From 96d2c003916fb8ec58766dae6f2717b016e4cc36 Mon Sep 17 00:00:00 2001 From: Steven Webster Date: Thu, 21 Mar 2019 09:24:44 -0400 Subject: [PATCH] Libvirt: support per node overrides This commit adds support for per-node overrides to the libvirt chart. For example, to enable a relaxed ACS check on one host, but not another, one may have the following in the override values file: conf: overrides: libvirt_libvirt: hosts: - name: host1.fqdn conf: qemu: relaxed_acs_check: 1 - name: host2.fqdn conf: qemu: relaxed_acs_check: 0 Story: 2005283 Task: 30140 Change-Id: Ia3431db6b78692ec0140cce1bab9bae5937318a4 Signed-off-by: Steven Webster --- libvirt/templates/configmap-etc.yaml | 22 +++++++++---- libvirt/templates/daemonset-libvirt.yaml | 42 +++++++++++++++++------- 2 files changed, 45 insertions(+), 19 deletions(-) diff --git a/libvirt/templates/configmap-etc.yaml b/libvirt/templates/configmap-etc.yaml index cab19942f..9cba4082e 100644 --- a/libvirt/templates/configmap-etc.yaml +++ b/libvirt/templates/configmap-etc.yaml @@ -14,15 +14,23 @@ See the License for the specific language governing permissions and limitations under the License. */}} -{{- if .Values.manifests.configmap_etc }} +{{- define "libvirt.configmap.etc" }} +{{- $configMapName := index . 0 }} +{{- $envAll := index . 1 }} +{{- with $envAll }} + --- apiVersion: v1 -kind: ConfigMap +kind: Secret metadata: - name: libvirt-etc + name: {{ $configMapName }} +type: Opaque data: - libvirtd.conf: | -{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | indent 4 }} - qemu.conf: | -{{- include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | indent 4 }} + libvirtd.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.libvirt | b64enc }} + qemu.conf: {{ include "libvirt.utils.to_libvirt_conf" .Values.conf.qemu | b64enc }} +{{- end }} +{{- end }} + +{{- if .Values.manifests.configmap_etc }} +{{- list "libvirt-etc" . | include "libvirt.configmap.etc" }} {{- end }} diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml index 5c1000405..6ad5cc22c 100644 --- a/libvirt/templates/daemonset-libvirt.yaml +++ b/libvirt/templates/daemonset-libvirt.yaml @@ -14,16 +14,16 @@ See the License for the specific language governing permissions and limitations under the License. */}} -{{- if .Values.manifests.daemonset_libvirt }} -{{- $envAll := . }} -{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}} -{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} +{{- define "libvirt.daemonset" }} +{{- $daemonset := index . 0 }} +{{- $configMapName := index . 1 }} +{{- $serviceAccountName := index . 2 }} +{{- $envAll := index . 3 }} +{{- with $envAll }} {{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }} {{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }} -{{- $serviceAccountName := "libvirt" }} -{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1 kind: DaemonSet @@ -32,16 +32,16 @@ metadata: annotations: {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} labels: -{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} spec: selector: matchLabels: -{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} -{{ tuple $envAll "libvirt" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} +{{ tuple $envAll $daemonset | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} template: metadata: labels: -{{ tuple $envAll "libvirt" "libvirt" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} +{{ tuple $envAll .Chart.Name $daemonset | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} annotations: {{- dict "envAll" $envAll "podName" "libvirt" "containerNames" (list "libvirt") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }} {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }} @@ -194,8 +194,8 @@ spec: name: libvirt-bin defaultMode: 0555 - name: libvirt-etc - configMap: - name: libvirt-etc + secret: + secretName: {{ $configMapName }} defaultMode: 0444 {{- if .Values.conf.ceph.enabled }} - name: etcceph @@ -241,3 +241,21 @@ spec: {{ dict "envAll" $envAll "component" "libvirt" "requireSys" true | include "helm-toolkit.snippets.kubernetes_apparmor_volumes" | indent 8 }} {{ if $mounts_libvirt.volumes }}{{ toYaml $mounts_libvirt.volumes | indent 8 }}{{ end }} {{- end }} +{{- end }} + +{{- if .Values.manifests.daemonset_libvirt }} + +{{- $envAll := . }} +{{- $daemonset := "libvirt" }} +{{- $configMapName := "libvirt-etc" }} +{{- $serviceAccountName := "libvirt" }} + +{{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "libvirt" -}} +{{- $_ := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} + +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "libvirt.daemonset" | toString | fromYaml }} +{{- $configmap_yaml := "libvirt.configmap.etc" }} +{{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} + +{{- end }}