7 +60,7 @@ index 1c10cb0..158090b 100644
|
||||
|
||||
exec /usr/sbin/sshd -D -e -o Port=$SSH_PORT
|
||||
diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml
|
||||
index 55aa311..0d1e7a5 100644
|
||||
index 55aa3114..0d1e7a5e 100644
|
||||
--- a/nova/templates/configmap-etc.yaml
|
||||
+++ b/nova/templates/configmap-etc.yaml
|
||||
@@ -232,8 +232,8 @@ data:
|
||||
@ -66,7 +76,7 @@ index 55aa311..0d1e7a5 100644
|
||||
{{- if .Values.manifests.configmap_etc }}
|
||||
diff --git a/nova/templates/configmap-ssh.yaml b/nova/templates/configmap-ssh.yaml
|
||||
new file mode 100755
|
||||
index 0000000..bab8e33
|
||||
index 00000000..bab8e330
|
||||
--- /dev/null
|
||||
+++ b/nova/templates/configmap-ssh.yaml
|
||||
@@ -0,0 +1,35 @@
|
||||
@ -106,10 +116,10 @@ index 0000000..bab8e33
|
||||
+{{- list "nova-ssh" . | include "nova.configmap.ssh" }}
|
||||
+{{- end }}
|
||||
diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml
|
||||
index 850f0b0..82f185f 100644
|
||||
index 09627042..4a7b90b5 100644
|
||||
--- a/nova/templates/daemonset-compute.yaml
|
||||
+++ b/nova/templates/daemonset-compute.yaml
|
||||
@@ -217,6 +217,9 @@ spec:
|
||||
@@ -258,6 +258,9 @@ spec:
|
||||
mountPath: /root/.ssh/config
|
||||
subPath: ssh-config
|
||||
readOnly: true
|
||||
@ -119,7 +129,7 @@ index 850f0b0..82f185f 100644
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
- name: etcceph
|
||||
mountPath: /etc/ceph
|
||||
@@ -273,13 +276,10 @@ spec:
|
||||
@@ -314,13 +317,10 @@ spec:
|
||||
mountPath: /var/lib/nova
|
||||
- name: varliblibvirt
|
||||
mountPath: /var/lib/libvirt
|
||||
@ -135,7 +145,7 @@ index 850f0b0..82f185f 100644
|
||||
mountPath: /root/.ssh/authorized_keys
|
||||
subPath: ssh-key-public
|
||||
- name: nova-bin
|
||||
@@ -295,6 +295,10 @@ spec:
|
||||
@@ -336,6 +336,10 @@ spec:
|
||||
secret:
|
||||
secretName: {{ $configMapName }}
|
||||
defaultMode: 0444
|
||||
@ -145,12 +155,12 @@ index 850f0b0..82f185f 100644
|
||||
+ defaultMode: 0400
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
- name: etcceph
|
||||
emptyDir: {}
|
||||
hostPath:
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 4edf5c6..9646ded 100644
|
||||
index 7cb4d553..8599027a 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -209,6 +209,9 @@ network:
|
||||
@@ -211,6 +211,9 @@ network:
|
||||
ssh:
|
||||
name: "nova-ssh"
|
||||
port: 8022
|
||||
@ -160,7 +170,7 @@ index 4edf5c6..9646ded 100644
|
||||
|
||||
dependencies:
|
||||
dynamic:
|
||||
@@ -460,6 +463,8 @@ conf:
|
||||
@@ -462,6 +465,8 @@ conf:
|
||||
StrictHostKeyChecking no
|
||||
UserKnownHostsFile /dev/null
|
||||
Port {{ .Values.network.ssh.port }}
|
||||
@ -170,5 +180,5 @@ index 4edf5c6..9646ded 100644
|
||||
run_tempest: false
|
||||
tests:
|
||||
--
|
||||
1.8.3.1
|
||||
2.16.5
|
||||
|
@ -1,209 +0,0 @@
|
||||
From bd5c50427b8a453cd993cce39c5dc49bb94acd82 Mon Sep 17 00:00:00 2001
|
||||
From: David Sullivan <david.sullivan@windriver.com>
|
||||
Date: Fri, 23 Nov 2018 14:00:56 -0500
|
||||
Subject: [PATCH] Add heat-purge-deleted cron job
|
||||
|
||||
This adds a cron job to purge deleted items from the heat db every 24h.
|
||||
|
||||
This should be upstreamed.
|
||||
---
|
||||
.../bin/_heat-purge-deleted-active.sh.tpl | 10 +++
|
||||
heat/templates/configmap-bin.yaml | 2 +
|
||||
heat/templates/cron-job-purge-deleted.yaml | 76 ++++++++++++++++++++++
|
||||
heat/values.yaml | 32 +++++++++
|
||||
4 files changed, 120 insertions(+)
|
||||
create mode 100644 heat/templates/bin/_heat-purge-deleted-active.sh.tpl
|
||||
create mode 100644 heat/templates/cron-job-purge-deleted.yaml
|
||||
|
||||
diff --git a/heat/templates/bin/_heat-purge-deleted-active.sh.tpl b/heat/templates/bin/_heat-purge-deleted-active.sh.tpl
|
||||
new file mode 100644
|
||||
index 0000000..dc38caf
|
||||
--- /dev/null
|
||||
+++ b/heat/templates/bin/_heat-purge-deleted-active.sh.tpl
|
||||
@@ -0,0 +1,10 @@
|
||||
+#!/bin/bash
|
||||
+
|
||||
+# Copyright (c) 2017-2018 Wind River Systems, Inc.
|
||||
+#
|
||||
+# SPDX-License-Identifier: Apache-2.0
|
||||
+#
|
||||
+
|
||||
+set -ex
|
||||
+
|
||||
+heat-manage purge_deleted -g hours 1
|
||||
diff --git a/heat/templates/configmap-bin.yaml b/heat/templates/configmap-bin.yaml
|
||||
index b432097..1463be5 100644
|
||||
--- a/heat/templates/configmap-bin.yaml
|
||||
+++ b/heat/templates/configmap-bin.yaml
|
||||
@@ -59,6 +59,8 @@ data:
|
||||
{{ tuple "bin/_heat-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
heat-engine-cleaner.sh: |
|
||||
{{ tuple "bin/_heat-engine-cleaner.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
+ heat-purge-deleted-active.sh: |
|
||||
+{{ tuple "bin/_heat-purge-deleted-active.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
rabbit-init.sh: |
|
||||
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
|
||||
{{- end }}
|
||||
diff --git a/heat/templates/cron-job-purge-deleted.yaml b/heat/templates/cron-job-purge-deleted.yaml
|
||||
new file mode 100644
|
||||
index 0000000..8b8fb24
|
||||
--- /dev/null
|
||||
+++ b/heat/templates/cron-job-purge-deleted.yaml
|
||||
@@ -0,0 +1,76 @@
|
||||
+# Copyright (c) 2017-2018 Wind River Systems, Inc.
