Browse Source

Implement cinder

Depends-On: https://review.opendev.org/747030

Change-Id: If8e45498efa9c7acfb8962e1fcd40accacf13a7a
changes/83/746783/22
okozachenko 10 months ago
committed by Mohammed Naser
parent
commit
19c16fdc24
26 changed files with 767 additions and 32 deletions
  1. +1
    -0
      Makefile
  2. +1
    -0
      chart/test-values.yaml
  3. +1
    -0
      config/samples/operator-config.yaml
  4. +136
    -0
      devstack/lib/cinder
  5. +4
    -3
      devstack/lib/common
  6. +8
    -1
      devstack/plugin.sh
  7. +1
    -0
      devstack/settings
  8. +33
    -0
      images/cinder/Dockerfile
  9. +9
    -0
      images/cinder/bindep.txt
  10. +1
    -0
      images/cinder/build-requirements.txt
  11. +30
    -0
      images/cinder/cinder-scheduler
  12. +30
    -0
      images/cinder/cinder-volume
  13. +29
    -0
      images/cinder/cinder-wsgi
  14. +1
    -0
      images/cinder/constraints.txt
  15. +8
    -0
      images/cinder/requirements.txt
  16. +55
    -0
      images/cinder/setup-repos.sh
  17. +86
    -0
      openstack_operator/cinder.py
  18. +8
    -2
      openstack_operator/identity.py
  19. +4
    -0
      openstack_operator/operator.py
  20. +120
    -0
      openstack_operator/templates/cinder/daemonset.yml.j2
  21. +55
    -0
      openstack_operator/templates/cinder/ingress.yml.j2
  22. +27
    -0
      openstack_operator/templates/cinder/rabbitmq.yml.j2
  23. +9
    -0
      openstack_operator/templates/cinder/secret-rabbitmq.yml.j2
  24. +28
    -0
      openstack_operator/templates/cinder/service.yml.j2
  25. +51
    -0
      zuul.d/cinder-jobs.yaml
  26. +31
    -26
      zuul.d/functional-jobs.yaml

+ 1
- 0
Makefile View File

@ -2,6 +2,7 @@ images:
docker build images/horizon -t vexxhost/horizon:latest
docker build images/keystone -t vexxhost/keystone:latest
docker build images/ceilometer --target ceilometer-agent-notification -t vexxhost/ceilometer-agent-notification:latest
docker build images/cinder --target cinder-api -t vexxhost/cinder-api:latest
docker build images/heat --target heat-api -t vexxhost/heat-api:latest
docker build images/heat --target heat-api-cfn -t vexxhost/heat-api-cfn:latest
docker build images/heat --target heat-engine -t vexxhost/heat-engine:latest


+ 1
- 0
chart/test-values.yaml View File

@ -4,6 +4,7 @@ configMap:
barbican: {}
ceilometer:
dbUri: "sqlite:///:memory:"
cinder: {}
glance: {}
placement: {}
neutron: {}


+ 1
- 0
config/samples/operator-config.yaml View File

@ -5,6 +5,7 @@ metadata:
data:
operator-config.yaml: |
barbican: {}
cinder: {}
ceilometer:
dbUri: "sqlite:///:memory:"
horizon:


+ 136
- 0
devstack/lib/cinder View File

@ -0,0 +1,136 @@
#!/bin/bash
#
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
CINDER_STATE_PATH=/var/lib/cinder
# configure_cinder() - Set config files, create data dirs, etc
function configure_cinder {
sudo install -d -o $STACK_USER -m 755 $CINDER_CONF_DIR
rm -f $CINDER_CONF
configure_rootwrap cinder
sudo sed -e "s:^filters_path=.*$:filters_path=/usr/local/etc/cinder/rootwrap.d:" -i $CINDER_CONF_DIR/rootwrap.conf
cp -p "$CINDER_DIR/etc/cinder/resource_filters.json" "$CINDER_CONF_DIR/resource_filters.json"
cp $CINDER_DIR/etc/cinder/api-paste.ini $CINDER_API_PASTE_INI
kubernetes_ensure_resource secret/cinder-application-credential
CINDER_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret cinder-application-credential openstack secret)
CINDER_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret cinder-application-credential openstack id)
iniset $CINDER_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
iniset $CINDER_CONF keystone_authtoken auth_type v3applicationcredential
iniset $CINDER_CONF keystone_authtoken application_credential_id $CINDER_APPLICATION_CREDENTIAL_ID
iniset $CINDER_CONF keystone_authtoken application_credential_secret $CINDER_APPLICATION_CREDENTIAL_SECRET
iniset $CINDER_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
# NOTE(Alex): operator stuff
kubernetes_ensure_resource secret/cinder-mysql
CINDER_DATABASE_USER=$(get_data_from_secret cinder-mysql openstack USER)
CINDER_DATABASE_PASSWORD=$(get_data_from_secret cinder-mysql openstack PASSWORD)
CINDER_DATABASE_NAME=$(get_data_from_secret cinder-mysql openstack DATABASE)
iniset $CINDER_CONF database connection "mysql+pymysql://$CINDER_DATABASE_USER:$CINDER_DATABASE_PASSWORD@cinder-mysql-master/$CINDER_DATABASE_NAME?charset=utf8"
iniset $CINDER_CONF DEFAULT api_paste_config $CINDER_API_PASTE_INI
iniset $CINDER_CONF DEFAULT rootwrap_config "$CINDER_CONF_DIR/rootwrap.conf"
iniset $CINDER_CONF DEFAULT osapi_volume_extension cinder.api.contrib.standard_extensions
iniset $CINDER_CONF DEFAULT osapi_volume_listen $CINDER_SERVICE_LISTEN_ADDRESS
iniset $CINDER_CONF DEFAULT state_path $CINDER_STATE_PATH
iniset $CINDER_CONF DEFAULT my_ip "$HOST_IP"
iniset $CINDER_CONF key_manager backend cinder.keymgr.conf_key_mgr.ConfKeyManager
iniset $CINDER_CONF key_manager fixed_key $(openssl rand -hex 16)
configure_cinder_backend_ceph ceph
iniset $CINDER_CONF ceph volume_clear $CINDER_VOLUME_CLEAR
iniset $CINDER_CONF DEFAULT enabled_backends ceph
iniset $CINDER_CONF DEFAULT default_volume_type ceph
configure_cinder_image_volume_cache
iniset $CINDER_CONF DEFAULT backup_swift_url "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:$SWIFT_DEFAULT_BIND_PORT/v1/AUTH_"
iniset $CINDER_CONF oslo_messaging_notifications driver "messagingv2"
# Get rabbitmq password
kubernetes_ensure_resource secret/cinder-rabbitmq
CINDER_RABBITMQ_PASSWORD=$(get_data_from_secret cinder-rabbitmq openstack password)
CINDER_RABBITMQ_USERNAME=$(get_data_from_secret cinder-rabbitmq openstack username)
iniset_k8s_rpc_backend cinder $CINDER_CONF DEFAULT "rabbit://$CINDER_RABBITMQ_USERNAME:$CINDER_RABBITMQ_PASSWORD@rabbitmq-cinder:5672/"
if [[ -r $CINDER_PLUGINS/$CINDER_DRIVER ]]; then
configure_cinder_driver
fi
iniset $CINDER_CONF DEFAULT osapi_volume_workers "$API_WORKERS"
iniset $CINDER_CONF DEFAULT glance_api_servers "http://glance"
# Set nova credentials (used for os-assisted-snapshots)
iniset $CINDER_CONF nova auth_type password
iniset $CINDER_CONF nova auth_url $KEYSTONE_SERVICE_URI
iniset $CINDER_CONF nova username nova
iniset $CINDER_CONF nova password $SERVICE_PASSWORD
iniset $CINDER_CONF nova user_domain_name "$SERVICE_DOMAIN_NAME"
iniset $CINDER_CONF nova project_name $SERVICE_PROJECT_NAME
iniset $CINDER_CONF nova project_domain_name "$SERVICE_DOMAIN_NAME"
iniset $CINDER_CONF nova region_name "$REGION_NAME"
iniset $CINDER_CONF DEFAULT graceful_shutdown_timeout "$SERVICE_GRACEFUL_SHUTDOWN_TIMEOUT"
}
export -f configure_cinder
# init_cinder() - Initialize database and volume group
function init_cinder {
echo noop
}
# install_cinder() - Collect source and prepare
function install_cinder {
echo noop
}
# install_cinderclient() - Collect source and prepare
# NOTE(Alex): I am not sure this function is not overrided if the content is empty.
# So I remove this function for now in this override lib file.
# function install_cinderclient {
# echo noop
# }
function cleanup_cinder {
echo noop
}
# start_cinder() - Start running processes
function start_cinder {
kubernetes_rollout_restart daemonset/cinder-api
kubernetes_rollout_restart daemonset/cinder-scheduler
kubernetes_rollout_restart daemonset/cinder-volume
kubernetes_rollout_status daemonset/cinder-api
kubernetes_rollout_status daemonset/cinder-scheduler
kubernetes_rollout_status daemonset/cinder-volume
proxy_pass_to_kubernetes /volume cinder cinder-wsgi
sleep 10
}
# stop_cinder() - Stop running processes
function stop_cinder {
echo noop
}

