Use daemonset instead of hpa+deployment for magnum

- remove hpa - use daemonset - ensure absent of older deployments - remove resource limit Change-Id: I3d4aa74e375db0ceb2d63ae492b4de408bff44a9
2020-07-07 17:19:30 +03:00 · 2020-07-07 17:19:30 +03:00 · e833d1fa07
commit e833d1fa07
parent d0928ca4df
5 changed files with 148 additions and 23 deletions
--- a/devstack/lib/magnum
+++ b/devstack/lib/magnum
@ -388,11 +388,11 @@ EOF
 # start_magnum() - Start running processes, including screen
 function start_magnum {

-	kubernetes_rollout_restart deploy/magnum-api
-	kubernetes_rollout_restart deploy/magnum-conductor
+	kubernetes_rollout_restart daemonset/magnum-api
+	kubernetes_rollout_restart daemonset/magnum-conductor

-	kubernetes_rollout_status deploy/magnum-api
-	kubernetes_rollout_status deploy/magnum-conductor
+	kubernetes_rollout_status daemonset/magnum-api
+	kubernetes_rollout_status daemonset/magnum-conductor

    proxy_pass_to_kubernetes /magnum-api magnum-api magnum-api-wsgi
 }
--- a/images/magnum/Dockerfile
+++ b/images/magnum/Dockerfile
@ -27,6 +27,7 @@ RUN /output/install-from-bindep
 FROM magnum-api-base AS magnum-api
 EXPOSE 9511
 ENV UWSGI_HTTP_SOCKET=:9511 UWSGI_WSGI_FILE=/usr/local/bin/magnum-api-wsgi
+CMD ["/usr/local/bin/uwsgi","--ini","/etc/uwsgi/uwsgi.ini"]

 FROM docker.io/opendevorg/python-base AS magnum-conductor
 COPY --from=builder /output/ /output
--- a/openstack_operator/magnum.py
+++ b/openstack_operator/magnum.py
@ -31,12 +31,10 @@ def create_or_resume(name, spec, **_):

    config_hash = utils.generate_hash(spec)
    for component in ("api", "conductor"):
-        utils.create_or_update('magnum/deployment.yml.j2',
+        utils.create_or_update('magnum/daemonset.yml.j2',
                               name=name, spec=spec,
                               component=component,
                               config_hash=config_hash)
-        utils.create_or_update('magnum/horizontalpodautoscaler.yml.j2',
-                               name=name, component=component)

    utils.create_or_update('magnum/service.yml.j2',
                           name=name)
@ -45,6 +43,18 @@ def create_or_resume(name, spec, **_):
        utils.create_or_update('magnum/ingress.yml.j2',
                               name=name, spec=spec)

+    # NOTE(Alex): We should remove this once all deployments are no longer
+    #               using Deployment.
+    utils.ensure_absent('magnum/deployment.yml.j2',
+                        name=name, spec=spec,
+                        component=component,
+                        config_hash=config_hash)
+
+    # NOTE(Alex): We should remove this once all deployments are no longer
+    #               using HPA.
+    utils.create_or_update('magnum/horizontalpodautoscaler.yml.j2',
+                           name=name, component=component)
+

 def update(name, spec, **_):
    """Update a Magnum
--- a/openstack_operator/templates/magnum/daemonset.yml.j2
+++ b/openstack_operator/templates/magnum/daemonset.yml.j2
@ -0,0 +1,114 @@
+---
+# Copyright 2020 VEXXHOST, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1
+kind: DaemonSet
+metadata:
+  name: magnum-{{ component }}
+  namespace: openstack
+  labels:
+    {{ labels("magnum", name, component) | indent(4) }}
+spec:
+  updateStrategy:
+    rollingUpdate:
+      maxUnavailable: 1
+    type: RollingUpdate
+  selector:
+    matchLabels:
+      {{ labels("magnum", name, component) | indent(6) }}
+  template:
+    metadata:
+      labels:
+        {{ labels("magnum", name, component) | indent(8) }}
+      annotations:
+        checksum/config: "{{ config_hash }}"
+    spec:
+      {% if 'conductor' in component %}
+      initContainers:
+      - name: db-sync
+        image: vexxhost/magnum-{{ component }}:latest
+        imagePullPolicy: Always
+        command:
+        - magnum-db-manage
+        - upgrade
+        volumeMounts:
+        - mountPath: /etc/magnum
+          name: config
+      {% endif %}
+      containers:
+      - name: magnum-{{ component }}
+        image: vexxhost/magnum-{{ component }}:latest
+        imagePullPolicy: Always
+        {% if env is defined and env|length %}
+        env:
+        {% for v in env %}
+        - name: "{{ v.name }}"
+          value: "{{ v.value }}"
+        {% endfor %}
+        {% endif %}
+        {% if 'api' in component %}
+        ports:
+        - name: magnum-{{ component }}
+          protocol: TCP
+          containerPort: 9511
+        livenessProbe:
+          tcpSocket:
+            port: magnum-{{ component }}
+        readinessProbe:
+          tcpSocket:
+            port: magnum-{{ component }}
+        lifecycle:
+          preStop:
+            exec:
+              command: ["/bin/sleep", "5"]
+        {% endif %}
+        resources:
+          limits:
+            cpu: 2000m
+            ephemeral-storage: 50M
+            memory: 512M
+          requests:
+            cpu: 200m
+            ephemeral-storage: 50M
+            memory: 64M
+        securityContext:
+          runAsUser: 65534
+          runAsGroup: 65534
+        volumeMounts:
+        - mountPath: /etc/magnum
+          name: config
+        - name: uwsgi-config
+          mountPath: /etc/uwsgi
+      volumes:
+      - name: config
+        hostPath:
+          path: {{ spec['configDir'] }}
+          type: Directory
+      - name: uwsgi-config
+        configMap:
+          defaultMode: 420
+          name: uwsgi-default
+{% if 'nodeSelector' in spec %}
+      nodeSelector:
+        {{ spec.nodeSelector | to_yaml | indent(8) }}
+{% endif %}
+{% if 'tolerations' in spec %}
+      tolerations:
+        {{ spec.tolerations | to_yaml | indent(8) }}
+{% endif %}
+{% if 'hostAliases' in spec %}
+      hostAliases:
+        {{ spec.hostAliases | to_yaml | indent(8) }}
+{% endif %}
--- a/openstack_operator/templates/operator/uwsgidefaultconfig.yml.j2
+++ b/openstack_operator/templates/operator/uwsgidefaultconfig.yml.j2
@ -4,19 +4,19 @@ metadata:
  name: uwsgi-default
  namespace: openstack
 data:
-  uwsgi.yaml: |
-    uwsgi:
-      enable-threads: True
-      processes: '%k'
-      exit-on-reload: True
-      die-on-term: True
-      lazy-apps: True
-      add-header: 'Connection: close'
-      buffer-size: 65535
-      thunder-lock: True
-      http-auto-chunked: True
-      http-raw-body: True
-      socket-timeout: 10
-      need-app: True
-      route-user-agent: '^kube-probe.* donotlog:'
-      log-x-forwarded-for: True
+  uwsgi.ini: |-
+    [uwsgi]
+    enable-threads = true
+    workers = %(%k * 1)
+    exit-on-reload = true
+    die-on-term = true
+    lazy-apps = true
+    add-header = 'Connection: close'
+    buffer-size = 65535
+    thunder-lock = true
+    http-auto-chunked = true
+    http-raw-body = true
+    socket-timeout = 10
+    need-app = true
+    route-user-agent = '^kube-probe.* donotlog:'
+    log-x-forwarded-for = true