Add glance to the operator

Change-Id: Ia0bf531c09cf6c7e92a2d3e9ddcaadcb31e70a04
This commit is contained in:
okozachenko 2020-07-06 23:32:04 +03:00
parent 528f64494d
commit e6bc3530f5
15 changed files with 398 additions and 7 deletions

View File

@ -5,6 +5,7 @@ images:
docker build images/heat --target heat-api -t vexxhost/heat-api:latest
docker build images/heat --target heat-api-cfn -t vexxhost/heat-api-cfn:latest
docker build images/heat --target heat-engine -t vexxhost/heat-engine:latest
docker build images/glance --target glance-api -t vexxhost/glance-api:latest
docker build images/chronyd -t vexxhost/chronyd:latest
docker build images/magnum --target magnum-api -t vexxhost/magnum-api:latest
docker build images/magnum --target magnum-conductor -t vexxhost/magnum-conductor:latest

View File

@ -3,6 +3,9 @@ secretName: devstack
configMap:
ceilometer:
dbUri: "sqlite:///:memory:"
glance:
configDir: /etc/glance
dataDir: /opt/stack/data/glance
horizon:
ingress:
host: "horizon.vexxhost.com"

60
devstack/lib/glance Normal file
View File

@ -0,0 +1,60 @@
#!/bin/bash
#
# lib/glance
# Functions to control the configuration and operation of the **Glance** service
# Dependencies:
#
# - ``functions`` file
# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
# - ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
# - ``SERVICE_HOST``
# - ``KEYSTONE_TOKEN_FORMAT`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
# - install_glance
# - configure_glance
# - init_glance
# - start_glance
# - stop_glance
# - cleanup_glance
# init_glance() - Initialize databases, etc.
function init_glance {
# Delete existing images
rm -rf $GLANCE_IMAGE_DIR
mkdir -p $GLANCE_IMAGE_DIR
# NOTE: Permissions here are bad but it's temporary so we don't care as much.
sudo chmod -Rv 777 $DATA_DIR/glance
# (Re)create glance database
recreate_database glance
}
export -f init_glance
# install_glance() - Collect source and prepare
function install_glance {
echo noop
}
export -f install_glance
# start_glance() - Start running processes
function start_glance {
kubernetes_rollout_restart daemonset/glance
kubernetes_rollout_status daemonset/glance
run_process g-reg "$GLANCE_BIN_DIR/glance-registry --config-file=$GLANCE_CONF_DIR/glance-registry.conf"
echo "Waiting for g-api ($GLANCE_SERVICE_HOST) to start..."
proxy_pass_to_kubernetes /image glance glance-wsgi-api
}
export -f start_glance
# Tell emacs to use shell-script-mode
## Local variables:
## mode: shell-script
## End:

View File

@ -138,14 +138,14 @@ function configure_heat {
# the section for the client plugin associated with the trustee
if [ -z "$HEAT_DEFERRED_AUTH" -o "trusts" == "$HEAT_DEFERRED_AUTH" ]; then
iniset $HEAT_CONF trustee auth_type password
iniset $HEAT_CONF trustee auth_url $KEYSTONE_AUTH_URI
iniset $HEAT_CONF trustee auth_url $KEYSTONE_AUTH_URI_V3
iniset $HEAT_CONF trustee username $HEAT_TRUSTEE_USER
iniset $HEAT_CONF trustee password $HEAT_TRUSTEE_PASSWORD
iniset $HEAT_CONF trustee user_domain_id $HEAT_TRUSTEE_DOMAIN
fi
# clients_keystone
iniset $HEAT_CONF clients_keystone auth_uri $KEYSTONE_AUTH_URI
iniset $HEAT_CONF clients_keystone auth_uri $KEYSTONE_AUTH_URI_V3
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
iniset $HEAT_CONF clients_keystone ca_file $SSL_BUNDLE_FILE

View File

@ -17,4 +17,5 @@
define_plugin openstack-operator
source $DEST/openstack-operator/devstack/lib/common
source $DEST/openstack-operator/devstack/lib/glance
source $DEST/openstack-operator/devstack/lib/keystone

