Prefix managed resources with instance name
This change is the last in the cycle, renaming the cert-manager, zookeeper, and PXC related resources s.t. they use the instance name of the cluster being deployed to separate them from different clusters. Change-Id: I175dc16bb7ba1a8461b5219b82b7d517310e9f46
This commit is contained in:
parent
110f8be95a
commit
7913d251df
|
@ -1,2 +1,2 @@
|
||||||
- name: Look for the cert-manager issuer
|
- name: Look for the cert-manager issuer
|
||||||
command: kubectl get Issuers ca-issuer -o yaml
|
command: kubectl get Issuers my-ca-issuer -o yaml
|
||||||
|
|
|
@ -39,9 +39,9 @@ class CertManager:
|
||||||
def install(self):
|
def install(self):
|
||||||
utils.apply_file(self.api, 'cert-manager.yaml', _adopt=False)
|
utils.apply_file(self.api, 'cert-manager.yaml', _adopt=False)
|
||||||
|
|
||||||
def create_ca(self):
|
def create_ca(self, instance_name):
|
||||||
utils.apply_file(self.api, 'cert-authority.yaml',
|
utils.apply_file(self.api, 'cert-authority.yaml',
|
||||||
namespace=self.namespace)
|
namespace=self.namespace, instance_name=instance_name)
|
||||||
|
|
||||||
def wait_for_webhook(self):
|
def wait_for_webhook(self):
|
||||||
while True:
|
while True:
|
||||||
|
|
|
@ -22,10 +22,11 @@ from . import utils
|
||||||
|
|
||||||
|
|
||||||
class PXC:
|
class PXC:
|
||||||
def __init__(self, api, namespace, logger):
|
def __init__(self, api, namespace, logger, name):
|
||||||
self.api = api
|
self.api = api
|
||||||
self.namespace = namespace
|
self.namespace = namespace
|
||||||
self.log = logger
|
self.log = logger
|
||||||
|
self.name = name
|
||||||
|
|
||||||
def is_installed(self):
|
def is_installed(self):
|
||||||
kind = objects.get_object('apiextensions.k8s.io/v1',
|
kind = objects.get_object('apiextensions.k8s.io/v1',
|
||||||
|
@ -50,7 +51,7 @@ class PXC:
|
||||||
kw = {'namespace': self.namespace}
|
kw = {'namespace': self.namespace}
|
||||||
kw['anti_affinity_key'] = small and 'none' or 'kubernetes.io/hostname'
|
kw['anti_affinity_key'] = small and 'none' or 'kubernetes.io/hostname'
|
||||||
kw['allow_unsafe'] = small and True or False
|
kw['allow_unsafe'] = small and True or False
|
||||||
|
kw['instance_name'] = self.name
|
||||||
utils.apply_file(self.api, 'pxc-cluster.yaml', **kw)
|
utils.apply_file(self.api, 'pxc-cluster.yaml', **kw)
|
||||||
|
|
||||||
def wait_for_cluster(self):
|
def wait_for_cluster(self):
|
||||||
|
@ -58,7 +59,8 @@ class PXC:
|
||||||
count = 0
|
count = 0
|
||||||
for obj in objects.Pod.objects(self.api).filter(
|
for obj in objects.Pod.objects(self.api).filter(
|
||||||
namespace=self.namespace,
|
namespace=self.namespace,
|
||||||
selector={'app.kubernetes.io/instance': 'db-cluster',
|
selector={'app.kubernetes.io/instance':
|
||||||
|
f'{self.name}-db-cluster',
|