|
||||
+#
|
||||
+# SPDX-License-Identifier: Apache-2.0
|
||||
+#
|
||||
+
|
||||
+{{- if .Values.manifests.cron_job_purge_deleted }}
|
||||
+{{- $envAll := . }}
|
||||
+
|
||||
+{{- $mounts_heat_purge_deleted := .Values.pod.mounts.heat_purge_deleted.heat_purge_deleted }}
|
||||
+{{- $mounts_heat_purge_deleted_init := .Values.pod.mounts.heat_purge_deleted.init_container }}
|
||||
+
|
||||
+{{- $serviceAccountName := "heat-purge-deleted" }}
|
||||
+{{ tuple $envAll "purge_deleted" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||
+---
|
||||
+apiVersion: batch/v1beta1
|
||||
+kind: CronJob
|
||||
+metadata:
|
||||
+ name: heat-purge-deleted
|
||||
+ annotations:
|
||||
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
||||
+spec:
|
||||
+ schedule: {{ .Values.jobs.purge_deleted.cron | quote }}
|
||||
+ successfulJobsHistoryLimit: {{ .Values.jobs.purge_deleted.history.success }}
|
||||
+ failedJobsHistoryLimit: {{ .Values.jobs.purge_deleted.history.failed }}
|
||||
+ concurrencyPolicy: Forbid
|
||||
+ jobTemplate:
|
||||
+ metadata:
|
||||
+ labels:
|
||||
+{{ tuple $envAll "heat" "purge-deleted" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||
+ spec:
|
||||
+ template:
|
||||
+ metadata:
|
||||
+ labels:
|
||||
+{{ tuple $envAll "heat" "purge-deleted" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
|
||||
+ spec:
|
||||
+ serviceAccountName: {{ $serviceAccountName }}
|
||||
+ restartPolicy: OnFailure
|
||||
+ nodeSelector:
|
||||
+ {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
||||
+ initContainers:
|
||||
+{{ tuple $envAll "purge_deleted" $mounts_heat_purge_deleted_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
|
||||
+ containers:
|
||||
+ - name: heat-purge-deleted
|
||||
+{{ tuple $envAll "heat_purge_deleted" | include "helm-toolkit.snippets.image" | indent 14 }}
|
||||
+{{ tuple $envAll $envAll.Values.pod.resources.jobs.purge_deleted | include "helm-toolkit.snippets.kubernetes_resources" | indent 14 }}
|
||||
+ command:
|
||||
+ - /tmp/heat-purge-deleted-active.sh
|
||||
+ volumeMounts:
|
||||
+ - name: heat-bin
|
||||
+ mountPath: /tmp/heat-purge-deleted-active.sh
|
||||
+ subPath: heat-purge-deleted-active.sh
|
||||
+ readOnly: true
|
||||
+ - name: etcheat
|
||||
+ mountPath: /etc/heat
|
||||
+ - name: heat-etc
|
||||
+ mountPath: /etc/heat/heat.conf
|
||||
+ subPath: heat.conf
|
||||
+ readOnly: true
|
||||
+ - name: heat-etc
|
||||
+ mountPath: {{ .Values.conf.heat.DEFAULT.log_config_append }}
|
||||
+ subPath: {{ base .Values.conf.heat.DEFAULT.log_config_append }}
|
||||
+ readOnly: true
|
||||
+{{ if $mounts_heat_purge_deleted.volumeMounts }}{{ toYaml $mounts_heat_purge_deleted.volumeMounts | indent 14 }}{{ end }}
|
||||
+ volumes:
|
||||
+ - name: etcheat
|
||||
+ emptyDir: {}
|
||||
+ - name: heat-etc
|
||||
+ secret:
|
||||
+ secretName: heat-etc
|
||||
+ defaultMode: 0444
|
||||
+ - name: heat-bin
|
||||
+ configMap:
|
||||
+ name: heat-bin
|
||||
+ defaultMode: 0555
|
||||
+{{ if $mounts_heat_purge_deleted.volumes }}{{ toYaml $mounts_heat_purge_deleted.volumes | indent 10 }}{{ end }}
|
||||
+{{- end }}
|
||||
diff --git a/heat/values.yaml b/heat/values.yaml
|
||||
index 5d37081..51a7b42 100644
|
||||
--- a/heat/values.yaml
|
||||
+++ b/heat/values.yaml
|
||||
@@ -55,6 +55,7 @@ images:
|
||||
heat_cloudwatch: docker.io/openstackhelm/heat:ocata
|
||||
heat_engine: docker.io/openstackhelm/heat:ocata
|
||||
heat_engine_cleaner: docker.io/openstackhelm/heat:ocata
|
||||
+ heat_purge_deleted: docker.io/openstackhelm/heat:ocata
|
||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
pull_policy: "IfNotPresent"
|
||||
@@ -70,6 +71,12 @@ jobs:
|
||||
history:
|
||||
success: 3
|
||||
failed: 1
|
||||
+
|
||||
+ purge_deleted:
|
||||
+ cron: "20 */24 * * *"
|
||||
+ history:
|
||||
+ success: 3
|
||||
+ failed: 1
|
||||
|
||||
conf:
|
||||
rally_tests:
|
||||
@@ -677,6 +684,20 @@ dependencies:
|
||||
service: oslo_messaging
|
||||
- endpoint: internal
|
||||
service: identity
|
||||
+ purge_deleted:
|
||||
+ jobs:
|
||||
+ - heat-db-sync
|
||||
+ - heat-ks-user
|
||||
+ - heat-trustee-ks-user
|
||||
+ - heat-domain-ks-user
|
||||
+ - heat-ks-endpoints
|
||||
+ services:
|
||||
+ - endpoint: internal
|
||||
+ service: oslo_db
|
||||
+ - endpoint: internal
|
||||
+ service: oslo_messaging
|
||||
+ - endpoint: internal
|
||||
+ service: identity
|
||||
ks_endpoints:
|
||||
jobs:
|
||||
- heat-ks-service
|
||||
@@ -968,6 +989,9 @@ pod:
|
||||
heat_engine_cleaner:
|
||||
init_container: null
|
||||
heat_engine_cleaner:
|
||||
+ heat_purge_deleted:
|
||||
+ init_container: null
|
||||
+ heat_purge_deleted:
|
||||
heat_tests:
|
||||
init_container: null
|
||||
heat_tests:
|
||||
@@ -1108,6 +1132,13 @@ pod:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
+ purge_deleted:
|
||||
+ requests:
|
||||
+ memory: "124Mi"
|
||||
+ cpu: "100m"
|
||||
+ limits:
|
||||
+ memory: "1024Mi"
|
||||
+ cpu: "2000m"
|
||||
image_repo_sync:
|
||||
requests:
|
||||
memory: "128Mi"
|
||||
@@ -1143,6 +1174,7 @@ manifests:
|
||||
configmap_bin: true
|
||||
configmap_etc: true
|
||||
cron_job_engine_cleaner: true
|
||||
+ cron_job_purge_deleted: true
|
||||
deployment_api: true
|
||||
deployment_cfn: true
|
||||
deployment_cloudwatch: false
|
||||
--
|
||||
1.8.3.1
|
||||
|
@ -0,0 +1,65 @@
|
||||
From 64b22037b53e6423c465367c26a6d7255768ae17 Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Wed, 27 Mar 2019 00:35:57 -0400
|
||||
Subject: [PATCH 05/10] Nova console/ip address search optionality
|
||||
|
||||
Add options to nova to enable/disable the use of:
|
||||
1. the vnc or spice server proxyclient address found by the console
|
||||
compute init container
|
||||
2. my_ip hypervisor address found by compute init container
|
||||
|
||||
These options can be used to prevent cases where the found addresses
|
||||
overwrite what has already been defined in nova.conf by per host nova
|
||||
compute daemonset overrides.
|
||||
|
||||
Story: 2005259
|
||||
Task: 30066
|
||||
Change-Id: Idf490f8b19dcd1e71a9b5fa8934461f1198a8af8
|
||||
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
(cherry picked from commit f5e8ad20e35b770e5967f75f6f93f0a4dc6e3b41)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
nova/templates/bin/_nova-compute.sh.tpl | 6 +++++-
|
||||
nova/values.yaml | 2 ++
|
||||
2 files changed, 7 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/nova/templates/bin/_nova-compute.sh.tpl b/nova/templates/bin/_nova-compute.sh.tpl
|
||||
index c80da6d6..4927908a 100644
|
||||
--- a/nova/templates/bin/_nova-compute.sh.tpl
|
||||
+++ b/nova/templates/bin/_nova-compute.sh.tpl
|
||||
@@ -20,6 +20,10 @@ set -ex
|
||||
|
||||
exec nova-compute \
|
||||
--config-file /etc/nova/nova.conf \
|
||||
+{{- if .Values.console.address_search_enabled }}
|
||||
--config-file /tmp/pod-shared/nova-console.conf \
|
||||
+{{- end }}
|
||||
--config-file /tmp/pod-shared/nova-libvirt.conf \
|
||||
- --config-file /tmp/pod-shared/nova-hypervisor.conf
|
||||
\ No newline at end of file
|
||||
+{{- if .Values.conf.hypervisor.address_search_enabled }}
|
||||
+ --config-file /tmp/pod-shared/nova-hypervisor.conf
|
||||
+{{- end }}
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 8599027a..0887cecc 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -440,6 +440,7 @@ console:
|
||||
vncproxy:
|
||||
# IF blank, search default routing interface
|
||||
vncserver_proxyclient_interface:
|
||||
+ address_search_enabled: true
|
||||
|
||||
ssh:
|
||||
key_types:
|
||||
@@ -1433,6 +1434,7 @@ conf:
|
||||
# If this option is set to None, the hostname of the migration target compute node will be used.
|
||||
live_migration_interface:
|
||||
hypervisor:
|
||||
+ address_search_enabled: true
|
||||
# my_ip can be set automatically through this interface name.
|
||||
host_interface:
|
||||
nova:
|
||||
--
|
||||
2.16.5
|
||||
|
@ -1,23 +1,33 @@
|
||||
From a69da80225eda187df707b7c1fc8ef1d2c1edb57 Mon Sep 17 00:00:00 2001
|
||||
From 4f6701c4cab07d9f54012e2a143173803f97ff3d Mon Sep 17 00:00:00 2001
|
||||
From: Irina Mihai <irina.mihai@windriver.com>
|
||||
Date: Fri, 15 Feb 2019 11:06:49 -0500
|
||||
Subject: [PATCH] Add support for ephemeral pool creation
|
||||
Date: Tue, 26 Feb 2019 17:43:53 +0000
|
||||
Subject: [PATCH 06/10] Nova chart: Support ephemeral pool creation
|
||||
|
||||
If libvirt images_type is rbd, then we need to have the
|
||||
images_rbd_pool present. These changes add a new job
|
||||
to make sure this pool exists.
|
||||
|
||||
Change-Id: Iee307cb54384d1c4583d00a8d28f7b1a0676d7d8
|
||||
Story: 2004922
|
||||
Task: 29285
|
||||
Signed-off-by: Irina Mihai <irina.mihai@windriver.com>
|
||||
(cherry picked from commit 0afcb0b37cdcf57436e44867bac9242d8684ce81)
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
nova/templates/bin/_nova-storage-init.sh.tpl | 73 +++++++++++++++
|
||||
nova/templates/configmap-bin.yaml | 2 +
|
||||
nova/templates/job-storage-init.yaml | 154 ++++++++++++++++++++++++++++++++
|
||||
nova/templates/bin/_nova-storage-init.sh.tpl | 75 +++++++++++++
|
||||
nova/templates/configmap-bin.yaml | 4 +-
|
||||
nova/templates/job-storage-init.yaml | 155 +++++++++++++++++++++++++++
|
||||
nova/values.yaml | 18 ++++
|
||||
4 files changed, 247 insertions(+)
|
||||
4 files changed, 251 insertions(+), 1 deletion(-)
|
||||
create mode 100644 nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
create mode 100644 nova/templates/job-storage-init.yaml
|
||||
|
||||
diff --git a/nova/templates/bin/_nova-storage-init.sh.tpl b/nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
new file mode 100644
|
||||
index 0000000..571cce5
|
||||
index 00000000..f79fcff0
|
||||
--- /dev/null
|
||||
+++ b/nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
@@ -0,0 +1,73 @@
|
||||
@@ -0,0 +1,75 @@
|
||||
+#!/bin/bash
|
||||
+
|
||||
+{{/*
|
||||
@ -63,17 +73,19 @@ index 0000000..571cce5
|
||||
+ }
|
||||
+ ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "nova-ephemeral"
|
||||
+
|
||||
+ # TODO: Rework this part for the nova/glance/cinder charts to preserve this
|
||||
+ # on the next chart rebase to latest if the ceph mimic rebase isn't complete.
