Merge "Add option of configuring imagePullSecrets for openshift drivers"
This commit is contained in:
commit
2926807c65
@ -91,6 +91,24 @@ Selecting the openshift pods driver adds the following options to the
|
||||
|
||||
The ImagePullPolicy, can be IfNotPresent, Always or Never.
|
||||
|
||||
.. attr:: image-pull-secrets
|
||||
:default: []
|
||||
:type: list
|
||||
|
||||
The imagePullSecrets needed to pull container images from a private
|
||||
registry.
|
||||
|
||||
Example:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
labels:
|
||||
- name: openshift-pod
|
||||
type: pod
|
||||
image: docker.io/fedora:28
|
||||
image-pull-secrets:
|
||||
- name: registry-secret
|
||||
|
||||
.. attr:: cpu
|
||||
:type: int
|
||||
|
||||
|
@ -128,6 +128,23 @@ Selecting the openshift driver adds the following options to the
|
||||
|
||||
The ImagePullPolicy, can be IfNotPresent, Always or Never.
|
||||
|
||||
.. attr:: image-pull-secrets
|
||||
:default: []
|
||||
:type: list
|
||||
|
||||
The imagePullSecrets needed to pull container images from a private
|
||||
registry.
|
||||
|
||||
Example:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
labels:
|
||||
- name: openshift-pod
|
||||
image: docker.io/fedora:28
|
||||
image-pull-secrets:
|
||||
- name: registry-secret
|
||||
|
||||
.. attr:: python-path
|
||||
:type: str
|
||||
:default: auto
|
||||
|
@ -45,6 +45,7 @@ class OpenshiftPool(ConfigPool):
|
||||
pl.type = label['type']
|
||||
pl.image = label.get('image')
|
||||
pl.image_pull = label.get('image-pull', 'IfNotPresent')
|
||||
pl.image_pull_secrets = label.get('image-pull-secrets', [])
|
||||
pl.cpu = label.get('cpu')
|
||||
pl.memory = label.get('memory')
|
||||
pl.python_path = label.get('python-path', 'auto')
|
||||
@ -91,6 +92,7 @@ class OpenshiftProviderConfig(ProviderConfig):
|
||||
v.Required('type'): str,
|
||||
'image': str,
|
||||
'image-pull': str,
|
||||
'image-pull-secrets': list,
|
||||
'cpu': int,
|
||||
'memory': int,
|
||||
'python-path': str,
|
||||
|
@ -229,7 +229,8 @@ class OpenshiftProvider(Provider, QuotaSupport):
|
||||
container_body['resources'][rtype] = rbody
|
||||
|
||||
spec_body = {
|
||||
'containers': [container_body]
|
||||
'containers': [container_body],
|
||||
'imagePullSecrets': label.image_pull_secrets,
|
||||
}
|
||||
|
||||
if label.node_selector:
|
||||
|
@ -53,6 +53,7 @@ class OpenshiftPodsProviderConfig(OpenshiftProviderConfig):
|
||||
v.Required('name'): str,
|
||||
v.Required('image'): str,
|
||||
'image-pull': str,
|
||||
'image-pull-secrets': list,
|
||||
'cpu': int,
|
||||
'memory': int,
|
||||
'python-path': str,
|
||||
|
6
nodepool/tests/fixtures/openshift.yaml
vendored
6
nodepool/tests/fixtures/openshift.yaml
vendored
@ -15,6 +15,7 @@ tenant-resource-limits:
|
||||
labels:
|
||||
- name: pod-fedora
|
||||
- name: openshift-project
|
||||
- name: pod-fedora-secret
|
||||
|
||||
providers:
|
||||
- name: openshift
|
||||
@ -33,3 +34,8 @@ providers:
|
||||
image: docker.io/fedora:28
|
||||
python-path: '/usr/bin/python3'
|
||||
shell-type: csh
|
||||
- name: pod-fedora-secret
|
||||
type: pod
|
||||
image: docker.io/fedora:28
|
||||
