3dbfd56429
We are removing the patches that disables the helm3-hook which are used by osh(-i) to build an armada app as these patches are not necessary when building the fluxcd app. By removing the patches and changing the manifest.yaml, these hooks will only be disabled for the armada app, and the fluxcd app can be built as it is with [1]. There's also a small change on Patch #16 so it can be applied as it was created on top of a change made on Patch #8 (which is being removed). Test Plan: PASS - Build all the packages necessary for the openstack app PASS - Create openstack tarball PASS - Apply/remove/delete openstack [1] I97402f9d4cacb2130118f49589b13b686d04e13b Story: 2009138 Task: 45716 Signed-off-by: Pedro Almeida <pedro.monteiroazevedodemouraalmeida@windriver.com> Change-Id: I6a1cb3832be8dc15930edc226e09a55f6f89951b
432 lines
13 KiB
Diff
432 lines
13 KiB
Diff
From 26035d478bc2e70182446658f3677b079818305e Mon Sep 17 00:00:00 2001
|
|
From: rferraz <RogerioOliveira.Ferraz@windriver.com>
|
|
Date: Wed, 25 May 2022 05:49:04 -0300
|
|
Subject: [PATCH] Network Resources Cleanup before OpenStack Removal
|
|
|
|
This patch introduces a new job for the purpose
|
|
to cleanup network resources before OpenStack removal.
|
|
|
|
Changes:
|
|
|
|
- new file: neutron/templates/bin/_neutron-resources-cleanup.sh.tpl
|
|
- new file: neutron/templates/job-resources-cleanup.yaml
|
|
- modified: neutron/templates/configmap-bin.yaml
|
|
- modified: neutron/values.yaml
|
|
|
|
Signed-off-by: rferraz <RogerioOliveira.Ferraz@windriver.com>
|
|
---
|
|
.../bin/_neutron-resources-cleanup.sh.tpl | 220 ++++++++++++++++++
|
|
neutron/templates/configmap-bin.yaml | 2 +
|
|
neutron/templates/job-resources-cleanup.yaml | 81 +++++++
|
|
neutron/values.yaml | 31 +++
|
|
4 files changed, 334 insertions(+)
|
|
create mode 100644 neutron/templates/bin/_neutron-resources-cleanup.sh.tpl
|
|
create mode 100644 neutron/templates/job-resources-cleanup.yaml
|
|
|
|
diff --git a/neutron/templates/bin/_neutron-resources-cleanup.sh.tpl b/neutron/templates/bin/_neutron-resources-cleanup.sh.tpl
|
|
new file mode 100644
|
|
index 00000000..8d38373d
|
|
--- /dev/null
|
|
+++ b/neutron/templates/bin/_neutron-resources-cleanup.sh.tpl
|
|
@@ -0,0 +1,220 @@
|
|
+#!/bin/bash
|
|
+
|
|
+{{/*
|
|
+Licensed under the Apache License, Version 2.0 (the "License");
|
|
+you may not use this file except in compliance with the License.
|
|
+You may obtain a copy of the License at
|
|
+
|
|
+ http://www.apache.org/licenses/LICENSE-2.0
|
|
+
|
|
+Unless required by applicable law or agreed to in writing, software
|
|
+distributed under the License is distributed on an "AS IS" BASIS,
|
|
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
+See the License for the specific language governing permissions and
|
|
+limitations under the License.
