Bootstrap jobs: move template to helm toolkit
This PS moves the templates for bootstrap jobs to helm-toolkit. Change-Id: I0fc0f7722cfc87b00e26510dee7ba79d2139a171
This commit is contained in:
parent
826fddca01
commit
c7e2eb9e25
@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "barbican" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_barbican_bootstrap := .Values.pod.mounts.barbican_bootstrap.barbican_bootstrap }}
|
|
||||||
{{- $mounts_barbican_bootstrap_init := .Values.pod.mounts.barbican_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "barbican-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: barbican-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "barbican" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_barbican_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: barbican-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: barbican-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_barbican_bootstrap.volumeMounts }}{{ toYaml $mounts_barbican_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: barbican-bin
|
|
||||||
configMap:
|
|
||||||
name: barbican-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_barbican_bootstrap.volumes }}{{ toYaml $mounts_barbican_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -148,6 +148,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: barbican
|
||||||
script: |
|
script: |
|
||||||
openstack token issue
|
openstack token issue
|
||||||
|
|
||||||
|
20
ceilometer/templates/job-bootstrap.yaml
Normal file
20
ceilometer/templates/job-bootstrap.yaml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "ceilometer" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
|
{{- end }}
|
@ -1609,6 +1609,12 @@ secrets:
|
|||||||
admin: ceilometer-mongodb-admin
|
admin: ceilometer-mongodb-admin
|
||||||
ceilometer: ceilometer-mongodb-user
|
ceilometer: ceilometer-mongodb-user
|
||||||
|
|
||||||
|
bootstrap:
|
||||||
|
enabled: false
|
||||||
|
ks_user: ceilometer
|
||||||
|
script: |
|
||||||
|
openstack token issue
|
||||||
|
|
||||||
# typically overriden by environmental
|
# typically overriden by environmental
|
||||||
# values, but should include all endpoints
|
# values, but should include all endpoints
|
||||||
# required by this chart
|
# required by this chart
|
||||||
@ -1914,6 +1920,7 @@ manifests:
|
|||||||
deployment_compute: true
|
deployment_compute: true
|
||||||
deployment_notification: true
|
deployment_notification: true
|
||||||
ingress_api: true
|
ingress_api: true
|
||||||
|
job_bootstrap: true
|
||||||
job_db_init: true
|
job_db_init: true
|
||||||
job_db_init_mongodb: true
|
job_db_init_mongodb: true
|
||||||
job_db_sync: true
|
job_db_sync: true
|
||||||
|
@ -14,58 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "cinder" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "cinder-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: cinder-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "cinder" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: cinder-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: cinder-etc
|
|
||||||
mountPath: /etc/cinder/cinder.conf
|
|
||||||
subPath: cinder.conf
|
|
||||||
readOnly: true
|
|
||||||
- name: cinder-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
volumes:
|
|
||||||
- name: cinder-etc
|
|
||||||
configMap:
|
|
||||||
name: cinder-etc
|
|
||||||
defaultMode: 0444
|
|
||||||
- name: cinder-bin
|
|
||||||
configMap:
|
|
||||||
name: cinder-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -224,6 +224,7 @@ pod:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
ks_user: admin
|
||||||
bootstrap_conf_backends: true
|
bootstrap_conf_backends: true
|
||||||
volume_types:
|
volume_types:
|
||||||
name:
|
name:
|
||||||
|
20
congress/templates/job-bootstrap.yaml
Normal file
20
congress/templates/job-bootstrap.yaml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "congress" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
|
{{- end }}
|
@ -156,6 +156,12 @@ secrets:
|
|||||||
congress: congress-db-user
|
congress: congress-db-user
|
||||||
rbd: images-rbd-keyring
|
rbd: images-rbd-keyring
|
||||||
|
|
||||||
|
bootstrap:
|
||||||
|
enabled: false
|
||||||
|
ks_user: congress
|
||||||
|
script: |
|
||||||
|
openstack token issue
|
||||||
|
|
||||||
endpoints:
|
endpoints:
|
||||||
cluster_domain_suffix: cluster.local
|
cluster_domain_suffix: cluster.local
|
||||||
identity:
|
identity:
|
||||||
@ -433,16 +439,17 @@ manifests:
|
|||||||
configmap_bin: true
|
configmap_bin: true
|
||||||
configmap_etc: true
|
configmap_etc: true
|
||||||
deployment_api: true
|
deployment_api: true
|
||||||
deployment_policy_engine: true
|
|
||||||
deployment_datasource: true
|
deployment_datasource: true
|
||||||
|
deployment_policy_engine: true
|
||||||
|
ingress_api: true
|
||||||
|
job_bootstrap: true
|
||||||
job_db_init: true
|
job_db_init: true
|
||||||
job_db_sync: true
|
job_db_sync: true
|
||||||
secret_db: true
|
job_ds_create: true
|
||||||
secret_keystone: true
|
|
||||||
job_ks_endpoints: true
|
job_ks_endpoints: true
|
||||||
job_ks_service: true
|
job_ks_service: true
|
||||||
job_ks_user: true
|
job_ks_user: true
|
||||||
job_ds_create: true
|
secret_db: true
|
||||||
|
secret_keystone: true
|
||||||
service_api: true
|
service_api: true
|
||||||
ingress_api: true
|
|
||||||
service_ingress_api: true
|
service_ingress_api: true
|
||||||
|
@ -18,11 +18,10 @@ limitations under the License.
