aedbb8aa0c
This commit is rebasing on upstream commit 7803000a545687ec40b0ddc41d46a6b377dea45f and also remove some patches that were already merged. This change depends on the rebase of openstack-helm-infra made at01f6571912Patch 0005-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch This patch was dropped because a feature that add this support was implemented in 2020. It can be found on commitaf4e2aaaddPatch 0007-Allow-more-generic-overrides-for-placeme.patch Changes that this patch applies were already applied on commitbdbea96326Patch 0009-Disabling-helm3_hook.patch Adding a helm3_hook in values.yaml file in case hooks needs to be disabled Patch 0011-Trust-public-ingress-certificate.patch Removed in favor of using the openstack-helm implementation of tls support. As we are dropping this patch we moved the changes to the patch where the job is created. Commits can be found on https://opendev.org/openstack/openstack-helm/commits/branch/master/search?q=feat%28tls%29 Patch 0012-Update-helm-tookit-dependencies-to-0.2.19.patch Changes that this patch applies were already applied on commit20b6b9a236Due to changes implemented on054affa290 (diff-9bd79f0fd832cb30fa4f4b6242b9059fbc0c81b30541b4243ff29cdf39bce621R63)python-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/cinder.py needed to be modified so the system overrides for the ceph client matches the name of the internal ceph cluster we that StarlingX creates and the deployment-cinder.yaml renders without issues. We've change the endpoints on nova-api-proxy/templates/deployment.yaml as in upstream openstack-helm deals with TLS internally, however in starlingx there is a workaround that forces public endpoint for openstack services. Although after some changes on openstack-helm that came with this rebase and using cert-manager to generate all tls internal secrets we dont need to do this anymore. The volume mounts for dev-pts at python-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/nova.py were removed since this problem was fixed upstream on04d600c5b0Story: 2009161 Task: 43150 Change-Id: Iaf7d4bf9aa80e1d5acacdfe24743d41d4e67a8c0 Signed-off-by: Arthur Luz de Avila <arthur.luzdeavila@windriver.com> Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com> Change-Id: Iaf7d4bf9aa80e1d5acacdfe24743d41d4e67a8c0
35 lines
1.5 KiB
Diff
35 lines
1.5 KiB
Diff
From db7a5422e48b963966c5e830d6f4391006a42578 Mon Sep 17 00:00:00 2001
|
|
From: Andy Ning <andy.ning@windriver.com>
|
|
Date: Wed, 4 Dec 2019 13:35:44 -0500
|
|
Subject: [PATCH] Support ingress creation for keystone admin endpoint
|
|
|
|
This update added support to create ingress for custom keystone admin
|
|
endpoint. It can be used by deployment to expose keytone admin endpoint
|
|
to outside of the cluster by ingress.
|
|
|
|
Story: 2006588
|
|
Task: 37747
|
|
Signed-off-by: Andy Ning <andy.ning@windriver.com>
|
|
---
|
|
keystone/templates/ingress-api.yaml | 9 +++++++++
|
|
1 file changed, 9 insertions(+)
|
|
|
|
diff --git a/keystone/templates/ingress-api.yaml b/keystone/templates/ingress-api.yaml
|
|
index de36571..37c3013 100644
|
|
--- a/keystone/templates/ingress-api.yaml
|
|
+++ b/keystone/templates/ingress-api.yaml
|
|
@@ -21,3 +21,11 @@ limitations under the License.
|
|
{{- end -}}
|
|
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
|
{{- end }}
|
|
+{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.admin }}
|
|
+{{ $ingressNamePublic := tuple "identity" "public" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
+{{ $ingressNameAdmin := tuple "identity" "admin" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
|
+{{- if not (eq $ingressNamePublic $ingressNameAdmin) }}
|
|
+{{- $ingressOpts := dict "envAll" . "backendServiceType" "identity" "backendPort" "ks-pub" "endpoint" "admin" -}}
|
|
+{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
|
|
+{{- end }}
|
|
+{{- end }}
|
|
--
|
|
1.8.3.1
|