|
|
+*/}}
|
|
+
|
|
+set -ex
|
|
+
|
|
+function cleanup_network_trunks()
|
|
+{
|
|
+ TRUNKS=$(openstack network trunk list -c ID -f value)
|
|
+ PORTS=$(openstack network trunk list -c "Parent Port" -f value)
|
|
+
|
|
+ for TRUNK in ${TRUNKS}; do
|
|
+ openstack network trunk delete ${TRUNK}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete trunk ${TRUNK}"
|
|
+ return ${RET}
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ for PORT in ${PORTS}; do
|
|
+ openstack port delete ${PORT}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete port ${PORT}"
|
|
+ return ${RET}
|
|
+ fi
|
|
+ done
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_vm_instances()
|
|
+{
|
|
+ local VMLIST=""
|
|
+ local ID=""
|
|
+ local RETRY=0
|
|
+
|
|
+ VMLIST=$(openstack server list --all-projects -c ID -f value)
|
|
+ for VM in ${VMLIST}; do
|
|
+ openstack server delete ${VM} --wait
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete VM ${ID}"
|
|
+ return ${RET}
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_floating_ips()
|
|
+{
|
|
+ local IPLIST=""
|
|
+ local IP=""
|
|
+
|
|
+ IPLIST=$(openstack floating ip list | grep -E "[0-9]+.[0-9]+.[0-9]+.[0-9]" | awk '{ print $2; }')
|
|
+ for IP in ${IPLIST}; do
|
|
+ openstack floating ip delete ${IP}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete floating ip ${IP}"
|
|
+ return 1
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_manual_ports()
|
|
+{
|
|
+ PORTS=$(openstack port list --device-owner=compute:manual | grep -E "^\|\s\w{8}-\w{4}-\w{4}-\w{4}-\w{12}\s\|" | awk '{ print $2; }')
|
|
+ for PORT in ${PORTS}; do
|
|
+ openstack port delete ${PORT}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete manual port ${PORT}"
|
|
+ return 1
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_routers()
|
|
+{
|
|
+ local ROUTERLIST=""
|
|
+ local ID=""
|
|
+
|
|
+ ROUTERLIST=$(openstack router list -c ID -f value)
|
|
+ for ID in ${ROUTERLIST}; do
|
|
+ openstack router set ${ID} --no-route
|
|
+ openstack router unset --external-gateway ${ID}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to clear gateway on router ${ID}"
|
|
+ return 1
|
|
+ fi
|
|
+
|
|
+ PORTS=$(openstack port list --router ${ID} -c ID -f value)
|
|
+ for PORT in ${PORTS}; do
|
|
+ openstack router remove port ${ID} ${PORT}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete interface ${PORT} from router ${ID}"
|
|
+ return ${RET}
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ openstack router delete ${ID}
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete router ${ID}"
|
|
+ return 1
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_application_ports()
|
|
+{
|
|
+ NETS=$(openstack network list -c ID -f value)
|
|
+ for NET in $NETS; do
|
|
+ NET_PORTS=$(openstack port list --network $NET -c ID -f value)
|
|
+ for NET_PORT in $NET_PORTS; do
|
|
+ openstack port delete $NET_PORT
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete port ${NET_PORT}"
|
|
+ return 1
|
|
+ fi
|
|
+ done
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+function cleanup_networks()
|
|
+{
|
|
+ local ID=""
|
|
+ NETLIST=$(openstack network list -c ID -f value)
|
|
+ for ID in ${NETLIST}; do
|
|
+ openstack network delete ${ID}
|
|
+ RET=$?
|
|
+ if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to delete network ${ID}"
|
|
+ return 1
|
|
+ fi
|
|
+ done
|
|
+
|
|
+ return 0
|
|
+}
|
|
+
|
|
+date
|
|
+echo "Cleaning up network resources..."
|
|
+
|
|
+echo "Cleaning up network trunks"
|
|
+cleanup_network_trunks
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup network trunks"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up VM instances"
|
|
+cleanup_vm_instances
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup VM instances"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up floating IP addresses"
|
|
+cleanup_floating_ips
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup floating IP addresses"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up manual ports"
|
|
+cleanup_manual_ports
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup manual ports"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up routers"
|
|
+cleanup_routers
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup routers"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up application ports"
|
|
+cleanup_application_ports
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup shared networks"
|
|
+fi
|
|
+
|
|
+echo "Cleaning up networks"
|
|
+cleanup_networks
|
|
+RET=$?