|
||||
+ if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
|
||||
+ KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
|
||||
+ echo $KEYSTR > ${KEYRING}
|
||||
+ echo "Cephx user client.${RBD_POOL_USER} already exist."
|
||||
+ echo "Update its cephx caps"
|
||||
+ ceph auth caps client.${RBD_POOL_USER} \
|
||||
+ mon "profile rbd" \
|
||||
+ osd "profile rbd"
|
||||
+ ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
|
||||
+ else
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
+ # NOTE: Restrict Nova permissions to what is needed.
|
||||
+ # MON Read only and RBD access to the Nova ephemeral pool only.
|
||||
+ ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
+ mon "profile rbd" \
|
||||
+ osd "profile rbd" \
|
||||
+ -o ${KEYRING}
|
||||
+ fi
|
||||
+
|
||||
@ -92,10 +104,17 @@ index 0000000..571cce5
|
||||
+fi
|
||||
+
|
||||
diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml
|
||||
index e422b62..97b4c57 100755
|
||||
index c58b90bd..268434fd 100644
|
||||
--- a/nova/templates/configmap-bin.yaml
|
||||
+++ b/nova/templates/configmap-bin.yaml
|
||||
@@ -81,6 +81,8 @@ data:
|
||||
@@ -1,5 +1,5 @@
|
||||
{{/*
|
||||
-Copyright 2017 The Openstack-Helm Authors.
|
||||
+Copyright 2017-2019 The Openstack-Helm Authors.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
@@ -83,6 +83,8 @@ data:
|
||||
{{ tuple "bin/_nova-console-proxy-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
nova-console-proxy-init-assets.sh: |
|
||||
{{ tuple "bin/_nova-console-proxy-init-assets.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||
@ -106,10 +125,10 @@ index e422b62..97b4c57 100755
|
||||
cell-setup.sh: |
|
||||
diff --git a/nova/templates/job-storage-init.yaml b/nova/templates/job-storage-init.yaml
|
||||
new file mode 100644
|
||||
index 0000000..60f8c2d
|
||||
index 00000000..7d057fb9
|
||||
--- /dev/null
|
||||
+++ b/nova/templates/job-storage-init.yaml
|
||||
@@ -0,0 +1,154 @@
|
||||
@@ -0,0 +1,155 @@
|
||||
+{{/*
|
||||
+Copyright 2019 The Openstack-Helm Authors.
|
||||
+
|
||||
@ -176,7 +195,7 @@ index 0000000..60f8c2d
|
||||
+ {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
||||
+ initContainers:
|
||||
+{{ tuple $envAll "storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||
+ {{ if .Values.conf.ceph.enabled }}
|
||||
+ {{ if or .Values.conf.ceph.enabled }}
|
||||
+ - name: ceph-keyring-placement
|
||||
+{{ tuple $envAll "nova_storage_init" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
+ securityContext:
|
||||
@ -230,7 +249,7 @@ index 0000000..60f8c2d
|
||||
+ mountPath: /tmp/nova-storage-init.sh
|
||||
+ subPath: nova-storage-init.sh
|
||||
+ readOnly: true
|
||||
+ {{ if $envAll.Values.conf.ceph.enabled }}
|
||||
+ {{ if or $envAll.Values.conf.ceph.enabled }}
|
||||
+ - name: etcceph
|
||||
+ mountPath: /etc/ceph
|
||||
+ - name: ceph-etc
|
||||
@ -250,7 +269,7 @@ index 0000000..60f8c2d
|
||||
+ configMap:
|
||||
+ name: nova-bin
|
||||
+ defaultMode: 0555
|
||||
+ {{ if .Values.conf.ceph.enabled }}
|
||||
+ {{ if or .Values.conf.ceph.enabled }}
|
||||
+ - name: etcceph
|
||||
+ emptyDir: {}
|
||||
+ - name: ceph-etc
|
||||
@ -264,19 +283,20 @@ index 0000000..60f8c2d
|
||||
+ {{- end }}
|
||||
+ {{- end }}
|
||||
+{{- end }}
|
||||
+
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 4edf5c6..179fb29 100755
|
||||
index 0887cecc..7245cf82 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -87,6 +87,7 @@ images:
|
||||
nova_service_cleaner: 'docker.io/port/ceph-config-helper:v1.10.3'
|
||||
nova_spiceproxy: docker.io/openstackhelm/nova:ocata
|
||||
nova_spiceproxy_assets: 'docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:ocata'
|
||||
+ nova_storage_init: 192.168.204.2:9001/docker.io/port/ceph-config-helper:v1.10.3
|
||||
test: 'docker.io/kolla/ubuntu-source-rally:4.0.0'
|
||||
+ nova_storage_init: 'docker.io/port/ceph-config-helper:v1.10.3'
|
||||
test: docker.io/xrally/xrally-openstack:1.3.0
|
||||
image_repo_sync: docker.io/docker:17.07.0
|
||||
local_registry:
|
||||
@@ -459,6 +460,14 @@ conf:
|
||||
@@ -461,6 +462,14 @@ conf:
|
||||
user: "cinder"
|
||||
keyring: null
|
||||
secret_uuid: 457eb676-33da-42ec-9a8c-9293d545c337
|
||||
@ -286,12 +306,12 @@ index 4edf5c6..179fb29 100755
|
||||
+ - rbd_pool_name: ephemeral
|
||||
+ rbd_user: ephemeral
|
||||
+ rbd_crush_rule: 0
|
||||
+ rbd_replication: 2
|
||||
+ rbd_replication: 3
|
||||
+ rbd_chunk_size: 64
|
||||
ssh: |
|
||||
Host *
|
||||
StrictHostKeyChecking no
|
||||
@@ -1666,6 +1675,7 @@ secrets:
|
||||
@@ -1625,6 +1634,7 @@ secrets:
|
||||
placement:
|
||||
placement:
|
||||
public: placement-tls-public
|
||||
@ -313,7 +333,7 @@ index 4edf5c6..179fb29 100755
|
||||
|
||||
network_policy:
|
||||
nova:
|
||||
@@ -2282,6 +2299,7 @@ manifests:
|
||||
@@ -2302,6 +2319,7 @@ manifests:
|
||||
job_ks_placement_service: true
|
||||
job_ks_placement_user: true
|
||||
job_cell_setup: true
|
||||
@ -322,5 +342,5 @@ index 4edf5c6..179fb29 100755
|
||||
pdb_placement: true
|
||||
pdb_osapi: true
|
||||
--
|
||||
2.7.4
|
||||
2.16.5
|
||||
|
@ -1,55 +0,0 @@
|
||||
From 5480584be125316f3ce325fd1d0e9b4022db5c69 Mon Sep 17 00:00:00 2001
|
||||
From: Irina Mihai <irina.mihai@windriver.com>
|
||||
Date: Fri, 1 Feb 2019 16:02:46 -0500
|
||||
Subject: [PATCH] Add replication support for the images rbd pool
|
||||
|
||||
---
|
||||
glance/templates/bin/_storage-init.sh.tpl | 2 ++
|
||||
glance/templates/job-storage-init.yaml | 4 ++++
|
||||
glance/values.yaml | 2 ++
|
||||
3 files changed, 8 insertions(+)
|
||||
|
||||
diff --git a/glance/templates/bin/_storage-init.sh.tpl b/glance/templates/bin/_storage-init.sh.tpl
|
||||
index 4082c52..e6bd188 100755
|
||||
--- a/glance/templates/bin/_storage-init.sh.tpl
|
||||
+++ b/glance/templates/bin/_storage-init.sh.tpl
|
||||
@@ -47,6 +47,8 @@ elif [ "x$STORAGE_BACKEND" == "xrbd" ]; then
|
||||
if [[ ${test_luminous} -gt 0 ]]; then
|
||||
ceph osd pool application enable "$1" "$3"
|
||||
fi
|
||||
+ ceph osd pool set $1 size ${RBD_POOL_REPLICATION}
|
||||
+ ceph osd pool set $1 crush_rule "${RBD_POOL_CRUSH_RULE}"
|
||||
}
|
||||
ensure_pool "${RBD_POOL_NAME}" "${RBD_POOL_CHUNK_SIZE}" "glance-image"
|
||||
|
||||
diff --git a/glance/templates/job-storage-init.yaml b/glance/templates/job-storage-init.yaml
|
||||
index 9d95627..c0cd186 100755
|
||||
--- a/glance/templates/job-storage-init.yaml
|
||||
+++ b/glance/templates/job-storage-init.yaml
|
||||
@@ -103,6 +103,10 @@ spec:
|
||||
value: {{ .Values.conf.glance.glance_store.rbd_store_pool | quote }}
|
||||
- name: RBD_POOL_USER
|
||||
value: {{ .Values.conf.glance.glance_store.rbd_store_user | quote }}
|
||||
+ - name: RBD_POOL_REPLICATION
|
||||
+ value: {{ .Values.conf.glance.glance_store.rbd_store_replication | quote }}
|
||||
+ - name: RBD_POOL_CRUSH_RULE
|
||||
+ value: {{ .Values.conf.glance.glance_store.rbd_store_crush_rule | quote }}
|
||||
- name: RBD_POOL_CHUNK_SIZE
|
||||
value: {{ .Values.conf.glance.glance_store.rbd_store_chunk_size | quote }}
|
||||
- name: RBD_POOL_SECRET
|
||||
diff --git a/glance/values.yaml b/glance/values.yaml
|
||||
index 5ae9863..4d482d1 100755
|
||||
--- a/glance/values.yaml
|
||||
+++ b/glance/values.yaml
|
||||
@@ -268,6 +268,8 @@ conf:
|
||||
memcache_security_strategy: ENCRYPT
|
||||
glance_store:
|
||||
rbd_store_chunk_size: 8
|
||||
+ rbd_store_replication: 1
|
||||
+ rbd_store_crush_rule: replicated_rule
|
||||
rbd_store_pool: glance.images
|
||||
rbd_store_user: glance
|
||||
rbd_store_ceph_conf: /etc/ceph/ceph.conf
|
||||
--
|
||||
2.7.4
|
||||
|
@ -0,0 +1,30 @@
|
||||
From 8fc7a67eb359d1dfe67b63bc2636386b76071891 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 22 Mar 2019 03:29:26 -0400
|
||||
Subject: [PATCH 07/10] Horizon: Disable apache2 status_module
|
||||
|
||||
a2dismod is not present in the StarlingX httpd based images. Try
|
||||
a2dismod first, then fail back to using sed to remove the module.