||||||
'app.kubernetes.io/component': 'pxc',
|
'app.kubernetes.io/component': 'pxc',
|
||||||
'app.kubernetes.io/name':
|
'app.kubernetes.io/name':
|
||||||
'percona-xtradb-cluster'}):
|
'percona-xtradb-cluster'}):
|
||||||
|
@ -74,7 +76,7 @@ class PXC:
|
||||||
def get_root_password(self):
|
def get_root_password(self):
|
||||||
obj = objects.Secret.objects(self.api).\
|
obj = objects.Secret.objects(self.api).\
|
||||||
filter(namespace=self.namespace).\
|
filter(namespace=self.namespace).\
|
||||||
get(name="db-cluster-secrets")
|
get(name=f'{self.name}-db-cluster-secrets')
|
||||||
|
|
||||||
pw = base64.b64decode(obj.obj['data']['root']).decode('utf8')
|
pw = base64.b64decode(obj.obj['data']['root']).decode('utf8')
|
||||||
return pw
|
return pw
|
||||||
|
@ -86,20 +88,21 @@ class PXC:
|
||||||
utils.apply_file(self.api, 'pxc-create-db.yaml',
|
utils.apply_file(self.api, 'pxc-create-db.yaml',
|
||||||
namespace=self.namespace,
|
namespace=self.namespace,
|
||||||
root_password=root_pw,
|
root_password=root_pw,
|
||||||
zuul_password=zuul_pw)
|
zuul_password=zuul_pw,
|
||||||
|
instance_name=self.name)
|
||||||
|
|
||||||
while True:
|
while True:
|
||||||
obj = objects.Job.objects(self.api).\
|
obj = objects.Job.objects(self.api).\
|
||||||
filter(namespace=self.namespace).\
|
filter(namespace=self.namespace).\
|
||||||
get(name='create-database')
|
get(name=f'{self.name}-create-database')
|
||||||
if obj.obj['status'].get('succeeded'):
|
if obj.obj['status'].get('succeeded'):
|
||||||
break
|
break
|
||||||
time.sleep(2)
|
time.sleep(2)
|
||||||
|
|
||||||
obj.delete(propagation_policy="Foreground")
|
obj.delete(propagation_policy="Foreground")
|
||||||
|
db_host = f'{self.name}-db-cluster-haproxy'
|
||||||
dburi = f'mysql+pymysql://zuul:{zuul_pw}@db-cluster-haproxy/zuul'
|
dburi = f'mysql+pymysql://zuul:{zuul_pw}@{db_host}/zuul'
|
||||||
utils.update_secret(self.api, self.namespace, 'zuul-db',
|
utils.update_secret(self.api, self.namespace, f'{self.name}-zuul-db',
|
||||||
string_data={'dburi': dburi})
|
string_data={'dburi': dburi})
|
||||||
|
|
||||||
return dburi
|
return dburi
|
||||||
|
|
|
@ -2,17 +2,17 @@
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: selfsigned-issuer
|
name: {{ instance_name }}-selfsigned-issuer
|
||||||
spec:
|
spec:
|
||||||
selfSigned: {}
|
selfSigned: {}
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: ca-cert
|
name: {{ instance_name }}-ca-cert
|
||||||
spec:
|
spec:
|
||||||
# Secret names are always required.
|
# Secret names are always required.
|
||||||
secretName: ca-cert
|
secretName: {{ instance_name }}-ca-cert
|
||||||
duration: 87600h # 10y
|
duration: 87600h # 10y
|
||||||
renewBefore: 360h # 15d
|
renewBefore: 360h # 15d
|
||||||
isCA: true
|
isCA: true
|
||||||
|
@ -26,12 +26,12 @@ spec:
|
||||||
- caroot
|
- caroot
|
||||||
# Issuer references are always required.
|
# Issuer references are always required.
|
||||||
issuerRef:
|
issuerRef:
|
||||||
name: selfsigned-issuer
|
name: {{ instance_name }}-selfsigned-issuer
|
||||||
---
|
---
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
metadata:
|
metadata:
|
||||||
name: ca-issuer
|
name: {{ instance_name }}-ca-issuer
|
||||||
spec:
|
spec:
|
||||||
ca:
|
ca:
|
||||||
secretName: ca-cert
|
secretName: {{ instance_name }}-ca-cert
|
||||||
|
|
|
@ -50,7 +50,7 @@ spec:
|
||||||
secretName: {{ nodepool_config_secret_name }}
|
secretName: {{ nodepool_config_secret_name }}
|
||||||
- name: zookeeper-client-tls
|
- name: zookeeper-client-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-client-tls
|
secretName: {{ instance_name }}-zookeeper-client-tls
|
||||||
{%- for name, c in external_config.items() %}
|
{%- for name, c in external_config.items() %}
|
||||||
- name: {{ name }}
|
- name: {{ name }}
|
||||||
secret:
|
secret:
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
apiVersion: pxc.percona.com/v1-11-0
|
apiVersion: pxc.percona.com/v1-11-0
|
||||||
kind: PerconaXtraDBCluster
|
kind: PerconaXtraDBCluster
|
||||||
metadata:
|
metadata:
|
||||||
name: db-cluster
|
name: {{ instance_name }}-db-cluster
|
||||||
finalizers:
|
finalizers:
|
||||||
- delete-pxc-pods-in-order
|
- delete-pxc-pods-in-order
|
||||||
# - delete-proxysql-pvc
|
# - delete-proxysql-pvc
|
||||||
|
@ -11,11 +11,11 @@ metadata:
|
||||||
# percona.com/issue-vault-token: "true"
|
# percona.com/issue-vault-token: "true"
|
||||||
spec:
|
spec:
|
||||||
crVersion: 1.11.0
|
crVersion: 1.11.0
|
||||||
secretsName: db-cluster-secrets
|
secretsName: {{ instance_name }}-db-cluster-secrets
|
||||||
vaultSecretName: keyring-secret-vault
|
vaultSecretName: {{ instance_name }}-keyring-secret-vault
|
||||||
sslSecretName: db-cluster-ssl
|
sslSecretName: {{ instance_name }}-db-cluster-ssl
|
||||||
sslInternalSecretName: db-cluster-ssl-internal
|
sslInternalSecretName: {{ instance_name }}-db-cluster-ssl-internal
|
||||||
logCollectorSecretName: db-log-collector-secrets
|
logCollectorSecretName: {{ instance_name }}-db-log-collector-secrets
|
||||||
# initImage: percona/percona-xtradb-cluster-operator:1.11.0
|
# initImage: percona/percona-xtradb-cluster-operator:1.11.0
|
||||||
# enableCRValidationWebhook: true
|
# enableCRValidationWebhook: true
|
||||||
# tls:
|
# tls:
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
apiVersion: batch/v1
|
apiVersion: batch/v1
|
||||||
kind: Job
|
kind: Job
|
||||||
metadata:
|
metadata:
|
||||||
name: create-database
|
name: {{ instance_name }}-create-database
|
||||||
spec:
|
spec:
|
||||||
template:
|
template:
|
||||||
spec:
|
spec:
|
||||||
|
@ -11,7 +11,7 @@ spec:
|
||||||
command:
|
command:
|
||||||
- "mysql"
|
- "mysql"
|
||||||
- "-h"
|
- "-h"
|
||||||
- "db-cluster-haproxy"
|
- "{{ instance_name }}-db-cluster-haproxy"
|
||||||
- "-uroot"
|
- "-uroot"
|
||||||
- "-p{{ root_password }}"
|
- "-p{{ root_password }}"
|
||||||
- "mysql"
|
- "mysql"
|
||||||
|
|
|
@ -2,11 +2,11 @@
|
||||||
apiVersion: cert-manager.io/v1
|
apiVersion: cert-manager.io/v1
|
||||||
kind: Certificate
|
kind: Certificate
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper-server
|
name: {{ spec.instance_name }}-zookeeper-server
|
||||||
spec:
|
spec:
|
||||||
privateKey:
|
privateKey:
|
||||||
encoding: PKCS8
|
encoding: PKCS8
|
||||||
secretName: zookeeper-server-tls
|
secretName: {{ spec.instance_name }}-zookeeper-server-tls
|
||||||
commonName: server
|
commonName: server
|
||||||
usages:
|
usages:
|
||||||
- digital signature
|
- digital signature
|
||||||
|