+ 4
- 3
devstack/lib/common View File

@ -31,7 +31,7 @@ function kubernetes_rollout_status {
kubectl get $resource && break || sleep 1;
done
kubectl rollout status --timeout=60s $resource
kubectl rollout status --timeout=300s $resource
}
function kubernetes_rollout_restart {
@ -46,8 +46,9 @@ function kubernetes_rollout_restart {
function kubernetes_ensure_resource {
local resource="$1"
for i in {1..60}; do
kubectl get $resource && break || sleep 3;
kubectl logs deployment/openstack-operator -n default
for i in {1..120}; do
kubectl get $resource && break || sleep 5;
done
}


+ 8
- 1
devstack/plugin.sh View File

@ -41,11 +41,18 @@ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
--from-file=/etc/glance/glance-api.conf \
--from-file=/etc/glance/glance-api-paste.ini
kubectl create secret generic cinder-config -n openstack \
--from-file=/etc/cinder/cinder.conf \
--from-file=/etc/cinder/api-paste.ini \
--from-file=/etc/cinder/rootwrap.conf \
--from-file=/etc/cinder/resource_filters.json
# NOTE(Alex): Permissions here are bad but it's temporary so we don't care as much.
sudo chmod -Rv 777 /etc/ceph
kubectl create secret generic ceph-config -n openstack \
--from-file=/etc/ceph/ceph.conf \
--from-file=/etc/ceph/ceph.client.glance.keyring
--from-file=/etc/ceph/ceph.client.glance.keyring \
--from-file=/etc/ceph/ceph.client.cinder.keyring
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
:


+ 1
- 0
devstack/settings View File

@ -18,6 +18,7 @@ define_plugin openstack-operator
source $DEST/openstack-operator/devstack/lib/common
source $DEST/openstack-operator/devstack/lib/barbican
source $DEST/openstack-operator/devstack/lib/cinder
source $DEST/openstack-operator/devstack/lib/glance
source $DEST/openstack-operator/devstack/lib/horizon
source $DEST/openstack-operator/devstack/lib/keystone


+ 33
- 0
images/cinder/Dockerfile View File

@ -0,0 +1,33 @@
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM vexxhost/python-builder as builder
FROM vexxhost/python-base AS cinder-base
RUN mkdir -p /var/lib/cinder && \
chmod 777 -R /var/lib/cinder
FROM cinder-base AS cinder-api
COPY cinder-wsgi /usr/local/bin/cinder-wsgi
EXPOSE 8776
ENV UWSGI_HTTP_SOCKET=:8776 UWSGI_WSGI_FILE=/usr/local/bin/cinder-wsgi
CMD ["/usr/local/bin/uwsgi", "--ini", "/etc/uwsgi/uwsgi.ini"]
FROM cinder-base AS cinder-volume
COPY cinder-volume /usr/local/bin/cinder-volume
CMD ["/usr/local/bin/cinder-volume"]
FROM cinder-base AS cinder-scheduler
COPY cinder-scheduler /usr/local/bin/cinder-scheduler
CMD ["/usr/local/bin/cinder-scheduler"]