|
|
+if [ ${RET} -ne 0 ]; then
|
|
+ echo "Failed to cleanup networks"
|
|
+fi
|
|
+
|
|
+date
|
|
+echo "Cleanup finished"
|
|
+
|
|
+exit 0
|
|
diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml
|
|
index 2a6b9cff..647762c4 100644
|
|
--- a/neutron/templates/configmap-bin.yaml
|
|
+++ b/neutron/templates/configmap-bin.yaml
|
|
@@ -95,6 +95,8 @@ data:
|
|
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
|
|
neutron-test-force-cleanup.sh: |
|
|
{{ tuple "bin/_neutron-test-force-cleanup.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
|
+ neutron-resources-cleanup.sh: |
|
|
+{{ tuple "bin/_neutron-resources-cleanup.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
|
{{- if ( has "tungstenfabric" .Values.network.backend ) }}
|
|
tf-plugin.pth: |
|
|
/opt/plugin/site-packages
|
|
diff --git a/neutron/templates/job-resources-cleanup.yaml b/neutron/templates/job-resources-cleanup.yaml
|
|
new file mode 100644
|
|
index 00000000..9870305f
|
|
--- /dev/null
|
|
+++ b/neutron/templates/job-resources-cleanup.yaml
|
|
@@ -0,0 +1,81 @@
|
|
+{{/*
|
|
+Licensed under the Apache License, Version 2.0 (the "License");
|
|
+you may not use this file except in compliance with the License.
|
|
+You may obtain a copy of the License at
|
|
+
|
|
+ http://www.apache.org/licenses/LICENSE-2.0
|
|
+
|
|
+Unless required by applicable law or agreed to in writing, software
|
|
+distributed under the License is distributed on an "AS IS" BASIS,
|
|
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
+See the License for the specific language governing permissions and
|
|
+limitations under the License.
|
|
+*/}}
|
|
+
|
|
+{{- if .Values.manifests.job_resources_cleanup }}
|
|
+{{- $envAll := . }}
|
|
+
|
|
+{{- $serviceAccountName := "neutron-resources-cleanup" }}
|
|
+{{ tuple $envAll "resources_cleanup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
+---
|
|
+apiVersion: batch/v1
|
|
+kind: Job
|
|
+metadata:
|
|
+ name: {{ $serviceAccountName }}
|
|
+ labels:
|
|
+{{ tuple $envAll "neutron" "resources_cleanup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
|
|
+ annotations:
|
|
+{{- if .Values.helm3_hook }}
|
|
+ "helm.sh/hook": pre-delete
|
|
+ "helm.sh/hook-delete-policy": hook-succeeded, hook-failed
|
|
+{{- end }}
|
|
+{{- if .Values.helm2_hook }}
|
|
+ "helm.sh/hook": pre-delete
|
|
+ "helm.sh/hook-delete-policy": hook-succeeded, hook-failed
|
|
+{{- end }}
|
|
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
|
|
+spec:
|
|
+ backoffLimit: 2
|
|
+ activeDeadlineSeconds: 1500
|
|
+ template:
|
|
+ metadata:
|
|
+ labels:
|
|
+{{ tuple $envAll "neutron" "resources_cleanup" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
+ spec:
|
|
+ serviceAccountName: {{ $serviceAccountName }}
|
|
+{{ dict "envAll" $envAll "application" "neutron_resources_cleanup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
|
|
+ restartPolicy: OnFailure
|
|
+{{ if .Values.pod.tolerations.neutron.enabled }}
|
|
+{{ tuple $envAll "neutron" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
|
|
+{{ end }}
|
|
+ nodeSelector:
|
|
+ {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
+ initContainers:
|
|
+{{ tuple $envAll "resources_cleanup" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
+ containers:
|
|
+ - name: {{ $serviceAccountName }}