|
|||||||
|
|
||||||
set -ex
|
set -ex
|
||||||
export HOME=/tmp
|
export HOME=/tmp
|
||||||
{{ if .Values.bootstrap.enabled }}
|
|
||||||
|
|
||||||
cd /tmp/images
|
cd /tmp/images
|
||||||
|
|
||||||
{{ range .Values.bootstrap.images }}
|
{{ range .Values.bootstrap.structured.images }}
|
||||||
openstack image show {{ .name | quote }} || \
|
openstack image show {{ .name | quote }} || \
|
||||||
{ curl -O {{ .source_url }}{{ .image_file }}; \
|
{ curl -O {{ .source_url }}{{ .image_file }}; \
|
||||||
openstack image create {{ .name | quote }} \
|
openstack image create {{ .name | quote }} \
|
||||||
@ -39,5 +38,4 @@ openstack image show {{ .name | quote }} || \
|
|||||||
{{- end -}}; }
|
{{- end -}}; }
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ end }}
|
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
|
||||||
exit 0
|
|
||||||
|
@ -14,60 +14,18 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- define "glance.templates._job_bootstrap.pod_volumes" -}}
|
||||||
{{- $envAll := . }}
|
{{- $envAll := index . 0 -}}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "glance-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: glance-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "glance" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: glance-bootstrap
|
|
||||||
image: {{ .Values.images.tags.glance_bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: imagedir
|
- name: imagedir
|
||||||
mountPath: /tmp/images
|
mountPath: /tmp/images
|
||||||
- name: glance-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
- name: glance-etc
|
|
||||||
mountPath: /etc/glance/glance-api.conf
|
|
||||||
subPath: glance-api.conf
|
|
||||||
readOnly: true
|
|
||||||
volumes:
|
volumes:
|
||||||
- name: imagedir
|
- name: imagedir
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
- name: glance-bin
|
{{- end }}
|
||||||
configMap:
|
|
||||||
name: glance-bin
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
defaultMode: 0555
|
{{- $podVolumes := tuple . | include "glance.templates._job_bootstrap.pod_volumes" | toString | fromYaml }}
|
||||||
- name: glance-etc
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "glance" "keystoneUser" .Values.bootstrap.ks_user "podVolMounts" $podVolumes.volumeMounts "podVols" $podVolumes.volumes -}}
|
||||||
configMap:
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
name: glance-etc
|
|
||||||
defaultMode: 0444
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -46,12 +46,15 @@ images:
|
|||||||
glance_api: docker.io/openstackhelm/glance:newton
|
glance_api: docker.io/openstackhelm/glance:newton
|
||||||
glance_registry: docker.io/openstackhelm/glance:newton
|
glance_registry: docker.io/openstackhelm/glance:newton
|
||||||
# Bootstrap image requires curl
|
# Bootstrap image requires curl
|
||||||
glance_bootstrap: docker.io/openstackhelm/heat:newton
|
bootstrap: docker.io/openstackhelm/heat:newton
|
||||||
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
|
||||||
pull_policy: "IfNotPresent"
|
pull_policy: "IfNotPresent"
|
||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
ks_user: admin
|
||||||
|
script: null
|
||||||
|
structured:
|
||||||
images:
|
images:
|
||||||
cirros:
|
cirros:
|
||||||
id: null
|
id: null
|
||||||
|
20
gnocchi/templates/job-bootstrap.yaml
Normal file
20
gnocchi/templates/job-bootstrap.yaml
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "gnocchi" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
|
{{- end }}
|
@ -361,6 +361,12 @@ secrets:
|
|||||||
gnocchi: gnocchi-db-indexer-user
|
gnocchi: gnocchi-db-indexer-user
|
||||||
rbd: gnocchi-rbd-keyring
|
rbd: gnocchi-rbd-keyring
|
||||||
|
|
||||||
|
bootstrap:
|
||||||
|
enabled: false
|
||||||
|
ks_user: gnocchi
|
||||||
|
script: |
|
||||||
|
openstack token issue
|
||||||
|
|
||||||
# typically overriden by environmental
|
# typically overriden by environmental
|
||||||
# values, but should include all endpoints
|
# values, but should include all endpoints
|
||||||
# required by this chart
|
# required by this chart
|
||||||
@ -467,6 +473,7 @@ manifests:
|
|||||||
daemonset_statsd: true
|
daemonset_statsd: true
|
||||||
deployment_api: true
|
deployment_api: true
|
||||||
ingress_api: true
|
ingress_api: true
|
||||||
|
job_bootstrap: true
|
||||||
job_clean: true
|
job_clean: true
|
||||||
job_db_init_indexer: true
|
job_db_init_indexer: true
|
||||||
job_db_init: true
|
job_db_init: true
|
||||||
|