+ 9
- 0
images/cinder/bindep.txt View File

@ -0,0 +1,9 @@
gcc [compile]
libc-dev [compile]
librados-dev [compile]
librbd-dev [compile]
librados2
librbd1
ceph-common
qemu-utils
sudo

+ 1
- 0
images/cinder/build-requirements.txt View File

@ -0,0 +1 @@
Cython

+ 30
- 0
images/cinder/cinder-scheduler View File

@ -0,0 +1,30 @@
#!/usr/local/bin/python
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import pkg_resources
import re
import sys
import sentry_sdk
from cinder.cmd.scheduler import main
VERSION = pkg_resources.get_distribution("cinder").version
sentry_sdk.init(release="cinder@%s" % VERSION)
sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
sys.exit(main())

+ 30
- 0
images/cinder/cinder-volume View File

@ -0,0 +1,30 @@
#!/usr/local/bin/python
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import pkg_resources
import re
import sys
import sentry_sdk
from cinder.cmd.volume import main
VERSION = pkg_resources.get_distribution("cinder").version
sentry_sdk.init(release="cinder@%s" % VERSION)
sys.argv[0] = re.sub(r'(-script\.pyw|\.exe)?$', '', sys.argv[0])
sys.exit(main())

+ 29
- 0
images/cinder/cinder-wsgi View File

@ -0,0 +1,29 @@
#!/usr/local/bin/python
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import pkg_resources
import sentry_sdk
from cinder.wsgi.wsgi import initialize_application
from sentry_sdk.integrations import wsgi
VERSION = pkg_resources.get_distribution("cinder").version
sentry_sdk.init(release="cinder@%s" % VERSION)
application = initialize_application()
application = wsgi.SentryWsgiMiddleware(application)

+ 1
- 0
images/cinder/constraints.txt View File

@ -0,0 +1 @@
--constraint https://releases.openstack.org/constraints/upper/ussuri

+ 8
- 0
images/cinder/requirements.txt View File

@ -0,0 +1,8 @@
uWSGI
boto3
PyMySQL
python-memcached
sentry-sdk
git+https://opendev.org/openstack/cinder@stable/ussuri
https://github.com/ceph/ceph/archive/v15.2.4.tar.gz#egg=rados&subdirectory=src/pybind/rados
https://github.com/ceph/ceph/archive/v15.2.4.tar.gz#egg=rbd&subdirectory=src/pybind/rbd