@ -14,42 +14,45 @@ spec:
|
||||||
- server auth
|
- server auth
|
||||||
- client auth
|
- client auth
|
||||||
dnsNames:
|
dnsNames:
|
||||||
- zookeeper-0.zookeeper-headless.{{ namespace }}.svc.cluster.local
|
- {{ spec.instance_name }}-zookeeper-0.{{ spec.instance_name }}-zookeeper-headless.{{ namespace }}.svc.cluster.local
|
||||||
- zookeeper-0
|
- {{ spec.instance_name }}-zookeeper-0
|
||||||
- zookeeper-1.zookeeper-headless.{{ namespace }}.svc.cluster.local
|
- {{ spec.instance_name }}-zookeeper-1.{{ spec.instance_name }}-zookeeper-headless.{{ namespace }}.svc.cluster.local
|
||||||
- zookeeper-1
|
- {{ spec.instance_name }}-zookeeper-1
|
||||||
- zookeeper-2.zookeeper-headless.{{ namespace }}.svc.cluster.local
|
- {{ spec.instance_name }}-zookeeper-2.{{ spec.instance_name }}-zookeeper-headless.{{ namespace }}.svc.cluster.local
|
||||||
- zookeeper-2
|
- {{ spec.instance_name }}-zookeeper-2
|
||||||
issuerRef:
|
issuerRef:
|
||||||
name: ca-issuer
|
name: {{ spec.instance_name }}-ca-issuer
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
---
|
---
|
||||||
# Source: zookeeper/templates/poddisruptionbudget.yaml
|
# Source: zookeeper/templates/poddisruptionbudget.yaml
|
||||||
apiVersion: policy/v1
|
apiVersion: policy/v1
|
||||||
kind: PodDisruptionBudget
|
kind: PodDisruptionBudget
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper
|
name: {{ spec.instance_name }}-zookeeper
|
||||||
labels:
|
labels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
maxUnavailable: 1
|
maxUnavailable: 1
|
||||||
---
|
---
|
||||||
# Source: zookeeper/templates/config-script.yaml
|
# Source: zookeeper/templates/config-script.yaml
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: ConfigMap
|
kind: ConfigMap
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper
|
name: {{ spec.instance_name }}-zookeeper
|
||||||
labels:
|
labels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
data:
|
data:
|
||||||
ok: |
|
ok: |
|
||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
@ -188,10 +191,11 @@ data:
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper-headless
|
name: {{ spec.instance_name }}-zookeeper-headless
|
||||||
labels:
|
labels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
spec:
|
spec:
|
||||||
clusterIP: None
|
clusterIP: None
|
||||||
publishNotReadyAddresses: true
|
publishNotReadyAddresses: true
|
||||||
|
@ -211,15 +215,17 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
---
|
---
|
||||||
# Source: zookeeper/templates/service.yaml
|
# Source: zookeeper/templates/service.yaml
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper
|
name: {{ spec.instance_name }}-zookeeper
|
||||||
labels:
|
labels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
spec:
|
spec:
|
||||||
type: ClusterIP
|
type: ClusterIP
|
||||||
ports:
|
ports:
|
||||||
|
@ -230,24 +236,27 @@ spec:
|
||||||
selector:
|
selector:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
---
|
---
|
||||||
# Source: zookeeper/templates/statefulset.yaml
|
# Source: zookeeper/templates/statefulset.yaml
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
metadata:
|
metadata:
|
||||||
name: zookeeper
|
name: {{ spec.instance_name }}-zookeeper
|
||||||
labels:
|
labels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
spec:
|
spec:
|
||||||
serviceName: zookeeper-headless
|
serviceName: {{ spec.instance_name }}-zookeeper-headless
|
||||||
replicas: 3
|
replicas: 3
|
||||||
selector:
|
selector:
|
||||||
matchLabels:
|
matchLabels:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
podManagementPolicy: Parallel
|
podManagementPolicy: Parallel
|
||||||
updateStrategy:
|
updateStrategy:
|
||||||
type: RollingUpdate
|
type: RollingUpdate