|
|
+{{ tuple $envAll "neutron_resources_cleanup" | include "helm-toolkit.snippets.image" | indent 10 }}
|
|
+{{ tuple $envAll .Values.pod.resources.jobs.resources_cleanup | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
+{{ dict "envAll" $envAll "application" "neutron_resources_cleanup" "container" "neutron_resources_cleanup" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
|
+ env:
|
|
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" .Values.manifests.certificates}}
|
|
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
+{{- end }}
|
|
+ command:
|
|
+ - /tmp/{{ $serviceAccountName }}.sh
|
|
+ volumeMounts:
|
|
+ - name: pod-tmp
|
|
+ mountPath: /tmp
|
|
+ - name: neutron-bin
|
|
+ mountPath: /tmp/{{ $serviceAccountName }}.sh
|
|
+ subPath: {{ $serviceAccountName }}.sh
|
|
+{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.public | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
|
|
+ volumes:
|
|
+ - name: pod-tmp
|
|
+ emptyDir: {}
|
|
+ - name: neutron-bin
|
|
+ configMap:
|
|
+ name: neutron-bin
|
|
+ defaultMode: 0555
|
|
+{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.network.server.public | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
|
|
+{{- end }}
|
|
diff --git a/neutron/values.yaml b/neutron/values.yaml
|
|
index dc73b68a..4be350e8 100644
|
|
--- a/neutron/values.yaml
|
|
+++ b/neutron/values.yaml
|
|
@@ -42,6 +42,7 @@ images:
|
|
neutron_bagpipe_bgp: docker.io/openstackhelm/neutron:stein-ubuntu_bionic
|
|
neutron_ironic_agent: docker.io/openstackhelm/neutron:stein-ubuntu_bionic
|
|
neutron_netns_cleanup_cron: docker.io/openstackhelm/neutron:stein-ubuntu_bionic
|
|
+ neutron_resources_cleanup: docker.io/openstackhelm/heat:stein-ubuntu_bionic
|
|
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
|
|
image_repo_sync: docker.io/docker:17.07.0
|
|
pull_policy: "IfNotPresent"
|
|
@@ -326,6 +327,21 @@ dependencies:
|
|
service: oslo_cache
|
|
- endpoint: internal
|
|
service: identity
|
|
+ resources_cleanup:
|
|
+ jobs:
|
|
+ - neutron-db-sync
|
|
+ - neutron-rabbit-init
|
|
+ services:
|
|
+ - endpoint: internal
|
|
+ service: oslo_messaging
|
|
+ - endpoint: internal
|
|
+ service: oslo_db
|
|
+ - endpoint: internal
|
|
+ service: identity
|
|
+ - endpoint: internal
|
|
+ service: compute
|
|
+ - endpoint: internal
|
|
+ service: network
|
|
tests:
|
|
services:
|
|
- endpoint: internal
|
|
@@ -547,6 +563,12 @@ pod:
|
|
neutron_netns_cleanup_cron:
|
|
readOnlyRootFilesystem: true
|
|
privileged: true
|
|
+ neutron_resources_cleanup:
|
|
+ pod:
|
|
+ runAsUser: 42424
|
|
+ container:
|
|
+ neutron_resources_cleanup:
|
|
+ readOnlyRootFilesystem: true
|
|
affinity:
|
|
anti:
|
|
type:
|
|
@@ -836,6 +858,13 @@ pod:
|
|
limits:
|
|
memory: "1024Mi"
|
|
cpu: "2000m"
|
|
+ resources_cleanup:
|
|
+ requests:
|
|
+ memory: "128Mi"
|
|
+ cpu: "100m"
|
|
+ limits:
|
|
+ memory: "1024Mi"
|
|
+ cpu: "2000m"
|
|
|
|
conf:
|
|
rally_tests:
|
|
@@ -2522,6 +2551,7 @@ network_policy:
|
|
egress:
|
|
- {}
|
|
|
|
+helm2_hook: true
|
|
helm3_hook: true
|
|
|
|
manifests:
|
|
@@ -2549,6 +2579,7 @@ manifests:
|
|
job_ks_service: true
|
|
job_ks_user: true
|
|
job_rabbit_init: true
|
|
+ job_resources_cleanup: true
|
|
pdb_server: true
|
|
pod_rally_test: true
|
|
network_policy: false
|
|
--
|
|
2.25.1
|
|
|