+ 55
- 0
images/cinder/setup-repos.sh View File

@ -0,0 +1,55 @@
#!/bin/bash
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -xe
apt-get install -y gnupg2
cat <<EOF | apt-key add -
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1
mQINBFX4hgkBEADLqn6O+UFp+ZuwccNldwvh5PzEwKUPlXKPLjQfXlQRig1flpCH
E0HJ5wgGlCtYd3Ol9f9+qU24kDNzfbs5bud58BeE7zFaZ4s0JMOMuVm7p8JhsvkU
C/Lo/7NFh25e4kgJpjvnwua7c2YrA44ggRb1QT19ueOZLK5wCQ1mR+0GdrcHRCLr
7Sdw1d7aLxMT+5nvqfzsmbDullsWOD6RnMdcqhOxZZvpay8OeuK+yb8FVQ4sOIzB
FiNi5cNOFFHg+8dZQoDrK3BpwNxYdGHsYIwU9u6DWWqXybBnB9jd2pve9PlzQUbO
eHEa4Z+jPqxY829f4ldaql7ig8e6BaInTfs2wPnHJ+606g2UH86QUmrVAjVzlLCm
nqoGymoAPGA4ObHu9X3kO8viMBId9FzooVqR8a9En7ZE0Dm9O7puzXR7A1f5sHoz
JdYHnr32I+B8iOixhDUtxIY4GA8biGATNaPd8XR2Ca1hPuZRVuIiGG9HDqUEtXhV
fY5qjTjaThIVKtYgEkWMT+Wet3DPPiWT3ftNOE907e6EWEBCHgsEuuZnAbku1GgD
LBH4/a/yo9bNvGZKRaTUM/1TXhM5XgVKjd07B4cChgKypAVHvef3HKfCG2U/DkyA
LjteHt/V807MtSlQyYaXUTGtDCrQPSlMK5TjmqUnDwy6Qdq8dtWN3DtBWQARAQAB
tCpDZXBoLmNvbSAocmVsZWFzZSBrZXkpIDxzZWN1cml0eUBjZXBoLmNvbT6JAjgE
EwECACIFAlX4hgkCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOhKwsBG
DzmUXdIQAI8YPcZMBWdv489q8CzxlfRIRZ3Gv/G/8CH+EOExcmkVZ89mVHngCdAP
DOYCl8twWXC1lwJuLDBtkUOHXNuR5+Jcl5zFOUyldq1Hv8u03vjnGT7lLJkJoqpG
l9QD8nBqRvBU7EM+CU7kP8+09b+088pULil+8x46PwgXkvOQwfVKSOr740Q4J4nm
/nUOyTNtToYntmt2fAVWDTIuyPpAqA6jcqSOC7Xoz9cYxkVWnYMLBUySXmSS0uxl
3p+wK0lMG0my/gb+alke5PAQjcE5dtXYzCn+8Lj0uSfCk8Gy0ZOK2oiUjaCGYN6D
u72qDRFBnR3jaoFqi03bGBIMnglGuAPyBZiI7LJgzuT9xumjKTJW3kN4YJxMNYu1
FzmIyFZpyvZ7930vB2UpCOiIaRdZiX4Z6ZN2frD3a/vBxBNqiNh/BO+Dex+PDfI4
TqwF8zlcjt4XZ2teQ8nNMR/D8oiYTUW8hwR4laEmDy7ASxe0p5aijmUApWq5UTsF
+s/QbwugccU0iR5orksM5u9MZH4J/mFGKzOltfGXNLYI6D5Mtwrnyi0BsF5eY0u6
vkdivtdqrq2DXY+ftuqLOQ7b+t1RctbcMHGPptlxFuN9ufP5TiTWSpfqDwmHCLsT
k2vFiMwcHdLpQ1IH8ORVRgPPsiBnBOJ/kIiXG2SxPUTjjEGOVgeA
=/Tod
-----END PGP PUBLIC KEY BLOCK-----
EOF
cat <<EOF | tee /etc/apt/sources.list.d/ceph.list
deb https://download.ceph.com/debian-octopus/ buster main
EOF

+ 86
- 0
openstack_operator/cinder.py View File

@ -0,0 +1,86 @@
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""cinder Operator
This module maintains the operator for Cinder.
"""
from openstack_operator import database
from openstack_operator import identity
from openstack_operator import utils
MEMCACHED = True
def create_or_resume(name, spec, **_):
"""Create and re-sync a cinder instance
This function is called when a new resource is created but also when we
start the service up for the first time.
"""
# deploy mysql for cinder
if "mysql" not in spec:
database.ensure_mysql_cluster("cinder", {})
else:
database.ensure_mysql_cluster("cinder", spec["mysql"])
# deploy rabbitmq
if not utils.ensure_secret("openstack", "cinder-rabbitmq"):
utils.create_or_update('cinder/secret-rabbitmq.yml.j2',
password=utils.generate_password())
utils.create_or_update('cinder/rabbitmq.yml.j2', spec=spec)
# deploy cinder
config_hash = utils.generate_hash(spec)
for component in ("api", "scheduler", "volume"):
utils.create_or_update('cinder/daemonset.yml.j2',
name=name, spec=spec,
component=component,
config_hash=config_hash)
utils.create_or_update('cinder/service.yml.j2', name=name)
url = None
if "ingress" in spec:
utils.create_or_update('cinder/ingress.yml.j2',
name=name, spec=spec)
url = spec["ingress"]["host"]
# Create application credential
identity.ensure_application_credential(name="cinder")
identity.ensure_service(name="cinder", service_type="block-storage",
url=url, desc="Cinder Volume Service",
path="/v3/$(project_id)s")
identity.ensure_service(name="cinderv2", service_type="volumev2",
url=url, desc="Cinder Volume Service V2",
path="/v2/$(project_id)s", internal="cinder")
identity.ensure_service(name="cinderv3", service_type="volumev3",
url=url, desc="Cinder Volume Service V3",
path="/v3/$(project_id)s", internal="cinder")
def update(name, spec, **_):
"""Update a cinder
This function updates the deployment for cinder if there are any
changes that happen within it.
"""
if "ingress" in spec:
utils.create_or_update('cinder/ingress.yml.j2',
name=name, spec=spec)