|
||||
|
||||
Change-Id: Ic2e8626a4d198d2f153d9bd94f07de42b55e81b6
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
horizon/templates/bin/_horizon.sh.tpl | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/horizon/templates/bin/_horizon.sh.tpl b/horizon/templates/bin/_horizon.sh.tpl
|
||||
index dec000f3..55a2c629 100644
|
||||
--- a/horizon/templates/bin/_horizon.sh.tpl
|
||||
+++ b/horizon/templates/bin/_horizon.sh.tpl
|
||||
@@ -28,7 +28,7 @@ function start () {
|
||||
chown -R horizon ${SITE_PACKAGES_ROOT}/openstack_dashboard/local/
|
||||
|
||||
a2enmod rewrite
|
||||
- a2dismod status
|
||||
+ a2dismod status || sed -i 's/LoadModule status_module/#LoadModule status_module/' /etc/httpd/conf.modules.d/00-base.conf
|
||||
|
||||
if [ -f /etc/apache2/envvars ]; then
|
||||
# Loading Apache2 ENV variables
|
||||
--
|
||||
2.16.5
|
||||
|
@ -1,27 +0,0 @@
|
||||
From dc57c567018f8ab2c11bd7dd426cb1176d35e7db Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 11 Jan 2019 16:57:44 -0500
|
||||
Subject: [PATCH 6/8] Stein: Remove ceilometer-upgrade option
|
||||
|
||||
This removes the --skip-metering-database option from _db-sync.sh.tpl.
|
||||
This option was removed with the deprecated storage drivers in
|
||||
Queens.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
ceilometer/templates/bin/_db-sync.sh.tpl | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/ceilometer/templates/bin/_db-sync.sh.tpl b/ceilometer/templates/bin/_db-sync.sh.tpl
|
||||
index ba7c1d84..d649654b 100644
|
||||
--- a/ceilometer/templates/bin/_db-sync.sh.tpl
|
||||
+++ b/ceilometer/templates/bin/_db-sync.sh.tpl
|
||||
@@ -18,4 +18,4 @@ limitations under the License.
|
||||
|
||||
set -ex
|
||||
|
||||
-exec ceilometer-upgrade --skip-metering-database
|
||||
+exec ceilometer-upgrade
|
||||
--
|
||||
2.16.5
|
||||
|
224
openstack-helm/files/0008-Neutron-Add-support-for-disabling-Readiness-Liveness.patch
Normal file
224
openstack-helm/files/0008-Neutron-Add-support-for-disabling-Readiness-Liveness.patch
Normal file
@ -0,0 +1,224 @@
|
||||
From 615b86e8f394f1648e5c2383364cd46230290182 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 22 Mar 2019 03:37:05 -0400
|
||||
Subject: [PATCH 08/10] Neutron: Add support for disabling Readiness/Liveness
|
||||
probes
|
||||
|
||||
With the introduction of Readiness/Liveness probes in
|
||||
Ib99ceaabbad1d1e0faf34cc74314da9aa688fa0a, some probes are failing and
|
||||
preventing successful armada manifest applies.
|
||||
|
||||
Add support to disable the probes.
|
||||
|
||||
Change-Id: I61379a5e00de4311c02c3f64cbe7c7345a9b3569
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
neutron/templates/daemonset-dhcp-agent.yaml | 4 ++++
|
||||
neutron/templates/daemonset-l3-agent.yaml | 4 ++++
|
||||
neutron/templates/daemonset-lb-agent.yaml | 4 ++++
|
||||
neutron/templates/daemonset-metadata-agent.yaml | 4 ++++
|
||||
neutron/templates/daemonset-ovs-agent.yaml | 4 ++++
|
||||
neutron/templates/daemonset-sriov-agent.yaml | 4 ++++
|
||||
neutron/values.yaml | 27 +++++++++++++++++++++++++
|
||||
7 files changed, 51 insertions(+)
|
||||
|
||||
diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml
|
||||
index 49866f2a..6e1d2928 100644
|
||||
--- a/neutron/templates/daemonset-dhcp-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-dhcp-agent.yaml
|
||||
@@ -66,6 +66,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.agent.dhcp | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
+ {{- if .Values.pod.probes.readiness.dhcp_agent.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -80,6 +81,8 @@ spec:
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 15
|
||||
timeoutSeconds: 65
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.dhcp_agent.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -95,6 +98,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/neutron-dhcp-agent.sh
|
||||
volumeMounts:
|
||||
diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml
|
||||
index 5e0ec194..29e0f3f7 100644
|
||||
--- a/neutron/templates/daemonset-l3-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-l3-agent.yaml
|
||||
@@ -66,6 +66,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.agent.l3 | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
+ {{- if .Values.pod.probes.readiness.l3_agent.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -80,6 +81,8 @@ spec:
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 15
|
||||
timeoutSeconds: 65
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.l3_agent.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -95,6 +98,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/neutron-l3-agent.sh
|
||||
volumeMounts:
|
||||
diff --git a/neutron/templates/daemonset-lb-agent.yaml b/neutron/templates/daemonset-lb-agent.yaml
|
||||
index c2b432f7..685893d5 100644
|
||||
--- a/neutron/templates/daemonset-lb-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-lb-agent.yaml
|
||||
@@ -140,12 +140,16 @@ spec:
|
||||
privileged: true
|
||||
command:
|
||||
- /tmp/neutron-linuxbridge-agent.sh
|
||||
+ {{- if .Values.pod.probes.readiness.lb_agent.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
- bash
|
||||
- -c
|
||||
- 'brctl show'
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.lb_agent.enabled }}
|
||||
+ {{- end }}
|
||||
volumeMounts:
|
||||
- name: neutron-bin
|
||||
mountPath: /tmp/neutron-linuxbridge-agent.sh
|
||||
diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml
|
||||
index 8e92a675..fba132ed 100644
|
||||
--- a/neutron/templates/daemonset-metadata-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-metadata-agent.yaml
|
||||
@@ -87,6 +87,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.agent.metadata | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
privileged: true
|
||||
+ {{- if .Values.pod.probes.readiness.metadata_agent.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -99,6 +100,8 @@ spec:
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 15
|
||||
timeoutSeconds: 35
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.metadata_agent.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -112,6 +115,7 @@ spec:
|
||||
initialDelaySeconds: 90
|
||||
periodSeconds: 60
|
||||
timeoutSeconds: 45
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/neutron-metadata-agent.sh
|
||||
volumeMounts:
|
||||
diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
index 56061e63..69ee1c2c 100644
|
||||
--- a/neutron/templates/daemonset-ovs-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
@@ -154,6 +154,7 @@ spec:
|
||||
privileged: true
|
||||
command:
|
||||
- /tmp/neutron-openvswitch-agent.sh
|
||||
+ {{- if .Values.pod.probes.readiness.ovs_agent.enabled }}
|
||||
# ensures this container can can see a br-int
|
||||
# bridge before its marked as ready
|
||||
readinessProbe:
|
||||
@@ -162,6 +163,8 @@ spec:
|
||||
- bash
|
||||
- -c
|
||||
- 'ovs-vsctl list-br | grep -q br-int'
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.ovs_agent.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -177,6 +180,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
volumeMounts:
|
||||
- name: neutron-bin
|
||||
mountPath: /tmp/neutron-openvswitch-agent.sh
|
||||
diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml
|
||||
index a59e4100..c03b3668 100644
|
||||
--- a/neutron/templates/daemonset-sriov-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-sriov-agent.yaml
|
||||
@@ -129,6 +129,7 @@ spec:
|
||||
privileged: true
|
||||
command:
|
||||
- /tmp/neutron-sriov-agent.sh
|
||||
+ {{- if .Values.pod.probes.readiness.sriov_agent.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -141,6 +142,9 @@ spec:
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 15
|
||||
timeoutSeconds: 10
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.sriov_agent.enabled }}
|
||||
+ {{- end }}
|
||||
volumeMounts:
|
||||
- name: neutron-bin
|
||||
mountPath: /tmp/neutron-sriov-agent.sh
|
||||
diff --git a/neutron/values.yaml b/neutron/values.yaml
|
||||
index 5ab4ca12..1cc67b94 100644
|
||||
--- a/neutron/values.yaml
|
||||
+++ b/neutron/values.yaml
|
||||
@@ -520,6 +520,33 @@ pod:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
+ probes:
|
||||
+ readiness:
|
||||
+ dhcp_agent:
|
||||
+ enabled: true
|
||||
+ l3_agent:
|
||||
+ enabled: true
|
||||
+ lb_agent:
|
||||
+ enabled: true
|
||||
+ metadata_agent:
|
||||
+ enabled: true
|
||||
+ ovs_agent:
|
||||
+ enabled: true
|
||||
+ sriov_agent:
|
||||
+ enabled: true
|
||||
+ liveness:
|
||||
+ dhcp_agent:
|
||||
+ enabled: true
|
||||
+ l3_agent:
|
||||
+ enabled: true
|
||||
+ lb_agent:
|
||||
+ enabled: true
|
||||
+ metadata_agent:
|
||||
+ enabled: true
|
||||
+ ovs_agent:
|
||||
+ enabled: true
|
||||
+ sriov_agent:
|
||||
+ enabled: true
|
||||
|
||||
conf:
|
||||
rally_tests:
|
||||
--
|
||||
2.16.5
|
||||
|
@ -1,99 +0,0 @@
|
||||
From 26dc954e697b365ff8bca6a0f862f1053ed25648 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 11 Jan 2019 17:23:44 -0500
|
||||
Subject: [PATCH 7/7] Stein: Update Cinder to include resource_filters.json
|
||||
|
||||
During Stein the deprecated query_volume_filters config option was
|
||||
removed. As a result, /etc/cinder/resource_filters.json is required to
|
||||
allow volume display operations to function.
