Add endpoint CRD
This introduces a CRD to manage endpoints and moves DevStack to use it instead of using OpenStack CLI. Change-Id: I90a8d8ba4b73c782f9669a3e7ab5ae1e2b6a9719
This commit is contained in:
parent
97501c4460
commit
84071196c6
24
chart/crds/identity.openstack.org_endpoints.yaml
Normal file
24
chart/crds/identity.openstack.org_endpoints.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
---
|
||||
apiVersion: apiextensions.k8s.io/v1beta1
|
||||
kind: CustomResourceDefinition
|
||||
metadata:
|
||||
name: endpoints.identity.openstack.org
|
||||
spec:
|
||||
group: identity.openstack.org
|
||||
names:
|
||||
kind: Endpoint
|
||||
listKind: EndpointList
|
||||
plural: endpoints
|
||||
singular: endpoint
|
||||
scope: Cluster
|
||||
version: v1alpha1
|
||||
versions:
|
||||
- name: v1alpha1
|
||||
served: true
|
||||
storage: true
|
||||
status:
|
||||
acceptedNames:
|
||||
kind: ""
|
||||
plural: ""
|
||||
conditions: []
|
||||
storedVersions: []
|
@ -114,6 +114,7 @@ rules:
|
||||
resources:
|
||||
- services
|
||||
- keystones
|
||||
- endpoints
|
||||
verbs:
|
||||
- create
|
||||
- delete
|
||||
@ -127,6 +128,7 @@ rules:
|
||||
resources:
|
||||
- services/status
|
||||
- keystones/status
|
||||
- endpoints/status
|
||||
verbs:
|
||||
- get
|
||||
- patch
|
||||
|
@ -37,6 +37,8 @@ spec:
|
||||
- -m
|
||||
- openstack_operator.memcached
|
||||
- -m
|
||||
- openstack_operator.openstack.identity.endpoints
|
||||
- -m
|
||||
- openstack_operator.openstack.identity.services
|
||||
- -m
|
||||
- openstack_operator.rabbitmq
|
||||
|
9
config/samples/identity_v1alpha1_endpoint.yaml
Normal file
9
config/samples/identity_v1alpha1_endpoint.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
---
|
||||
apiVersion: identity.openstack.org/v1alpha1
|
||||
kind: Endpoint
|
||||
metadata:
|
||||
name: heat-public
|
||||
spec:
|
||||
service: orchestration
|
||||
interface: public
|
||||
url: https://orchestration.sjc1.vexxhost.net
|
@ -135,3 +135,19 @@ function bootstrap_keystone {
|
||||
--bootstrap-public-url "$KEYSTONE_SERVICE_URI"
|
||||
}
|
||||
export -f bootstrap_keystone
|
||||
# Create an endpoint with a specific interface
|
||||
# Usage: _get_or_create_endpoint_with_interface <service> <interface> <url> <region>
|
||||
function _get_or_create_endpoint_with_interface {
|
||||
cat <<EOF | kubectl apply -f-
|
||||
---
|
||||
apiVersion: identity.openstack.org/v1alpha1
|
||||
kind: Endpoint
|
||||
metadata:
|
||||
name: ${1//_/-}-$2
|
||||
spec:
|
||||
service: $1
|
||||
interface: $2
|
||||
url: $3
|
||||
EOF
|
||||
}
|
||||
export -f _get_or_create_endpoint_with_interface
|
||||
|
94
openstack_operator/openstack/identity/endpoints.py
Normal file
94
openstack_operator/openstack/identity/endpoints.py
Normal file
@ -0,0 +1,94 @@
|
||||
# Copyright 2020 VEXXHOST, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
"""Endpoints Operator
|
||||
|
||||
This operator helps manage the creation and removal of endpoints inside
|
||||
Keystone using custom resources.
|
||||
"""
|
||||
|
||||
import kopf
|
||||
from openstack_operator import utils
|
||||
|
||||
|
||||
def _get_service_by_type(conn, service_type):
|
||||
"""Get a service from Keystone based on service type."""
|
||||
|
||||
services = conn.search_services(filters={"type": service_type})
|
||||
|
||||
if len(services) > 1:
|
||||
raise RuntimeError("Multiple services with type: %s" % service_type)
|
||||
if len(services) == 0:
|
||||
raise RuntimeError("Unable to find service: %s" % service_type)
|
||||
return services[0]
|
||||
|
||||
|
||||
def _get_endpoint(conn, service_type, interface):
|
||||
"""Get an endpoint from Keystone
|
||||
|
||||
This method will retrieve the endpoint from Keystone, raise an error if it
|
||||
found more than one or return None if it couldn't find it
|
||||
"""
|
||||
|
||||
service = _get_service_by_type(conn, service_type)
|
||||
|
||||
filters = {
|
||||
"service_id": service.id,
|
||||
"interface": interface,
|
||||
"region": conn.config.get_region_name(),
|
||||
}
|
||||
endpoints = conn.search_endpoints(filters=filters)
|
||||
|
||||
if len(endpoints) > 1:
|
||||
raise RuntimeError("Found multiple endpoints with interface & region")
|
||||
if len(endpoints) == 0:
|
||||
return service, None
|
||||
return service, endpoints[0]
|
||||
|
||||
|
||||
@kopf.on.resume('identity.openstack.org', 'v1alpha1', 'endpoints')
|
||||
@kopf.on.create('identity.openstack.org', 'v1alpha1', 'endpoints')
|
||||
def create_or_resume(spec, **_):
|
||||
"""Create or resume controller
|
||||
|
||||
This function runs when a new resource is created or when the controller
|
||||
is first started. It creates or updates the appropriate endpoint.
|
||||
"""
|
||||
|
||||
conn = utils.get_openstack_connection()
|
||||
service, endpoint = _get_endpoint(conn, spec["service"], spec["interface"])
|
||||
if endpoint:
|
||||
conn.update_endpoint(endpoint.id, url=spec["url"])
|
||||
return
|
||||
|
||||
conn.create_endpoint(service_name_or_id=service.id, url=spec["url"],
|
||||
interface=spec["interface"],
|
||||
region=conn.config.get_region_name())
|
||||
|
||||
|
||||
@kopf.on.delete('identity.openstack.org', 'v1alpha1', 'endpoints')
|
||||
def delete(spec, **_):
|
||||
"""Delete an endpoint
|
||||
|
||||
This function runs when the endpoint CR is deleted and removes the record
|
||||
from Keystone.
|
||||
"""
|
||||
|
||||
conn = utils.get_openstack_connection()
|
||||
endpoint = _get_endpoint(conn, spec["service"], spec["interface"])
|
||||
|
||||
if not endpoint:
|
||||
return
|
||||
|
||||
conn.delete_endpoint(endpoint)
|
@ -51,7 +51,6 @@ def create_or_resume(name, spec, **_):
|
||||
|
||||
conn = utils.get_openstack_connection()
|
||||
service = _get_service(conn, name, spec["type"])
|
||||
|
||||
if service:
|
||||
service = conn.update_service(service.id, name=name,
|
||||
type=spec["type"],
|
||||
|
@ -18,3 +18,4 @@
|
||||
roles:
|
||||
- collect-container-logs
|
||||
- collect-kubernetes-logs
|
||||
|
||||
|
@ -32,6 +32,7 @@
|
||||
OS_USER_DOMAIN_ID: default
|
||||
OS_USERNAME: admin
|
||||
OS_PASSWORD: secretadmin
|
||||
OS_REGION_NAME: RegionOne
|
||||
EOF
|
||||
roles:
|
||||
- role: helm-template
|
||||
|
Loading…
Reference in New Issue
Block a user