+ 8
- 2
openstack_operator/identity.py View File

@ -17,16 +17,20 @@
This module contains a few common functions for identity management
"""
# pylint: disable=R0913
from openstack_operator import utils
def ensure_service(name, service_type, desc, url=None, path=""):
def ensure_service(name, service_type, desc, url=None,
internal=None, path=""):
"""Create or update service and endpoints
name: service name
service_type: service type
desc: service descriptioin
url: hostname of public endpoint
internal: hostname of internal endpoint
path: sub path of endpoint
"""
@ -35,8 +39,10 @@ def ensure_service(name, service_type, desc, url=None, path=""):
type=service_type, description=desc)
# Create or resume endpoints
if internal is None:
internal = name
internal_url = public_url = \
"http://" + name + ".openstack.svc.cluster.local" + path
"http://" + internal + ".openstack.svc.cluster.local" + path
if url is not None:
public_url = "https://" + url + path


+ 4
- 0
openstack_operator/operator.py View File

@ -29,6 +29,7 @@ from sentry_sdk.integrations import aiohttp
from openstack_operator import barbican
from openstack_operator import ceilometer
from openstack_operator import chronyd
from openstack_operator import cinder
from openstack_operator import glance
from openstack_operator import heat
from openstack_operator import horizon
@ -108,6 +109,9 @@ def deploy(name, namespace, new, **_):
if "glance" in config:
spec = set_service_config(config, "glance")
glance.create_or_resume("glance", spec)
if "cinder" in config:
spec = set_service_config(config, "cinder")
cinder.create_or_resume("cinder", spec)
if "magnum" in config:
spec = set_service_config(config, "magnum")
magnum.create_or_resume("magnum", spec)


+ 120
- 0
openstack_operator/templates/cinder/daemonset.yml.j2 View File

@ -0,0 +1,120 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: cinder-{{ component }}
namespace: openstack
labels:
{{ labels("cinder", component=component) | indent(4) }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
{{ labels("cinder", component=component) | indent(6) }}
template:
metadata:
labels:
{{ labels("cinder", component=component) | indent(8) }}
annotations:
checksum/config: "{{ config_hash }}"
spec:
automountServiceAccountToken: false
{% if 'scheduler' in component %}
initContainers:
- name: db-sync
image: vexxhost/cinder-{{ component }}:latest
imagePullPolicy: Always
command:
- cinder-manage
- db
- sync
volumeMounts:
- mountPath: /etc/cinder
name: cinder-config
{% endif %}
containers:
- name: cinder-{{ component }}
image: vexxhost/cinder-{{ component }}:latest
imagePullPolicy: Always
env:
{% if 'api' not in component %}
- name: OS_DEFAULT__HOST
valueFrom:
fieldRef:
fieldPath: spec.nodeName
{% endif %}
{% if 'sentryDSN' in spec %}
- name: SENTRY_DSN
value: {{ spec.sentryDSN }}
{% endif %}
{% for v in env %}
- name: "{{ v.name }}"
value: "{{ v.value }}"
{% endfor %}
{% if 'api' in component %}
ports:
- name: cinder
protocol: TCP
containerPort: 8776
livenessProbe:
tcpSocket:
port: cinder
readinessProbe:
tcpSocket:
port: cinder
{% endif %}
{% if 'volume' not in component %}
securityContext:
runAsUser: 1001
{% endif %}
volumeMounts:
{% if 'volume' in component %}
- name: ceph-config
mountPath: /etc/ceph
{% endif %}
- name: cinder-config
mountPath: /etc/cinder
- name: uwsgi-config
mountPath: /etc/uwsgi
volumes:
{% if 'volume' in component %}
- name: ceph-config
secret:
secretName: ceph-config
{% endif %}
- name: cinder-config
secret:
secretName: cinder-config
- name: uwsgi-config
configMap:
defaultMode: 420
name: uwsgi-default
{% if 'nodeSelector' in spec %}
nodeSelector:
{{ spec.nodeSelector | to_yaml | indent(8) }}
{% endif %}
{% if 'tolerations' in spec %}
tolerations:
{{ spec.tolerations | to_yaml | indent(8) }}
{% endif %}
{% if 'hostAliases' in spec %}
hostAliases:
{{ spec.hostAliases | to_yaml | indent(8) }}
{% endif %}