|
||||||
|
@ -257,6 +266,7 @@ spec:
|
||||||
app: zookeeper
|
app: zookeeper
|
||||||
release: zookeeper
|
release: zookeeper
|
||||||
component: server
|
component: server
|
||||||
|
instance: {{ spec.instance_name }}
|
||||||
spec:
|
spec:
|
||||||
terminationGracePeriodSeconds: 1800
|
terminationGracePeriodSeconds: 1800
|
||||||
securityContext:
|
securityContext:
|
||||||
|
@ -346,14 +356,14 @@ spec:
|
||||||
volumes:
|
volumes:
|
||||||
- name: config
|
- name: config
|
||||||
configMap:
|
configMap:
|
||||||
name: zookeeper
|
name: {{ spec.instance_name }}-zookeeper
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
- name: zookeeper-server-tls
|
- name: zookeeper-server-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-server-tls
|
secretName: {{ spec.instance_name }}-zookeeper-server-tls
|
||||||
- name: zookeeper-client-tls
|
- name: zookeeper-client-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-server-tls
|
secretName: {{ spec.instance_name }}-zookeeper-server-tls
|
||||||
volumeClaimTemplates:
|
volumeClaimTemplates:
|
||||||
- metadata:
|
- metadata:
|
||||||
name: data
|
name: data
|
||||||
|
|
|
@ -19,7 +19,7 @@ spec:
|
||||||
- server auth
|
- server auth
|
||||||
- client auth
|
- client auth
|
||||||
issuerRef:
|
issuerRef:
|
||||||
name: ca-issuer
|
name: {{ instance_name }}-ca-issuer
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
---
|
---
|
||||||
|
|
|
@ -11,7 +11,7 @@ metadata:
|
||||||
app.kubernetes.io/component: zookeeper-client-certificate
|
app.kubernetes.io/component: zookeeper-client-certificate
|
||||||
spec:
|
spec:
|
||||||
keyEncoding: pkcs8
|
keyEncoding: pkcs8
|
||||||
secretName: zookeeper-client-tls
|
secretName: {{ instance_name }}-zookeeper-client-tls
|
||||||
commonName: client
|
commonName: client
|
||||||
usages:
|
usages:
|
||||||
- digital signature
|
- digital signature
|
||||||
|
@ -19,7 +19,7 @@ spec:
|
||||||
- server auth
|
- server auth
|
||||||
- client auth
|
- client auth
|
||||||
issuerRef:
|
issuerRef:
|
||||||
name: ca-issuer
|
name: {{ instance_name }}-ca-issuer
|
||||||
kind: Issuer
|
kind: Issuer
|
||||||
{%- endif %}
|
{%- endif %}
|
||||||
---
|
---
|
||||||
|
@ -152,7 +152,7 @@ spec:
|
||||||
secretName: {{ zuul_tenant_secret }}
|
secretName: {{ zuul_tenant_secret }}
|
||||||
- name: zookeeper-client-tls
|
- name: zookeeper-client-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-client-tls
|
secretName: {{ instance_name }}-zookeeper-client-tls
|
||||||
{%- for connection_name, connection in connections.items() %}
|
{%- for connection_name, connection in connections.items() %}
|
||||||
{%- if 'secretName' in connection %}
|
{%- if 'secretName' in connection %}
|
||||||
- name: connection-{{ connection_name }}
|
- name: connection-{{ connection_name }}
|
||||||
|
@ -220,7 +220,7 @@ spec:
|
||||||
secretName: {{ instance_name }}-zuul-config
|
secretName: {{ instance_name }}-zuul-config
|
||||||
- name: zookeeper-client-tls
|
- name: zookeeper-client-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-client-tls
|
secretName: {{ instance_name }}-zookeeper-client-tls
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: Deployment
|
||||||
|
@ -268,7 +268,7 @@ spec:
|
||||||
secretName: {{ instance_name }}-zuul-config
|
secretName: {{ instance_name }}-zuul-config
|
||||||
- name: zookeeper-client-tls
|
- name: zookeeper-client-tls
|
||||||
secret:
|
secret:
|
||||||
secretName: zookeeper-client-tls
|
secretName: {{ instance_name }}-zookeeper-client-tls
|
||||||
---
|
---
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: StatefulSet
|
kind: StatefulSet
|
||||||
|
|
|
@ -35,7 +35,8 @@ class ZooKeeper:
|
||||||