@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "heat" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_heat_bootstrap := .Values.pod.mounts.heat_bootstrap.heat_bootstrap }}
|
|
||||||
{{- $mounts_heat_bootstrap_init := .Values.pod.mounts.heat_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "heat-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: heat-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "heat" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_heat_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: heat-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: heat-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_heat_bootstrap.volumeMounts }}{{ toYaml $mounts_heat_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: heat-bin
|
|
||||||
configMap:
|
|
||||||
name: heat-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_heat_bootstrap.volumes }}{{ toYaml $mounts_heat_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -263,6 +263,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: heat
|
||||||
script: |
|
script: |
|
||||||
openstack token issue
|
openstack token issue
|
||||||
|
|
||||||
|
94
helm-toolkit/templates/manifests/_job-bootstrap.yaml
Normal file
94
helm-toolkit/templates/manifests/_job-bootstrap.yaml
Normal file
@ -0,0 +1,94 @@
|
|||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
# This function creates a manifest for db creation and user management.
|
||||||
|
# It can be used in charts dict created similar to the following:
|
||||||
|
# {- $dbSyncJob := dict "envAll" . "serviceName" "senlin" -}
|
||||||
|
# { $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }
|
||||||
|
|
||||||
|
{{- define "helm-toolkit.manifests.job_bootstrap" -}}
|
||||||
|
{{- $envAll := index . "envAll" -}}
|
||||||
|
{{- $serviceName := index . "serviceName" -}}
|
||||||
|
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
|
||||||
|
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.bootstrap -}}
|
||||||
|
{{- $podVolMounts := index . "podVolMounts" | default false -}}
|
||||||
|
{{- $podVols := index . "podVols" | default false -}}
|
||||||
|
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
|
||||||
|
{{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}}
|
||||||
|
{{- $configFile := index . "configFile" | default (printf "/etc/%s/%s.conf" $serviceName $serviceName ) -}}
|
||||||
|
{{- $keystoneUser := index . "keystoneUser" | default $serviceName -}}
|
||||||
|
|
||||||
|
{{- $serviceNamePretty := $serviceName | replace "_" "-" -}}
|
||||||
|
|
||||||
|
{{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }}
|
||||||
|
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: {{ printf "%s-%s" $serviceNamePretty "bootstrap" | quote }}
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll $serviceName "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
serviceAccountName: {{ $serviceAccountName }}
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ toYaml $nodeSelector | indent 8 }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: bootstrap
|
||||||
|
image: {{ $envAll.Values.images.tags.bootstrap }}
|
||||||
|
imagePullPolicy: {{ $envAll.Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
{{- with $env := dict "ksUserSecret" ( index $envAll.Values.secrets.identity $keystoneUser ) }}
|
||||||
|
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
command:
|
||||||
|
- /tmp/bootstrap.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: bootstrap-sh
|
||||||
|
mountPath: /tmp/bootstrap.sh
|
||||||
|
subPath: bootstrap.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: etc-service
|
||||||
|
mountPath: {{ dir $configFile | quote }}
|
||||||
|
- name: bootstrap-conf
|
||||||
|
mountPath: {{ $configFile | quote }}
|
||||||
|
subPath: {{ base $configFile | quote }}
|
||||||
|
readOnly: true
|
||||||
|
{{- if $podVolMounts }}
|
||||||
|
{{ $podVolMounts | toYaml | indent 12 }}
|
||||||
|
{{- end }}
|
||||||
|
volumes:
|
||||||
|
- name: bootstrap-sh
|
||||||
|
configMap:
|
||||||
|
name: {{ $configMapBin | quote }}
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: etc-service
|
||||||
|
emptyDir: {}
|
||||||
|
- name: bootstrap-conf
|
||||||
|
configMap:
|
||||||
|
name: {{ $configMapEtc | quote }}
|
||||||
|
defaultMode: 0444
|
||||||
|
{{- if $podVols }}
|
||||||
|
{{ $podVols | toYaml | indent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
@ -15,52 +15,6 @@ limitations under the License.