+ 55
- 0
openstack_operator/templates/cinder/ingress.yml.j2 View File

@ -0,0 +1,55 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: cinder
namespace: openstack
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
certmanager.k8s.io/cluster-issuer: "letsencrypt-prod"
spec:
{% if spec.ingress.host is defined %}
rules:
- host: {{ spec.ingress.host }}
http:
paths:
- path: /
backend:
serviceName: cinder
servicePort: 80
tls:
- hosts:
- {{ spec.ingress.host }}
secretName: cinder-tls
{% else %}
rules:
{% for v in spec.ingress %}
- host: {{ v.host }}
http:
paths:
- path: /
backend:
serviceName: cinder
servicePort: 80
{% endfor %}
tls:
- hosts:
{% for v in spec.ingress %}
- {{ v.host }}
{% endfor %}
secretName: cinder-tls
{% endif %}

+ 27
- 0
openstack_operator/templates/cinder/rabbitmq.yml.j2 View File

@ -0,0 +1,27 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: infrastructure.vexxhost.cloud/v1alpha1
kind: Rabbitmq
metadata:
name: cinder
namespace: openstack
spec:
authSecret: cinder-rabbitmq
nodeSelector:
node-role.kubernetes.io/master: ""
tolerations:
- key: node-role.kubernetes.io/master
effect: NoSchedule

+ 9
- 0
openstack_operator/templates/cinder/secret-rabbitmq.yml.j2 View File

@ -0,0 +1,9 @@
apiVersion: v1
metadata:
name: cinder-rabbitmq
namespace: openstack
stringData:
username: cinder
password: {{ password }}
kind: Secret

+ 28
- 0
openstack_operator/templates/cinder/service.yml.j2 View File

@ -0,0 +1,28 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: cinder
namespace: openstack
spec:
ports:
- name: cinder
port: 80
protocol: TCP
targetPort: cinder
selector:
{{ labels("cinder", component="api") | indent(4) }}

+ 51
- 0
zuul.d/cinder-jobs.yaml View File

@ -0,0 +1,51 @@
- job:
name: openstack-operator:images:build:cinder
parent: vexxhost-build-docker-image
provides: openstack-operator:image:cinder
nodeset: &id001
nodes:
- name: ubuntu-bionic
label: ubuntu-bionic-vexxhost
vars: &id002
docker_images:
- context: images/cinder
repository: vexxhost/cinder-base
target: cinder-base
- context: images/cinder
repository: vexxhost/cinder-api
target: cinder-api
- context: images/cinder
repository: vexxhost/cinder-volume
target: cinder-volume
- context: images/cinder
repository: vexxhost/cinder-scheduler
target: cinder-scheduler
dependencies:
- openstack-operator:images:build:openstack-operator
files: &id003
- ^images/cinder/.*
- job:
name: openstack-operator:images:upload:cinder
parent: vexxhost-upload-docker-image
provides: openstack-operator:image:cinder
nodeset: *id001
vars: *id002
dependencies:
- openstack-operator:images:upload:openstack-operator
files: *id003
- job:
name: openstack-operator:images:promote:cinder
parent: vexxhost-promote-docker-image
nodeset: *id001
vars: *id002
files: *id003
- project:
check:
jobs:
- openstack-operator:images:build:cinder
gate:
jobs:
- openstack-operator:images:upload:cinder
promote:
jobs:
- openstack-operator:images:promote:cinder