|
||||
|
||||
This adds the file to the configmap and provides the default values for
|
||||
the filters.
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
cinder/templates/configmap-etc.yaml | 1 +
|
||||
cinder/templates/deployment-api.yaml | 4 ++++
|
||||
cinder/values.yaml | 39 ++++++++++++++++++++++++++++++++++++
|
||||
3 files changed, 44 insertions(+)
|
||||
|
||||
diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml
|
||||
index 88d9fa07..5ed73db6 100644
|
||||
--- a/cinder/templates/configmap-etc.yaml
|
||||
+++ b/cinder/templates/configmap-etc.yaml
|
||||
@@ -121,6 +121,7 @@ data:
|
||||
policy.json: {{ toJson .Values.conf.policy | b64enc }}
|
||||
cinder_sudoers: {{ $envAll.Values.conf.cinder_sudoers | b64enc }}
|
||||
rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
|
||||
+ resource_filters.json: {{ toJson .Values.conf.resource_filters | b64enc }}
|
||||
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
|
||||
{{- $filePrefix := replace "_" "-" $key }}
|
||||
{{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}
|
||||
diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
|
||||
index 9213d34f..82131579 100644
|
||||
--- a/cinder/templates/deployment-api.yaml
|
||||
+++ b/cinder/templates/deployment-api.yaml
|
||||
@@ -109,6 +109,10 @@ spec:
|
||||
mountPath: /etc/cinder/policy.json
|
||||
subPath: policy.json
|
||||
readOnly: true
|
||||
+ - name: cinder-etc
|
||||
+ mountPath: /etc/cinder/resource_filters.json
|
||||
+ subPath: resource_filters.json
|
||||
+ readOnly: true
|
||||
{{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }}
|
||||
- name: cinder-coordination
|
||||
mountPath: {{ ( split "://" .Values.conf.cinder.coordination.backend_url )._1 }}
|
||||
diff --git a/cinder/values.yaml b/cinder/values.yaml
|
||||
index cd3eb1a2..e79f8f6f 100644
|
||||
--- a/cinder/values.yaml
|
||||
+++ b/cinder/values.yaml
|
||||
@@ -865,6 +865,45 @@ conf:
|
||||
sla:
|
||||
failure_rate:
|
||||
max: 0
|
||||
+ resource_filters:
|
||||
+ volume:
|
||||
+ - name
|
||||
+ - status
|
||||
+ - metadata
|
||||
+ - bootable
|
||||
+ - migration_status
|
||||
+ - availability_zone
|
||||
+ - group_id
|
||||
+ backup:
|
||||
+ - name
|
||||
+ - status
|
||||
+ - volume_id
|
||||
+ snapshot:
|
||||
+ - name
|
||||
+ - status
|
||||
+ - volume_id
|
||||
+ - metadata
|
||||
+ - availability_zone
|
||||
+ group: []
|
||||
+ group_snapshot:
|
||||
+ - status
|
||||
+ - group_id
|
||||
+ attachment:
|
||||
+ - volume_id
|
||||
+ - status
|
||||
+ - instance_id
|
||||
+ - attach_status
|
||||
+ message:
|
||||
+ - resource_uuid
|
||||
+ - resource_type
|
||||
+ - event_id
|
||||
+ - request_id
|
||||
+ - message_level
|
||||
+ pool:
|
||||
+ - name
|
||||
+ - volume_type
|
||||
+ volume_type: []
|
||||
+
|
||||
|
||||
backup:
|
||||
external_ceph_rbd:
|
||||
--
|
||||
2.16.5
|
||||
|
227
openstack-helm/files/0009-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch
Normal file
227
openstack-helm/files/0009-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch
Normal file
@ -0,0 +1,227 @@
|
||||
From af94c98eee44769a2c1e8f211029f8346a13ebc2 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 22 Mar 2019 03:42:08 -0400
|
||||
Subject: [PATCH 09/10] Nova: Add support for disabling Readiness/Liveness
|
||||
probes
|
||||
|
||||
With the introduction of Readiness/Liveness probes in
|
||||
Ib8e4b93486588320fd2d562c3bc90b65844e52e5, some probes are failing and
|
||||
preventing successful armada manifest applies.
|
||||
|
||||
Add support to disable the probes.
|
||||
|
||||
Change-Id: Iebe7327055f58fa78ce3fcac968c1fa617c30c2f
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
nova/templates/daemonset-compute.yaml | 4 ++++
|
||||
nova/templates/deployment-conductor.yaml | 4 ++++
|
||||
nova/templates/deployment-consoleauth.yaml | 4 ++++
|
||||
nova/templates/deployment-novncproxy.yaml | 4 ++++
|
||||
nova/templates/deployment-scheduler.yaml | 4 ++++
|
||||
nova/templates/deployment-spiceproxy.yaml | 4 ++++
|
||||
nova/values.yaml | 27 +++++++++++++++++++++++++++
|
||||
7 files changed, 51 insertions(+)
|
||||
|
||||
diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml
|
||||
index 4a7b90b5..f508b963 100644
|
||||
--- a/nova/templates/daemonset-compute.yaml
|
||||
+++ b/nova/templates/daemonset-compute.yaml
|
||||
@@ -181,6 +181,7 @@ spec:
|
||||
- name: LIBVIRT_CEPH_SECRET_UUID
|
||||
value: "{{ .Values.conf.ceph.secret_uuid }}"
|
||||
{{ end }}
|
||||
+ {{- if .Values.pod.probes.readiness.nova_compute.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -193,6 +194,8 @@ spec:
|
||||
initialDelaySeconds: 80
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_compute.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -206,6 +209,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-compute.sh
|
||||
volumeMounts:
|
||||
diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml
|
||||
index 1e66e419..33d41097 100644
|
||||
--- a/nova/templates/deployment-conductor.yaml
|
||||
+++ b/nova/templates/deployment-conductor.yaml
|
||||
@@ -60,6 +60,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
+ {{- if .Values.pod.probes.readiness.nova_conductor.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -72,6 +73,8 @@ spec:
|
||||
initialDelaySeconds: 80
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_conductor.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -85,6 +88,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-conductor.sh
|
||||
volumeMounts:
|
||||
diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml
|
||||
index 75b66e79..31013eb7 100644
|
||||
--- a/nova/templates/deployment-consoleauth.yaml
|
||||
+++ b/nova/templates/deployment-consoleauth.yaml
|
||||
@@ -60,6 +60,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.consoleauth | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
+ {{- if .Values.pod.probes.readiness.nova_consoleauth.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -72,6 +73,8 @@ spec:
|
||||
initialDelaySeconds: 80
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_consoleauth.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -85,6 +88,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-consoleauth.sh
|
||||
volumeMounts:
|
||||
diff --git a/nova/templates/deployment-novncproxy.yaml b/nova/templates/deployment-novncproxy.yaml
|
||||
index cf9fda02..2611ba80 100644
|
||||
--- a/nova/templates/deployment-novncproxy.yaml
|
||||
+++ b/nova/templates/deployment-novncproxy.yaml
|
||||
@@ -94,14 +94,18 @@ spec:
|
||||
- name: nova-novncproxy
|
||||
{{ tuple $envAll "nova_novncproxy" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.novncproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
+ {{- if .Values.pod.probes.readiness.nova_novcnproxy.enabled }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "compute_novnc_proxy" "internal" "novnc_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 30
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_novcnproxy.enabled }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "compute_novnc_proxy" "internal" "novnc_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 30
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-console-proxy.sh
|
||||
ports:
|
||||
diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml
|
||||
index 9611d950..0350c47c 100644
|
||||
--- a/nova/templates/deployment-scheduler.yaml
|
||||
+++ b/nova/templates/deployment-scheduler.yaml
|
||||
@@ -60,6 +60,7 @@ spec:
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.scheduler | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
+ {{- if .Values.pod.probes.readiness.nova_scheduler.enabled }}
|
||||
readinessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -72,6 +73,8 @@ spec:
|
||||
initialDelaySeconds: 80
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_scheduler.enabled }}
|
||||
livenessProbe:
|
||||
exec:
|
||||
command:
|
||||
@@ -85,6 +88,7 @@ spec:
|
||||
initialDelaySeconds: 120
|
||||
periodSeconds: 90
|
||||
timeoutSeconds: 70
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-scheduler.sh
|
||||
volumeMounts:
|
||||
diff --git a/nova/templates/deployment-spiceproxy.yaml b/nova/templates/deployment-spiceproxy.yaml
|
||||
index 4507bde4..1b58ec98 100644
|
||||
--- a/nova/templates/deployment-spiceproxy.yaml
|
||||
+++ b/nova/templates/deployment-spiceproxy.yaml
|
||||
@@ -94,14 +94,18 @@ spec:
|
||||
- name: nova-spiceproxy
|
||||
{{ tuple $envAll "nova_spiceproxy" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.spiceproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
+ {{- if .Values.pod.probes.readiness.nova_spiceproxy.enabled }}
|
||||
readinessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "compute_spice_proxy" "internal" "spice_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 30
|
||||
+ {{- end }}
|
||||
+ {{- if .Values.pod.probes.liveness.nova_spiceproxy.enabled }}
|
||||
livenessProbe:
|
||||
tcpSocket:
|
||||
port: {{ tuple "compute_spice_proxy" "internal" "spice_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
|
||||
initialDelaySeconds: 30
|
||||
+ {{- end }}
|
||||
command:
|
||||
- /tmp/nova-console-proxy.sh
|
||||
ports:
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 7245cf82..433ec3af 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -2256,6 +2256,33 @@ pod:
|
||||
limits:
|
||||
memory: "1024Mi"
|
||||
cpu: "2000m"
|
||||
+ probes:
|
||||
+ readiness:
|
||||
+ nova_compute:
|
||||
+ enabled: true
|
||||
+ nova_conductor:
|
||||
+ enabled: true
|
||||
+ nova_consoleauth:
|
||||
+ enabled: true
|
||||
+ nova_novcnproxy:
|
||||
+ enabled: true
|
||||
+ nova_scheduler:
|
||||
+ enabled: true
|
||||
+ nova_spiceproxy:
|
||||
+ enabled: true
|
||||
+ liveness:
|
||||
+ nova_compute:
|
||||
+ enabled: true
|
||||
+ nova_conductor:
|
||||
+ enabled: true
|
||||
+ nova_consoleauth:
|
||||
+ enabled: true
|
||||
+ nova_novcnproxy:
|
||||
+ enabled: true
|
||||
+ nova_scheduler:
|
||||
+ enabled: true
|
||||
+ nova_spiceproxy:
|
||||
+ enabled: true
|
||||
|
||||
network_policy:
|
||||
nova:
|
||||
--
|
||||
2.16.5
|
||||
|
@ -1,38 +0,0 @@
|
||||
From 6f72ebe170db5364287f3634359739d3f0c1c987 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Tue, 15 Jan 2019 03:39:27 -0500
|
||||
Subject: [PATCH 8/8] Stein: add log_config_append to neutron-etc
|
||||
|
||||
neutron-sanity-check command triggers privsep code and produces the
|
||||
following:
|
||||
|
||||
WARNING oslo.privsep.daemon [-] privsep log:
|
||||
oslo_log.log.LogConfigError: Error loading logging config
|
||||
/etc/neutron/logging.conf: [Errno 2] No such file or directory:
|
||||
'/etc/neutron/logging.conf'
|
||||
|
||||
This will allow ovs-agent to successfully deploy
|
||||
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
neutron/templates/daemonset-ovs-agent.yaml | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
index 34aba253..af765bd7 100644
|
||||
--- a/neutron/templates/daemonset-ovs-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
@@ -95,6 +95,10 @@ spec:
|
||||
subPath: neutron.conf
|
||||
readOnly: true
|
||||
- name: neutron-etc
|
||||
+ mountPath: {{ .Values.conf.neutron.DEFAULT.log_config_append }}
|
||||
+ subPath: {{ base .Values.conf.neutron.DEFAULT.log_config_append }}
|
||||
+ readOnly: true
|
||||
+ - name: neutron-etc
|
||||
mountPath: /etc/neutron/plugins/ml2/ml2_conf.ini
|
||||
subPath: ml2_conf.ini
|
||||
readOnly: true
|
||||
--
|
||||
2.16.5
|
||||
|
@ -0,0 +1,176 @@
|
||||
From c7ba07e6148f62b912e36a4efba5ae296ed64217 Mon Sep 17 00:00:00 2001
|
||||
From: Robert Church <robert.church@windriver.com>
|
||||
Date: Fri, 22 Mar 2019 03:45:02 -0400
|
||||
Subject: [PATCH 10/10] Enable Ceph Jewel support for nova/cinder/glance
|
||||
|
||||
Current upstream charts align to Ceph Luminous/Mimic. Revert
|
||||
functionality that is not present in Jewel.
|
||||
|
||||
Drop this after the Ceph rebase to Mimic is complete.
|
||||
|
||||
Change-Id: I44f9a69927ecdbe4f5bfef17183b2345814ce534
|
||||
Signed-off-by: Robert Church <robert.church@windriver.com>
|
||||
---
|
||||
cinder/templates/bin/_backup-storage-init.sh.tpl | 14 ++++++--------
|
||||
cinder/templates/bin/_storage-init.sh.tpl | 15 ++++++---------
|
||||
glance/templates/bin/_storage-init.sh.tpl | 15 ++++++---------
|
||||
nova/templates/bin/_ceph-keyring.sh.tpl | 22 +++++-----------------
|
||||
nova/templates/bin/_nova-storage-init.sh.tpl | 22 ++++++++++------------
|
||||
5 files changed, 33 insertions(+), 55 deletions(-)
|
||||
|
||||
diff --git a/cinder/templates/bin/_backup-storage-init.sh.tpl b/cinder/templates/bin/_backup-storage-init.sh.tpl
|
||||
index 52c8e6bf..d81bcce2 100644
|
||||
--- a/cinder/templates/bin/_backup-storage-init.sh.tpl
|
||||
+++ b/cinder/templates/bin/_backup-storage-init.sh.tpl
|
||||
@@ -47,16 +47,14 @@ elif [ "x$STORAGE_BACKEND" == "xcinder.backup.drivers.ceph" ]; then
|
||||
ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "cinder-backup"
|
||||
|
||||
if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
|
||||
- echo "Cephx user client.${RBD_POOL_USER} already exists"
|
||||
- echo "Update its cephx caps"
|
||||
- ceph auth caps client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd pool=${RBD_POOL_NAME}"
|
||||
- ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
|
||||
+ KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
|
||||
+ echo $KEYSTR > ${KEYRING}
|
||||
else
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd pool=${RBD_POOL_NAME}" \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
-o ${KEYRING}
|
||||
fi
|
||||
|
||||
diff --git a/cinder/templates/bin/_storage-init.sh.tpl b/cinder/templates/bin/_storage-init.sh.tpl
|
||||
index 9288ec5f..62aedf78 100644
|
||||
--- a/cinder/templates/bin/_storage-init.sh.tpl
|
||||
+++ b/cinder/templates/bin/_storage-init.sh.tpl
|
||||
@@ -44,17 +44,14 @@ if [ "x$STORAGE_BACKEND" == "xcinder.volume.drivers.rbd.RBDDriver" ]; then
|
||||
ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "cinder-volume"
|
||||
|
||||
if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
|
||||
- echo "Cephx user client.${RBD_POOL_USER} already exist."
|
||||
- echo "Update its cephx caps"
|
||||
- ceph auth caps client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd"
|
||||
- ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
|
||||
+ KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
|
||||
+ echo $KEYSTR > ${KEYRING}
|
||||
else
|
||||
- #NOTE(JCL): Restrict Cinder permissions to what is needed. MON Read only and RBD access to Cinder pool only.