image-pull-secrets:
|
||||
- name: registry-secret
|
||||
|
5
nodepool/tests/fixtures/openshiftpods.yaml
vendored
5
nodepool/tests/fixtures/openshiftpods.yaml
vendored
@ -14,6 +14,7 @@ tenant-resource-limits:
|
||||
|
||||
labels:
|
||||
- name: pod-fedora
|
||||
- name: pod-fedora-secret
|
||||
|
||||
providers:
|
||||
- name: openshift
|
||||
@ -27,3 +28,7 @@ providers:
|
||||
labels:
|
||||
- name: pod-fedora
|
||||
image: docker.io/fedora:28
|
||||
- name: pod-fedora-secret
|
||||
image: docker.io/fedora:28
|
||||
image-pull-secrets:
|
||||
- name: registry-secret
|
||||
|
@ -163,6 +163,31 @@ class TestDriverOpenshift(tests.DBTestCase):
|
||||
|
||||
self.waitForNodeDeletion(node)
|
||||
|
||||
def test_openshift_pull_secret(self):
|
||||
configfile = self.setup_config('openshift.yaml')
|
||||
pool = self.useNodepool(configfile, watermark_sleep=1)
|
||||
pool.start()
|
||||
req = zk.NodeRequest()
|
||||
req.state = zk.REQUESTED
|
||||
req.node_types.append('pod-fedora-secret')
|
||||
self.zk.storeNodeRequest(req)
|
||||
|
||||
self.log.debug("Waiting for request %s", req.id)
|
||||
req = self.waitForNodeRequest(req)
|
||||
self.assertEqual(req.state, zk.FULFILLED)
|
||||
|
||||
self.assertNotEqual(req.nodes, [])
|
||||
node = self.zk.getNode(req.nodes[0])
|
||||
self.assertEqual(node.allocated_to, req.id)
|
||||
self.assertEqual(node.state, zk.READY)
|
||||
self.assertIsNotNone(node.launcher)
|
||||
self.assertEqual(node.connection_type, 'kubectl')
|
||||
|
||||
node.state = zk.DELETING
|
||||
self.zk.storeNode(node)
|
||||
|
||||
self.waitForNodeDeletion(node)
|
||||
|
||||
def test_openshift_native(self):
|
||||
configfile = self.setup_config('openshift.yaml')
|
||||
pool = self.useNodepool(configfile, watermark_sleep=1)
|
||||
|
@ -109,3 +109,29 @@ class TestDriverOpenshiftPods(tests.DBTestCase):
|
||||
self.zk.storeNode(node)
|
||||
|
||||
self.waitForNodeDeletion(node)
|
||||
|
||||
def test_openshift_pod_secrets(self):
|
||||
configfile = self.setup_config('openshiftpods.yaml')
|
||||
pool = self.useNodepool(configfile, watermark_sleep=1)
|
||||
pool.start()
|
||||
req = zk.NodeRequest()
|
||||
req.state = zk.REQUESTED
|
||||
req.node_types.append('pod-fedora-secret')
|
||||
self.zk.storeNodeRequest(req)
|
||||
|
||||
self.log.debug("Waiting for request %s", req.id)
|
||||
req = self.waitForNodeRequest(req)
|
||||
self.assertEqual(req.state, zk.FULFILLED)
|
||||
|
||||
self.assertNotEqual(req.nodes, [])
|
||||
node = self.zk.getNode(req.nodes[0])
|
||||
self.assertEqual(node.allocated_to, req.id)
|
||||
self.assertEqual(node.state, zk.READY)
|
||||
self.assertIsNotNone(node.launcher)
|
||||
self.assertEqual(node.connection_type, 'kubectl')
|
||||
self.assertEqual(node.connection_port.get('token'), 'fake-token')
|
||||
|
||||
node.state = zk.DELETING
|
||||
self.zk.storeNode(node)
|
||||
|
||||
self.waitForNodeDeletion(node)
|
||||
|
@ -0,0 +1,5 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
openshift and openshiftpods drivers now supports pods using images from
|
||||
private registries by configuring `image-pull-secrets`.
|
Loading…
Reference in New Issue
Block a user