+ 31
- 26
zuul.d/functional-jobs.yaml View File

@ -27,6 +27,7 @@
identity-feature-enabled:
application_credentials: true
devstack_services:
c-bak: false
etcd3: false
horizon: true
rabbit: false
@ -61,65 +62,69 @@
jobs:
- openstack-operator:functional:
dependencies:
- name: openstack-operator:images:build:heat
- name: openstack-operator:images:build:mcrouter-exporter
soft: true
- name: openstack-operator:images:build:barbican
- name: openstack-operator:images:build:horizon
soft: true
- name: openstack-operator:images:build:ceilometer
- name: openstack-operator:images:build:placement
soft: true
- name: openstack-operator:images:build:magnum
soft: true
- name: openstack-operator:images:build:glance
soft: true
- name: openstack-operator:images:build:neutron
soft: true
- name: openstack-operator:images:build:rabbitmq
soft: true
- name: openstack-operator:images:build:keystone
- name: openstack-operator:images:build:ceilometer
soft: true
- name: openstack-operator:images:build:horizon
- name: openstack-operator:images:build:memcached-exporter
soft: true
- name: openstack-operator:images:build:memcached
soft: true
- name: openstack-operator:images:build:mcrouter
- name: openstack-operator:images:build:keystone
soft: true
- openstack-operator:images:build:openstack-operator
- name: openstack-operator:images:build:glance
- name: openstack-operator:images:build:mcrouter
soft: true
- name: openstack-operator:images:build:mcrouter-exporter
- name: openstack-operator:images:build:cinder
soft: true
- name: openstack-operator:images:build:memcached-exporter
soft: true
- name: openstack-operator:images:build:magnum
- openstack-operator:images:build:openstack-operator
- name: openstack-operator:images:build:barbican
soft: true
- name: openstack-operator:images:build:placement
- name: openstack-operator:images:build:heat
soft: true
gate:
jobs:
- openstack-operator:functional:
dependencies:
- name: openstack-operator:images:upload:heat
- name: openstack-operator:images:upload:mcrouter-exporter
soft: true
- name: openstack-operator:images:upload:barbican
- name: openstack-operator:images:upload:horizon
soft: true
- name: openstack-operator:images:upload:ceilometer
- name: openstack-operator:images:upload:placement
soft: true
- name: openstack-operator:images:upload:magnum
soft: true
- name: openstack-operator:images:upload:glance
soft: true
- name: openstack-operator:images:upload:neutron
soft: true
- name: openstack-operator:images:upload:rabbitmq
soft: true
- name: openstack-operator:images:upload:keystone
- name: openstack-operator:images:upload:ceilometer
soft: true
- name: openstack-operator:images:upload:horizon
- name: openstack-operator:images:upload:memcached-exporter
soft: true
- name: openstack-operator:images:upload:memcached
soft: true
- name: openstack-operator:images:upload:mcrouter
- name: openstack-operator:images:upload:keystone
soft: true
- openstack-operator:images:upload:openstack-operator
- name: openstack-operator:images:upload:glance
- name: openstack-operator:images:upload:mcrouter
soft: true
- name: openstack-operator:images:upload:mcrouter-exporter
- name: openstack-operator:images:upload:cinder
soft: true
- name: openstack-operator:images:upload:memcached-exporter
soft: true
- name: openstack-operator:images:upload:magnum
- openstack-operator:images:upload:openstack-operator
- name: openstack-operator:images:upload:barbican
soft: true
- name: openstack-operator:images:upload:placement
- name: openstack-operator:images:upload:heat
soft: true

Loading…
Cancel
Save