34
images/glance/Dockerfile Normal file
View File

@ -0,0 +1,34 @@
# Copyright (c) 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
FROM docker.io/opendevorg/python-builder as builder
COPY bindep.txt /tmp/src/bindep.txt
RUN apt update && apt -y install git
ADD https://releases.openstack.org/constraints/upper/ussuri /tmp/src/upper-constraints.txt
RUN assemble git+https://opendev.org/openstack/glance@stable/ussuri \
boto3 \
msgpack===0.6.1 \
PyMySQL \
python-memcached \
python-swiftclient
FROM docker.io/opendevorg/uwsgi-base as glance-api
COPY --from=builder /output/ /output
RUN apt update && apt -y install git && \
/output/install-from-bindep && \
apt -y purge git && apt clean all
EXPOSE 9292
ENV UWSGI_HTTP_SOCKET=:9292 UWSGI_WSGI_FILE=/usr/local/bin/glance-wsgi-api
CMD ["/usr/local/bin/uwsgi","--ini","/etc/uwsgi/uwsgi.ini"]

2
images/glance/bindep.txt Normal file
View File

@ -0,0 +1,2 @@
gcc [compile]
libc-dev [compile]

View File

@ -0,0 +1,49 @@
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
"""glance Operator
This module maintains the operator for Mcrouter, it takes care of creating
the appropriate deployments, Mcrouter, pod monitors and Prometheus rules.
"""
from openstack_operator import utils
def create_or_resume(name, spec, **_):
"""Create and re-sync a glance instance
This function is called when a new resource is created but also when we
start the service up for the first time.
"""
utils.create_or_update('glance/daemonset.yml.j2',
name=name, spec=spec)
utils.create_or_update('glance/service.yml.j2',
name=name, spec=spec)
if "ingress" in spec:
utils.create_or_update('glance/ingress.yml.j2',
name=name, spec=spec)
def update(name, spec, **_):
"""Update a glance
This function updates the deployment for glance if there are any
changes that happen within it.
"""
if "ingress" in spec:
utils.create_or_update('glance/ingress.yml.j2',
name=name, spec=spec)

View File

@ -24,6 +24,7 @@ import kopf
from openstack_operator import ceilometer
from openstack_operator import chronyd
from openstack_operator import glance
from openstack_operator import heat
from openstack_operator import horizon
from openstack_operator import keystone
@ -62,6 +63,8 @@ def deploy(name, namespace, new, **_):
horizon.create_or_resume("horizon", config["horizon"])
if "heat" in config:
heat.create_or_resume("heat", config["heat"])
if "glance" in config:
glance.create_or_resume("glance", config["glance"])
if "magnum" in config:
magnum.create_or_resume("magnum", config["magnum"])
if "chronyd" in config:

View File

@ -0,0 +1,114 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: glance
namespace: openstack
labels:
{{ labels("glance", name) | indent(4) }}
spec:
updateStrategy:
rollingUpdate:
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
{{ labels("glance", name) | indent(6) }}
template:
metadata:
labels:
{{ labels("glance", name) | indent(8) }}
annotations:
checksum/config: "{{ config_hash }}"
spec:
initContainers:
- name: db-sync
image: vexxhost/glance-api:latest
imagePullPolicy: Always
command:
- glance-manage
- db_sync
volumeMounts:
- mountPath: /etc/glance
name: config
- name: load-metadefs
image: vexxhost/glance-api:latest
imagePullPolicy: Always
command:
- glance-manage
- db_load_metadefs
volumeMounts:
- mountPath: /etc/glance
name: config
containers:
- name: glance
image: vexxhost/glance-api:latest
imagePullPolicy: Always
env:
{% for v in env %}
- name: "{{ v.name }}"
value: "{{ v.value }}"
{% endfor %}
ports:
- name: glance
protocol: TCP
containerPort: 9292
livenessProbe:
tcpSocket:
port: glance
readinessProbe:
tcpSocket:
port: glance
resources:
requests:
cpu: 200m
ephemeral-storage: 500M
memory: 128M
securityContext:
runAsUser: 1001
volumeMounts:
- name: config
mountPath: /etc/glance
- name: data
mountPath: {{ spec['dataDir'] }}
- name: uwsgi-config
mountPath: /etc/uwsgi
volumes:
- name: config
hostPath:
path: {{ spec['configDir'] }}
type: Directory
- name: data
hostPath:
path: {{ spec['dataDir'] }}
type: Directory
- name: uwsgi-config
configMap:
defaultMode: 420
name: uwsgi-default
{% if 'nodeSelector' in spec %}
nodeSelector:
{{ spec.nodeSelector | to_yaml | indent(8) }}
{% endif %}
{% if 'tolerations' in spec %}
tolerations:
{{ spec.tolerations | to_yaml | indent(8) }}
{% endif %}
{% if 'hostAliases' in spec %}
hostAliases:
{{ spec.hostAliases | to_yaml | indent(8) }}
{% endif %}

