feat: adding support for external-ceph keyrings to be present in libvirt deployments without local ceph needing to be available
chore: updated release notes feat: update libvirt launch script for external ceph Change-Id: Ie44f962d1ba538f6f8badfd1a627cb99e190c7b0
This commit is contained in:
parent
15358cebc4
commit
4035a5e4f2
@ -15,7 +15,7 @@ apiVersion: v1
|
||||
appVersion: v1.0.0
|
||||
description: OpenStack-Helm libvirt
|
||||
name: libvirt
|
||||
version: 0.1.14
|
||||
version: 0.1.15
|
||||
home: https://libvirt.org
|
||||
sources:
|
||||
- https://libvirt.org/git/?p=libvirt.git;a=summary
|
||||
|
@ -102,7 +102,7 @@ if [ 0"$hp_count" -gt 0 ]; then
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" ] ; then
|
||||
if [ -n "${LIBVIRT_CEPH_CINDER_SECRET_UUID}" ] || [ -n "${LIBVIRT_EXTERNAL_CEPH_CINDER_SECRET_UUID}" ] ; then
|
||||
#NOTE(portdirect): run libvirtd as a transient unit on the host with the osh-libvirt cgroups applied.
|
||||
cgexec -g ${CGROUPS%,}:/osh-libvirt systemd-run --scope --slice=system libvirtd --listen &
|
||||
|
||||
@ -159,10 +159,12 @@ EOF
|
||||
virsh secret-set-value --secret "${sec_uuid}" --base64 "${sec_ceph_keyring}"
|
||||
}
|
||||
|
||||
if [ -z "${CEPH_CINDER_KEYRING}" ] ; then
|
||||
if [ -z "${CEPH_CINDER_KEYRING}" ] && [ -n "${CEPH_CINDER_USER}" ] ; then
|
||||
CEPH_CINDER_KEYRING=$(awk '/key/{print $3}' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring)
|
||||
fi
|
||||
if [ -n "${CEPH_CINDER_USER}" ] ; then
|
||||
create_virsh_libvirt_secret ${CEPH_CINDER_USER} ${LIBVIRT_CEPH_CINDER_SECRET_UUID} ${CEPH_CINDER_KEYRING}
|
||||
fi
|
||||
|
||||
if [ -n "${LIBVIRT_EXTERNAL_CEPH_CINDER_SECRET_UUID}" ] ; then
|
||||
EXTERNAL_CEPH_CINDER_KEYRING=$(cat /tmp/external-ceph-client-keyring)
|
||||
|
@ -135,8 +135,8 @@ spec:
|
||||
{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.image" | indent 10 }}
|
||||
{{ tuple $envAll $envAll.Values.pod.resources.libvirt | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||
{{ dict "envAll" $envAll "application" "libvirt" "container" "libvirt" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
env:
|
||||
{{- if .Values.conf.ceph.enabled }}
|
||||
- name: CEPH_CINDER_USER
|
||||
value: "{{ .Values.conf.ceph.cinder.user }}"
|
||||
{{- if .Values.conf.ceph.cinder.keyring }}
|
||||
@ -145,13 +145,13 @@ spec:
|
||||
{{ end }}
|
||||
- name: LIBVIRT_CEPH_CINDER_SECRET_UUID
|
||||
value: "{{ .Values.conf.ceph.cinder.secret_uuid }}"
|
||||
{{ end }}
|
||||
{{- if .Values.conf.ceph.cinder.external_ceph.enabled }}
|
||||
- name: EXTERNAL_CEPH_CINDER_USER
|
||||
value: "{{ .Values.conf.ceph.cinder.external_ceph.user }}"
|
||||
- name: LIBVIRT_EXTERNAL_CEPH_CINDER_SECRET_UUID
|
||||
value: "{{ .Values.conf.ceph.cinder.external_ceph.secret_uuid }}"
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{ dict "envAll" . "component" "libvirt" "container" "libvirt" "type" "readiness" "probeTemplate" (include "libvirtReadinessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
{{ dict "envAll" . "component" "libvirt" "container" "libvirt" "type" "liveness" "probeTemplate" (include "libvirtLivenessProbeTemplate" . | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
|
||||
command:
|
||||
@ -221,13 +221,13 @@ spec:
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.conf.ceph.cinder.external_ceph.enabled }}
|
||||
- name: external-ceph-keyring
|
||||
mountPath: /tmp/external-ceph-client-keyring
|
||||
subPath: key
|
||||
readOnly: true
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{ if $mounts_libvirt.volumeMounts }}{{ toYaml $mounts_libvirt.volumeMounts | indent 12 }}{{ end }}
|
||||
{{- if .Values.pod.sidecars.libvirt_exporter }}
|
||||
- name: libvirt-exporter
|
||||
@ -281,12 +281,12 @@ spec:
|
||||
secret:
|
||||
secretName: {{ .Values.ceph_client.user_secret_name }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
{{- if .Values.conf.ceph.cinder.external_ceph.enabled }}
|
||||
- name: external-ceph-keyring
|
||||
secret:
|
||||
secretName: {{ .Values.conf.ceph.cinder.external_ceph.user_secret_name }}
|
||||
{{ end }}
|
||||
{{ end }}
|
||||
- name: libmodules
|
||||
hostPath:
|
||||
path: /lib/modules
|
||||
|
@ -15,4 +15,5 @@ libvirt:
|
||||
- 0.1.12 Add libvirt exporter as a sidecar
|
||||
- 0.1.13 Added OCI registry authentication
|
||||
- 0.1.14 Remove use of exec in libvirt.sh
|
||||
- 0.1.15 Add support for libvirt to connect to external ceph without any local ceph present
|
||||
...
|
||||
|
Loading…
Reference in New Issue
Block a user