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd" \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
-o ${KEYRING}
|
||||
fi
|
||||
|
||||
diff --git a/glance/templates/bin/_storage-init.sh.tpl b/glance/templates/bin/_storage-init.sh.tpl
|
||||
index 5a9572fa..feec7588 100644
|
||||
--- a/glance/templates/bin/_storage-init.sh.tpl
|
||||
+++ b/glance/templates/bin/_storage-init.sh.tpl
|
||||
@@ -53,17 +53,14 @@ elif [ "x$STORAGE_BACKEND" == "xrbd" ]; then
|
||||
ensure_pool "${RBD_POOL_NAME}" "${RBD_POOL_CHUNK_SIZE}" "glance-image"
|
||||
|
||||
if USERINFO=$(ceph auth get "client.${RBD_POOL_USER}"); then
|
||||
- echo "Cephx user client.${RBD_POOL_USER} already exist."
|
||||
- echo "Update its cephx caps"
|
||||
- ceph auth caps client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd pool=${RBD_POOL_NAME}"
|
||||
- ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
|
||||
+ KEYSTR=$(echo "${USERINFO}" | sed 's/.*\( key = .*\) caps mon.*/\1/')
|
||||
+ echo "${KEYSTR}" > "${KEYRING}"
|
||||
else
|
||||
- #NOTE(JCL): Restrict Glance user to only what is needed. MON Read only and RBD access to the Glance Pool
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create "client.${RBD_POOL_USER}" \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd pool=${RBD_POOL_NAME}" \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
-o "${KEYRING}"
|
||||
fi
|
||||
|
||||
diff --git a/nova/templates/bin/_ceph-keyring.sh.tpl b/nova/templates/bin/_ceph-keyring.sh.tpl
|
||||
index 4af83a48..68e37828 100644
|
||||
--- a/nova/templates/bin/_ceph-keyring.sh.tpl
|
||||
+++ b/nova/templates/bin/_ceph-keyring.sh.tpl
|
||||
@@ -29,25 +29,13 @@ cat > ${KEYRING} <<EOF
|
||||
EOF
|
||||
{{- else }}
|
||||
if ! [ "x${CEPH_CINDER_USER}" == "xadmin" ]; then
|
||||
- #
|
||||
- # If user is not client.admin, check if it already exists. If not create
|
||||
- # the user. If the cephx user does not exist make sure the caps are set
|
||||
- # according to best practices
|
||||
- #
|
||||
- if USERINFO=$(ceph auth get client.${CEPH_CINDER_USER}); then
|
||||
- echo "Cephx user client.${CEPH_CINDER_USER} already exist"
|
||||
- echo "Update user client.${CEPH_CINDER_USER} caps"
|
||||
- ceph auth caps client.${CEPH_CINDER_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd"
|
||||
- ceph auth get client.${CEPH_CINDER_USER} -o ${KEYRING}
|
||||
- else
|
||||
- echo "Creating Cephx user client.${CEPH_CINDER_USER}"
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
ceph auth get-or-create client.${CEPH_CINDER_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd" \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
-o ${KEYRING}
|
||||
- fi
|
||||
+
|
||||
rm -f /etc/ceph/ceph.client.admin.keyring
|
||||
fi
|
||||
{{- end }}
|
||||
diff --git a/nova/templates/bin/_nova-storage-init.sh.tpl b/nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
index f79fcff0..d11b8bc1 100644
|
||||
--- a/nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
+++ b/nova/templates/bin/_nova-storage-init.sh.tpl
|
||||
@@ -43,20 +43,18 @@ if [ "x$STORAGE_BACKEND" == "xrbd" ]; then
|
||||
}
|
||||
ensure_pool ${RBD_POOL_NAME} ${RBD_POOL_CHUNK_SIZE} "nova-ephemeral"
|
||||
|
||||
+ # TODO: Rework this part for the nova/glance/cinder charts to preserve this
|
||||
+ # on the next chart rebase to latest if the ceph mimic rebase isn't complete.
|
||||
if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
|
||||
- echo "Cephx user client.${RBD_POOL_USER} already exist."
|
||||
- echo "Update its cephx caps"
|
||||
- ceph auth caps client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd"
|
||||
- ceph auth get client.${RBD_POOL_USER} -o ${KEYRING}
|
||||
+ KEYSTR=$(echo $USERINFO | sed 's/.*\( key = .*\) caps mon.*/\1/')
|
||||
+ echo $KEYSTR > ${KEYRING}
|
||||
else
|
||||
- # NOTE: Restrict Nova permissions to what is needed.
|
||||
- # MON Read only and RBD access to the Nova ephemeral pool only.
|
||||
- ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
- mon "profile rbd" \
|
||||
- osd "profile rbd" \
|
||||
- -o ${KEYRING}
|
||||
+ #NOTE(Portdirect): Determine proper privs to assign keyring
|
||||
+ ceph auth get-or-create client.${RBD_POOL_USER} \
|
||||
+ mon "allow *" \
|
||||
+ osd "allow *" \
|
||||
+ mgr "allow *" \
|
||||
+ -o ${KEYRING}
|
||||
fi
|
||||
|
||||
ENCODED_KEYRING=$(sed -n 's/^[[:blank:]]*key[[:blank:]]\+=[[:blank:]]\(.*\)/\1/p' ${KEYRING} | base64 -w0)
|
||||
--
|
||||
2.16.5
|
||||
|
@ -1,42 +0,0 @@
|
||||
From 9030eb81823e46eb374b52fec2e65fff2bb2dcf9 Mon Sep 17 00:00:00 2001
|
||||
From: Gerry Kopec <Gerry.Kopec@windriver.com>
|
||||
Date: Fri, 15 Feb 2019 16:15:37 -0500
|
||||
Subject: [PATCH] Stein: Nova console address config optionality
|
||||
|
||||
Introduce option to nova to enable/disable the use of the vnc or spice
|
||||
server proxyclient address found by the console compute init container.
|
||||
This can be used to prevent the case where the found address overrides
|
||||
what has already been defined in nova.conf by per host nova compute
|
||||
daemonset overrides.
|
||||
---
|
||||
nova/templates/bin/_nova-compute.sh.tpl | 2 ++
|
||||
nova/values.yaml | 1 +
|
||||
2 files changed, 3 insertions(+)
|
||||
|
||||
diff --git a/nova/templates/bin/_nova-compute.sh.tpl b/nova/templates/bin/_nova-compute.sh.tpl
|
||||
index 84596a5..b3bcca7 100644
|
||||
--- a/nova/templates/bin/_nova-compute.sh.tpl
|
||||
+++ b/nova/templates/bin/_nova-compute.sh.tpl
|
||||
@@ -20,5 +20,7 @@ set -ex
|
||||
|
||||
exec nova-compute \
|
||||
--config-file /etc/nova/nova.conf \
|
||||
+{{- if .Values.console.address_search_enabled }}
|
||||
--config-file /tmp/pod-shared/nova-console.conf \
|
||||
+{{- end }}
|
||||
--config-file /tmp/pod-shared/nova-libvirt.conf
|
||||
diff --git a/nova/values.yaml b/nova/values.yaml
|
||||
index 9646ded..c0ec7fe 100644
|
||||
--- a/nova/values.yaml
|
||||
+++ b/nova/values.yaml
|
||||
@@ -438,6 +438,7 @@ console:
|
||||
vncproxy:
|
||||
# IF blank, search default routing interface
|
||||
vncserver_proxyclient_interface:
|
||||
+ address_search_enabled: true
|
||||
|
||||
ssh:
|
||||
key_types:
|
||||
--
|
||||
1.8.3.1
|
||||
|
@ -1,205 +0,0 @@
|
||||
From 6e2e4aba8d1053adb6dcfc598c5c3d78c3195c94 Mon Sep 17 00:00:00 2001
|
||||
From: chengli3 <cheng1.li@intel.com>
|
||||
Date: Mon, 25 Feb 2019 20:15:53 +0800
|
||||
Subject: [PATCH] Support per-host overrides of auto_bridge_add
|
||||
|
||||
.Values.network.auto_bridge_add is a global config. So in multi nodes
|
||||
deployment, it requires that all hosts have the same nic names. This is
|
||||
a strict limit.
|
||||
This patch is to support per-host auto_bridge_add, so that we can define
|
||||
different auto_bridge_add for hosts.
|
||||
Also, this patch move .network.auto_bridge_add to .conf.auto_bridge_add
|
||||
|
||||
Change-Id: I4a4d6efbbfe073d035bc5c03700fbe998e708d0f
|
||||
Story: 2005059
|
||||
Task: 29601
|
||||
---
|
||||
doc/source/devref/networking.rst | 2 +-
|
||||
.../bin/_neutron-linuxbridge-agent-init.sh.tpl | 28 +++++++++---------
|
||||
.../bin/_neutron-openvswitch-agent-init.sh.tpl | 18 +++++++-----
|
||||
neutron/templates/configmap-etc.yaml | 1 +
|
||||
neutron/templates/daemonset-lb-agent.yaml | 4 +++
|
||||
neutron/templates/daemonset-ovs-agent.yaml | 4 +++
|
||||
neutron/values.yaml | 34 +++++++++++-----------
|
||||
7 files changed, 53 insertions(+), 38 deletions(-)
|
||||
|
||||
diff --git a/doc/source/devref/networking.rst b/doc/source/devref/networking.rst
|
||||
index e10a045..7b1afd7 100644
|
||||
--- a/doc/source/devref/networking.rst
|
||||
+++ b/doc/source/devref/networking.rst
|
||||
@@ -272,7 +272,7 @@ init container and main container with :code:`neutron-ovs-agent` via file
|
||||
Configuration of OVS bridges can be done via
|
||||
`neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl`. The
|
||||
script is configuring the external network bridge and sets up any
|
||||
-bridge mappings defined in :code:`network.auto_bridge_add`. These
|
||||
+bridge mappings defined in :code:`conf.auto_bridge_add`. These
|
||||
values should align with
|
||||
:code:`conf.plugins.openvswitch_agent.ovs.bridge_mappings`.
|
||||
|
||||
diff --git a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
|
||||
index e89765a..71a2b6b 100644
|
||||
--- a/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
|
||||
+++ b/neutron/templates/bin/_neutron-linuxbridge-agent-init.sh.tpl
|
||||
@@ -19,19 +19,21 @@ limitations under the License.