View File

@ -0,0 +1,55 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: glance
namespace: openstack
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
certmanager.k8s.io/cluster-issuer: "letsencrypt-prod"
spec:
{% if spec.ingress.host is defined %}
rules:
- host: {{ spec.ingress.host }}
http:
paths:
- path: /
backend:
serviceName: glance
servicePort: 80
tls:
- hosts:
- {{ spec.ingress.host }}
secretName: glance-tls
{% else %}
rules:
{% for v in spec.ingress %}
- host: {{ v.host }}
http:
paths:
- path: /
backend:
serviceName: glance
servicePort: 80
{% endfor %}
tls:
- hosts:
{% for v in spec.ingress %}
- {{ v.host }}
{% endfor %}
secretName: glance-tls
{% endif %}

View File

@ -0,0 +1,28 @@
---
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: glance
namespace: openstack
spec:
ports:
- name: glance
port: 80
protocol: TCP
targetPort: glance
selector:
{{ labels("glance", name) | indent(4) }}

View File

@ -11,12 +11,12 @@ data:
exit-on-reload = true
die-on-term = true
lazy-apps = true
add-header = 'Connection: close'
add-header = Connection: close
buffer-size = 65535
thunder-lock = true
http-auto-chunked = true
http-raw-body = true
socket-timeout = 10
need-app = true
route-user-agent = '^kube-probe.* donotlog:'
route-user-agent = ^kube-probe.* donotlog:
log-x-forwarded-for = true

View File

@ -25,14 +25,15 @@
- src/opendev.org/openstack
- src/opendev.org/vexxhost
tox_envlist: all
tempest_test_regex: '(\[.*\bsmoke\b.*\]|(^heat_tempest_plugin.tests.api)|(^tempest_horizon.tests.scenario))'
tempest_black_regex: '^tempest.scenario.test_network_basic_ops'
tempest_test_regex: (\[.*\bsmoke\b.*\]|(^heat_tempest_plugin.tests.api)|(^tempest_horizon.tests.scenario))
tempest_black_regex: ^tempest.scenario.test_network_basic_ops
tempest_plugins:
- heat-tempest-plugin
- magnum-tempest-plugin
- tempest-horizon
devstack_localrc:
TEMPEST_PLUGINS: '/opt/stack/heat-tempest-plugin /opt/stack/magnum-tempest-plugin /opt/stack/tempest-horizon'
TEMPEST_PLUGINS: /opt/stack/heat-tempest-plugin /opt/stack/magnum-tempest-plugin
/opt/stack/tempest-horizon
docker_use_buildset_registry: true
minikube_dns_resolvers: [1.1.1.1, 8.8.8.8]
@ -49,6 +50,8 @@
soft: true
- name: openstack-operator:images:build:magnum
soft: true
- name: openstack-operator:images:build:glance
soft: true
- name: openstack-operator:images:build:rabbitmq
soft: true
- name: openstack-operator:images:build:ceilometer
@ -76,6 +79,8 @@
soft: true
- name: openstack-operator:images:upload:magnum
soft: true
- name: openstack-operator:images:upload:glance
soft: true
- name: openstack-operator:images:upload:rabbitmq
soft: true
- name: openstack-operator:images:upload:ceilometer

36
zuul.d/glance-jobs.yaml Normal file
View File

@ -0,0 +1,36 @@
- job:
name: openstack-operator:images:build:glance
parent: vexxhost-build-docker-image
provides: openstack-operator:image:glance
vars: &id001
docker_images:
- context: images/glance
repository: vexxhost/glance-api
target: glance-api
dependencies:
- openstack-operator:images:build:openstack-operator
files: &id002
- ^images/glance/.*
- job:
name: openstack-operator:images:upload:glance
parent: vexxhost-upload-docker-image
provides: openstack-operator:image:glance
vars: *id001
dependencies:
- openstack-operator:images:upload:openstack-operator
files: *id002
- job:
name: openstack-operator:images:promote:glance
parent: vexxhost-promote-docker-image
vars: *id001
files: *id002
- project:
check:
jobs:
- openstack-operator:images:build:glance
gate:
jobs:
- openstack-operator:images:upload:glance
promote:
jobs:
- openstack-operator:images:promote:glance