|
|||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "ironic" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
|
|
||||||
{{- $mounts_ironic_bootstrap := .Values.pod.mounts.ironic_bootstrap.ironic_bootstrap }}
|
|
||||||
{{- $mounts_ironic_bootstrap_init := .Values.pod.mounts.ironic_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "ironic-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: ironic-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "ironic" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_ironic_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: ironic-bootstrap
|
|
||||||
image: {{ .Values.images.tags.ironic_bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: ironic-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{- if $mounts_ironic_bootstrap.volumeMounts }}{{ toYaml $mounts_ironic_bootstrap.volumeMounts | indent 10 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: ironic-bin
|
|
||||||
configMap:
|
|
||||||
name: ironic-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{- if $mounts_ironic_bootstrap.volumes }}{{ toYaml $mounts_ironic_bootstrap.volumes | indent 6 }}{{ end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -33,7 +33,7 @@ images:
|
|||||||
ironic_manage_cleaning_network: docker.io/openstackhelm/heat:newton
|
ironic_manage_cleaning_network: docker.io/openstackhelm/heat:newton
|
||||||
ironic_retrive_cleaning_network: docker.io/openstackhelm/heat:newton
|
ironic_retrive_cleaning_network: docker.io/openstackhelm/heat:newton
|
||||||
# Bootstrap image requires curl
|
# Bootstrap image requires curl
|
||||||
ironic_bootstrap: docker.io/openstackhelm/heat:newton
|
bootstrap: docker.io/openstackhelm/heat:newton
|
||||||
db_init: docker.io/openstackhelm/heat:newton
|
db_init: docker.io/openstackhelm/heat:newton
|
||||||
ironic_db_sync: docker.io/openstackhelm/ironic:newton
|
ironic_db_sync: docker.io/openstackhelm/ironic:newton
|
||||||
ks_user: docker.io/openstackhelm/heat:newton
|
ks_user: docker.io/openstackhelm/heat:newton
|
||||||
@ -116,6 +116,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
ks_user: ironic
|
||||||
script: |
|
script: |
|
||||||
RELEASE="newton"
|
RELEASE="newton"
|
||||||
IMAGE_URL_BASE="http://tarballs.openstack.org/ironic-python-agent/tinyipa/files"
|
IMAGE_URL_BASE="http://tarballs.openstack.org/ironic-python-agent/tinyipa/files"
|
||||||
|
@ -14,91 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "keystone" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_keystone_bootstrap := .Values.pod.mounts.keystone_bootstrap.keystone_bootstrap }}
|
|
||||||
{{- $mounts_keystone_bootstrap_init := .Values.pod.mounts.keystone_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "keystone-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: keystone-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "keystone" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_keystone_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: keystone-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: etckeystonedomains
|
|
||||||
mountPath: {{ .Values.conf.keystone.identity.domain_config_dir | default "/etc/keystonedomains" }}
|
|
||||||
- name: etckeystone
|
|
||||||
mountPath: /etc/keystone
|
|
||||||
- name: keystone-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
- name: keystone-etc
|
|
||||||
mountPath: /etc/keystone/keystone.conf
|
|
||||||
subPath: keystone.conf
|
|
||||||
readOnly: true
|
|
||||||
{{- range $k, $v := .Values.conf.ks_domains }}
|
|
||||||
- name: keystone-etc
|
|
||||||
mountPath: {{ $envAll.Values.conf.keystone.identity.domain_config_dir | default "/etc/keystonedomains" }}/keystone.{{ $k }}.conf
|
|
||||||
subPath: keystone.{{ $k }}.conf
|
|
||||||
readOnly: true
|
|
||||||
{{- end }}
|
|
||||||
{{- if eq .Values.conf.keystone.token.provider "fernet" }}
|
|
||||||
- name: keystone-fernet-keys
|
|
||||||
mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository }}
|
|
||||||
{{- end }}
|
|
||||||
- name: keystone-credential-keys
|
|
||||||
mountPath: {{ .Values.conf.keystone.credential.key_repository }}
|
|
||||||
{{ if $mounts_keystone_bootstrap.volumeMounts }}{{ toYaml $mounts_keystone_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: etckeystone
|
|
||||||
emptyDir: {}
|
|
||||||
- name: etckeystonedomains
|
|
||||||
emptyDir: {}
|
|
||||||
- name: keystone-etc
|
|
||||||
configMap:
|
|
||||||
name: keystone-etc
|
|
||||||
defaultMode: 0444
|
|
||||||
- name: keystone-bin
|
|
||||||
configMap:
|
|
||||||
name: keystone-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{- if eq .Values.conf.keystone.token.provider "fernet" }}
|
|
||||||
- name: keystone-fernet-keys
|
|
||||||
secret:
|
|
||||||
secretName: keystone-fernet-keys
|
|
||||||
{{- end }}
|
|
||||||
- name: keystone-credential-keys
|
|
||||||
secret:
|
|
||||||
secretName: keystone-credential-keys
|
|
||||||