|
||||
set -ex
|
||||
|
||||
# configure all bridge mappings defined in config
|
||||
-{{- range $br, $phys := .Values.network.auto_bridge_add }}
|
||||
-if [ -n "{{- $br -}}" ] ; then
|
||||
- # adding existing bridge would break out the script when -e is set
|
||||
- set +e
|
||||
- ip link add name {{ $br }} type bridge
|
||||
- set -e
|
||||
- ip link set dev {{ $br }} up
|
||||
- if [ -n "{{- $phys -}}" ] ; then
|
||||
- ip link set dev {{ $phys }} master {{ $br }}
|
||||
- fi
|
||||
-fi
|
||||
-{{- end }}
|
||||
-
|
||||
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
|
||||
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
|
||||
+do
|
||||
+ bridge=${bmap%:*}
|
||||
+ iface=${bmap#*:}
|
||||
+ # adding existing bridge would break out the script when -e is set
|
||||
+ set +e
|
||||
+ ip link add name $bridge type bridge
|
||||
+ set -e
|
||||
+ ip link set dev $bridge up
|
||||
+ if [ -n "$iface" ] && [ "$iface" != "null" ]
|
||||
+ then
|
||||
+ ip link set dev $iface master $bridge
|
||||
+ fi
|
||||
+done
|
||||
|
||||
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
|
||||
if [ -z "${tunnel_interface}" ] ; then
|
||||
diff --git a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
index 08c82e0..84f5e4b 100644
|
||||
--- a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
+++ b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
@@ -36,13 +36,17 @@ if neutron-sanity-check --version >/dev/null 2>/dev/null; then
|
||||
fi
|
||||
|
||||
# handle any bridge mappings
|
||||
-{{- range $bridge, $port := .Values.network.auto_bridge_add }}
|
||||
-ovs-vsctl --no-wait --may-exist add-br {{ $bridge }}
|
||||
-{{ if $port }}
|
||||
-ovs-vsctl --no-wait --may-exist add-port {{ $bridge }} {{ $port }}
|
||||
-ip link set dev {{ $port }} up
|
||||
-{{ end }}
|
||||
-{{- end }}
|
||||
+# /tmp/auto_bridge_add is one line json file: {"br-ex1":"eth1","br-ex2":"eth2"}
|
||||
+for bmap in `sed 's/[{}"]//g' /tmp/auto_bridge_add | tr "," "\n"`
|
||||
+do
|
||||
+ bridge=${bmap%:*}
|
||||
+ iface=${bmap#*:}
|
||||
+ ovs-vsctl --no-wait --may-exist add-br $bridge
|
||||
+ if [ -n "$iface" ] && [ "$iface" != "null" ]
|
||||
+ then
|
||||
+ ovs-vsctl --no-wait --may-exist add-port $bridge $iface
|
||||
+ fi
|
||||
+done
|
||||
|
||||
tunnel_interface="{{- .Values.network.interface.tunnel -}}"
|
||||
if [ -z "${tunnel_interface}" ] ; then
|
||||
diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml
|
||||
index 027602b..4ee5774 100644
|
||||
--- a/neutron/templates/configmap-etc.yaml
|
||||
+++ b/neutron/templates/configmap-etc.yaml
|
||||
@@ -196,6 +196,7 @@ data:
|
||||
dnsmasq.conf: ""
|
||||
neutron_sudoers: {{ $envAll.Values.conf.neutron_sudoers | b64enc }}
|
||||
rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
|
||||
+ auto_bridge_add: {{ toJson $envAll.Values.conf.auto_bridge_add | b64enc }}
|
||||
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
|
||||
{{- $filePrefix := replace "_" "-" $key }}
|
||||
{{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}
|
||||
diff --git a/neutron/templates/daemonset-lb-agent.yaml b/neutron/templates/daemonset-lb-agent.yaml
|
||||
index 1c7da46..c2b432f 100644
|
||||
--- a/neutron/templates/daemonset-lb-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-lb-agent.yaml
|
||||
@@ -110,6 +110,10 @@ spec:
|
||||
subPath: neutron_sudoers
|
||||
readOnly: true
|
||||
- name: neutron-etc
|
||||
+ mountPath: /tmp/auto_bridge_add
|
||||
+ subPath: auto_bridge_add
|
||||
+ readOnly: true
|
||||
+ - name: neutron-etc
|
||||
mountPath: /etc/neutron/rootwrap.conf
|
||||
subPath: rootwrap.conf
|
||||
readOnly: true
|
||||
diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
index e17693f..2e66844 100644
|
||||
--- a/neutron/templates/daemonset-ovs-agent.yaml
|
||||
+++ b/neutron/templates/daemonset-ovs-agent.yaml
|
||||
@@ -120,6 +120,10 @@ spec:
|
||||
subPath: neutron_sudoers
|
||||
readOnly: true
|
||||
- name: neutron-etc
|
||||
+ mountPath: /tmp/auto_bridge_add
|
||||
+ subPath: auto_bridge_add
|
||||
+ readOnly: true
|
||||
+ - name: neutron-etc
|
||||
mountPath: /etc/neutron/rootwrap.conf
|
||||
subPath: rootwrap.conf
|
||||
readOnly: true
|
||||
diff --git a/neutron/values.yaml b/neutron/values.yaml
|
||||
index a366dee..cf56ac5 100644
|
||||
--- a/neutron/values.yaml
|
||||
+++ b/neutron/values.yaml
|
||||
@@ -90,18 +90,6 @@ network:
|
||||
# allowing agents to be restarted without packet loss and simpler
|
||||
# debugging. This feature requires mount propagation support.
|
||||
share_namespaces: true
|
||||
- # auto_bridge_add is a table of "bridge: interface" pairs
|
||||
- # To automatically add a physical interfaces to a specific bridges,
|
||||
- # for example eth3 to bridge br-physnet1, if0 to br0 and iface_two
|
||||
- # to br1 do something like:
|
||||
- #
|
||||
- # auto_bridge_add:
|
||||
- # br-physnet1: eth3
|
||||
- # br0: if0
|
||||
- # br1: iface_two
|
||||
- # br-ex will be added by default
|
||||
- auto_bridge_add:
|
||||
- br-ex: null
|
||||
interface:
|
||||
# Tunnel interface will be used for VXLAN tunneling. If null
|
||||
# (default) there is a fallback mechanism to search for interface
|
||||
@@ -1649,13 +1637,25 @@ conf:
|
||||
priority: 0
|
||||
apply-to: all
|
||||
pattern: '(notifications)\.'
|
||||
+ ## NOTE: "besteffort" is meant for dev env with mixed compute type only.
|
||||
+ ## This helps prevent sriov init script from failing due to mis-matched NIC
|
||||
+ ## For prod env, target NIC should match and init script should fail otherwise.
|
||||
+ ## sriov_init:
|
||||
+ ## - besteffort
|
||||
sriov_init:
|
||||
-
|
||||
- ## NOTE: "besteffort" is meant for dev env with mixed compute type only.
|
||||
- ## This helps prevent sriov init script from failing due to mis-matched NIC
|
||||
- ## For prod env, target NIC should match and init script should fail otherwise.
|
||||
- ## sriov_init:
|
||||
- ## - besteffort
|
||||
+ # auto_bridge_add is a table of "bridge: interface" pairs
|
||||
+ # To automatically add a physical interfaces to a specific bridges,
|
||||
+ # for example eth3 to bridge br-physnet1, if0 to br0 and iface_two
|
||||
+ # to br1 do something like:
|
||||
+ #
|
||||
+ # auto_bridge_add:
|
||||
+ # br-physnet1: eth3
|
||||
+ # br0: if0
|
||||
+ # br1: iface_two
|
||||
+ # br-ex will be added by default
|
||||
+ auto_bridge_add:
|
||||
+ br-ex: null
|
||||
|
||||
# Names of secrets used by bootstrap and environmental checks
|
||||
secrets:
|
||||
--
|
||||
2.7.4
|
||||
|
@ -1,32 +0,0 @@
|
||||
From dcd7ebf37b0333191c9be07cd7e8f6a5fdadd567 Mon Sep 17 00:00:00 2001
|
||||
From: Chris Wedgwood <cw@f00f.org>
|
||||
Date: Thu, 7 Mar 2019 21:45:32 +0000
|
||||
Subject: [PATCH] [neutron] 'up' interfaces added via ovs auto_bridge_add
|
||||
|
||||
Previously, when adding interfaces to an ovs bridge we would set the
|
||||
link state to up. Some environments assume this is the case so
|
||||
restore that behavior.
|
||||
|
||||
This fixes the problem where external (public) IPs for routers and VMs
|
||||
no longer respond.
|
||||
|
||||
Change-Id: I59e21bd5cde7e239320125e9a7e0a33adae578a8
|
||||
---
|
||||
neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
index 84f5e4b..4dfb0ff 100644
|
||||
--- a/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
+++ b/neutron/templates/bin/_neutron-openvswitch-agent-init.sh.tpl
|
||||
@@ -45,6 +45,7 @@ do
|
||||
if [ -n "$iface" ] && [ "$iface" != "null" ]
|
||||
then
|
||||
ovs-vsctl --no-wait --may-exist add-port $bridge $iface
|
||||
+ ip link set dev $iface up
|
||||
fi
|
||||
done
|
||||
|
||||
--
|
||||
2.7.4
|
||||
|
Loading…
x
Reference in New Issue
Block a user