for obj in objects.Pod.objects(self.api).filter(
|
for obj in objects.Pod.objects(self.api).filter(
|
||||||
namespace=self.namespace,
|
namespace=self.namespace,
|
||||||
selector={'app': 'zookeeper',
|
selector={'app': 'zookeeper',
|
||||||
'component': 'server'}):
|
'component': 'server',
|
||||||
|
'instance': self.spec['instance_name']}):
|
||||||
if obj.obj['status']['phase'] == 'Running':
|
if obj.obj['status']['phase'] == 'Running':
|
||||||
count += 1
|
count += 1
|
||||||
if count == 3:
|
if count == 3:
|
||||||
|
|
|
@ -42,7 +42,7 @@ class Zuul:
|
||||||
self.db_secret = db_secret
|
self.db_secret = db_secret
|
||||||
self.manage_db = False
|
self.manage_db = False
|
||||||
else:
|
else:
|
||||||
self.db_secret = 'zuul-db'
|
self.db_secret = f'{self.name}-zuul-db'
|
||||||
self.manage_db = True
|
self.manage_db = True
|
||||||
|
|
||||||
self.nodepool_secret = spec.get('launcher', {}).get('config', {}).\
|
self.nodepool_secret = spec.get('launcher', {}).get('config', {}).\
|
||||||
|
@ -54,9 +54,9 @@ class Zuul:
|
||||||
if zk_str:
|
if zk_str:
|
||||||
self.manage_zk = False
|
self.manage_zk = False
|
||||||
else:
|
else:
|
||||||
zk_str = f'zookeeper.{self.namespace}:2281'
|
zk_str = f'{self.name}-zookeeper.{self.namespace}:2281'
|
||||||
zk_spec['hosts'] = zk_str
|
zk_spec['hosts'] = zk_str
|
||||||
zk_spec['secretName'] = 'zookeeper-client-tls'
|
zk_spec['secretName'] = f'{self.name}-zookeeper-client-tls'
|
||||||
self.manage_zk = True
|
self.manage_zk = True
|
||||||
|
|
||||||
zk_spec['tls_ca'] = '/tls/client/ca.crt'
|
zk_spec['tls_ca'] = '/tls/client/ca.crt'
|
||||||
|
@ -126,14 +126,17 @@ class Zuul:
|
||||||
self.cert_manager.wait_for_webhook()
|
self.cert_manager.wait_for_webhook()
|
||||||
|
|
||||||
def create_cert_manager_ca(self):
|
def create_cert_manager_ca(self):
|
||||||
self.cert_manager.create_ca()
|
self.cert_manager.create_ca(instance_name=self.name)
|
||||||
|
|
||||||
def install_zk(self):
|
def install_zk(self):
|
||||||
if not self.manage_zk:
|
if not self.manage_zk:
|
||||||
self.log.info("ZK is externally managed")
|
self.log.info("ZK is externally managed")
|
||||||
return
|
return
|
||||||
|
|
||||||
|
zk_spec = copy.deepcopy(self.spec['zookeeper'])
|
||||||
|
zk_spec['instance_name'] = self.name
|
||||||
self.zk = zookeeper.ZooKeeper(self.api, self.namespace, self.log,
|
self.zk = zookeeper.ZooKeeper(self.api, self.namespace, self.log,
|
||||||
self.spec['zookeeper'])
|
zk_spec)
|
||||||
self.zk.create()
|
self.zk.create()
|
||||||
|
|
||||||
def wait_for_zk(self):
|
def wait_for_zk(self):
|
||||||
|
@ -152,7 +155,7 @@ class Zuul:
|
||||||
small = self.spec.get('database', {}).get('allowUnsafeConfig', False)
|
small = self.spec.get('database', {}).get('allowUnsafeConfig', False)
|
||||||
|
|
||||||
self.log.info("DB is internally managed")
|
self.log.info("DB is internally managed")
|
||||||
self.pxc = pxc.PXC(self.api, self.namespace, self.log)
|
self.pxc = pxc.PXC(self.api, self.namespace, self.log, self.name)
|
||||||
if not self.pxc.is_installed():
|
if not self.pxc.is_installed():
|
||||||
self.log.info("Installing PXC operator")
|
self.log.info("Installing PXC operator")
|
||||||
self.pxc.create_operator()
|
self.pxc.create_operator()
|
||||||
|
@ -182,7 +185,7 @@ class Zuul:
|
||||||
return None
|
return None
|
||||||
|
|
||||||
def get_keystore_password(self):
|
def get_keystore_password(self):
|
||||||
secret_name = 'zuul-keystore'
|
secret_name = f'{self.name}-zuul-keystore'
|
||||||
secret_key = 'password'
|
secret_key = 'password'
|
||||||
try:
|
try:
|
||||||
obj = objects.Secret.objects(self.api).\
|
obj = objects.Secret.objects(self.api).\
|
||||||
|
|
Loading…
Reference in New Issue