openstack/openstack-helm
Code Issues Proposed changes

Unhardcode liveness/readiness endpoint params for glance and barbican

Browse Source 
* Unify liveness/readiness for glance and barbican api checks.
  Path now obtained from .Values.endpoint section
* Use healthcheck endpoint when TLS is enabled for glance
* Make timeout values configurable via values for barbican

Change-Id: Ifc5f9cd8aa904d3dece7db3d5dd528bd307ea9bc
This commit is contained in:
Vasyl Saienko 2024-12-18 07:13:02 +00:00
parent 1483987d2e
commit 90804f948d
4 changed files with 35 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
barbican/templates/deployment-api.yaml
View File

@ -12,6 +12,14 @@ See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/}} */}}
{{- define "probeTemplate" }}
{{- $health_path := tuple "key_manager" "healthcheck" "internal" . | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
httpGet:
scheme: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
path: {{ $health_path }}
port: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
{{- if .Values.manifests.deployment_api }} {{- if .Values.manifests.deployment_api }}
{{- $envAll := . }} {{- $envAll := . }}
@ -62,6 +70,8 @@ spec:
{{ tuple $envAll "barbican_api" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll "barbican_api" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "barbican" "container" "barbican_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} {{ dict "envAll" $envAll "application" "barbican" "container" "barbican_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ dict "envAll" $envAll "component" "api" "container" "barbican-api" "type" "readiness" "probeTemplate" (include "probeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
{{ dict "envAll" $envAll "component" "api" "container" "barbican-api" "type" "liveness" "probeTemplate" (include "probeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
command: command:
- /tmp/barbican.sh - /tmp/barbican.sh
- start - start
@ -79,16 +89,6 @@ spec:
ports: ports:
- name: b-api - name: b-api
containerPort: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} containerPort: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
livenessProbe:
httpGet:
scheme: HTTP
path: /healthcheck
port: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
httpGet:
scheme: HTTP
path: /healthcheck
port: {{ tuple "key_manager" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts: volumeMounts:
- name: pod-tmp - name: pod-tmp
mountPath: /tmp mountPath: /tmp

15
barbican/values.yaml
View File

@ -121,6 +121,20 @@ pod:
disruption_budget: disruption_budget:
api: api:
min_available: 0 min_available: 0
probes:
api:
barbican-api:
readiness:
enabled: true
params:
periodSeconds: 10
timeoutSeconds: 5
liveness:
enabled: true
params:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
resources: resources:
enabled: false enabled: false
api: api:
@ -588,6 +602,7 @@ endpoints:
name: ca-clusterissuer name: ca-clusterissuer
path: path:
default: / default: /
healthcheck: /healthcheck
scheme: scheme:
default: http default: http
service: http service: http

31
glance/templates/deployment-api.yaml
View File

@ -12,33 +12,20 @@ See the License for the specific language governing permissions and
limitations under the License. limitations under the License.
*/}} */}}
{{- define "readinessProbeTemplate" }} {{- define "probeTemplate" }}
{{- $health_path := tuple "image" "healthcheck" "internal" . | include "helm-toolkit.endpoints.keystone_endpoint_path_lookup" }}
{{- $health_port := tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- if .Values.manifests.certificates }} {{- if .Values.manifests.certificates }}
exec: exec:
command: command:
- python - python
- -c - -c
- "import requests; requests.get('http://127.0.0.1:{{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}')" - "import requests; requests.get('http://127.0.0.1:{{ $health_port }}{{ $health_path }}')"
{{- else }} {{- else }}
httpGet: httpGet:
path: {{ $health_path }}
scheme: {{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }} scheme: {{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
path: /healthcheck port: {{ $health_port }}
port: {{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }}
{{- end }}
{{- define "livenessProbeTemplate" }}
{{- if .Values.manifests.certificates }}
exec:
command:
- python
- -c
- "import requests; requests.get('http://127.0.0.1:{{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}')"
{{- else }}
httpGet:
scheme: {{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
path: /healthcheck
port: {{ tuple "image" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- end }} {{- end }}
{{- end }} {{- end }}
@ -178,8 +165,8 @@ spec:
{{ tuple $envAll "glance_api" | include "helm-toolkit.snippets.image" | indent 10 }} {{ tuple $envAll "glance_api" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} {{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "glance" "container" "glance_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} {{ dict "envAll" $envAll "application" "glance" "container" "glance_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
{{ dict "envAll" $envAll "component" "api" "container" "glance-api" "type" "readiness" "probeTemplate" (include "readinessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} {{ dict "envAll" $envAll "component" "api" "container" "glance-api" "type" "readiness" "probeTemplate" (include "probeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
{{ dict "envAll" $envAll "component" "api" "container" "glance-api" "type" "liveness" "probeTemplate" (include "livenessProbeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }} {{ dict "envAll" $envAll "component" "api" "container" "glance-api" "type" "liveness" "probeTemplate" (include "probeTemplate" $envAll | fromYaml) | include "helm-toolkit.snippets.kubernetes_probe" | indent 10 }}
command: command:
- /tmp/glance-api.sh - /tmp/glance-api.sh
- start - start

1
glance/values.yaml
View File

@ -646,6 +646,7 @@ endpoints:
# key: null # key: null
path: path:
default: null default: null
healthcheck: /healthcheck
scheme: scheme:
default: http default: http
service: http service: http