{{ if $mounts_keystone_bootstrap.volumes }}{{ toYaml $mounts_keystone_bootstrap.volumes | indent 9 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -46,6 +46,7 @@ images:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
ks_user: admin
|
||||||
script: |
|
script: |
|
||||||
openstack role add \
|
openstack role add \
|
||||||
--user="${OS_USERNAME}" \
|
--user="${OS_USERNAME}" \
|
||||||
|
@ -14,55 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "magnum" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_magnum_bootstrap := .Values.pod.mounts.magnum_bootstrap.magnum_bootstrap }}
|
|
||||||
{{- $mounts_magnum_bootstrap_init := .Values.pod.mounts.magnum_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "magnum-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: magnum-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "magnum" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_magnum_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: magnum-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: magnum-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_magnum_bootstrap.volumeMounts }}{{ toYaml $mounts_magnum_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: magnum-bin
|
|
||||||
configMap:
|
|
||||||
name: magnum-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_magnum_bootstrap.volumes }}{{ toYaml $mounts_magnum_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -132,6 +132,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: magnum
|
||||||
script: |
|
script: |
|
||||||
openstack token issue
|
openstack token issue
|
||||||
|
|
||||||
|
@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "mistral" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
{{- $mounts_mistral_bootstrap := .Values.pod.mounts.mistral_bootstrap.mistral_bootstrap }}
|
|
||||||
{{- $mounts_mistral_bootstrap_init := .Values.pod.mounts.mistral_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "mistral-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: mistral-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "mistral" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_mistral_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: mistral-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: mistral-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_mistral_bootstrap.volumeMounts }}{{ toYaml $mounts_mistral_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: mistral-bin
|
|
||||||
configMap:
|
|
||||||
name: mistral-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_mistral_bootstrap.volumes }}{{ toYaml $mounts_mistral_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -65,6 +65,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: mistral
|
||||||
script: |
|
script: |
|
||||||
openstack token issue
|
openstack token issue
|
||||||
|
|
||||||
|
@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "neutron" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_neutron_bootstrap := .Values.pod.mounts.neutron_bootstrap.neutron_bootstrap }}
|
|
||||||
{{- $mounts_neutron_bootstrap_init := .Values.pod.mounts.neutron_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "neutron-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: neutron-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "neutron" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_neutron_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: neutron-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: neutron-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
{{ if $mounts_neutron_bootstrap.volumeMounts }}{{ toYaml $mounts_neutron_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: neutron-bin
|
|
||||||
configMap:
|
|
||||||
name: neutron-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_neutron_bootstrap.volumes }}{{ toYaml $mounts_neutron_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -104,8 +104,9 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: neutron
|
||||||
script: |
|
script: |
|
||||||
neutron agent-list
|
openstack token issue
|
||||||
|
|
||||||
dependencies:
|
dependencies:
|
||||||
db_init:
|
db_init:
|
||||||
|
@ -19,8 +19,8 @@ limitations under the License.
|
|||||||
set -ex
|
set -ex
|
||||||
export HOME=/tmp
|
export HOME=/tmp
|
||||||
|
|
||||||
{{ if .Values.bootstrap.flavors.enabled }}
|
{{ if .Values.bootstrap.structured.flavors.enabled }}
|
||||||
{{ range .Values.bootstrap.flavors.options }}
|
{{ range .Values.bootstrap.structured.flavors.options }}
|
||||||
openstack flavor show {{ .name }} || \
|
openstack flavor show {{ .name }} || \
|
||||||
openstack flavor create {{ .name }} \
|
openstack flavor create {{ .name }} \
|
||||||
--id {{ .id }} \
|
--id {{ .id }} \
|
||||||
@ -31,4 +31,3 @@ openstack flavor show {{ .name }} || \
|
|||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
|
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}
|
||||||
exit 0
|
|
||||||
|
@ -14,63 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "nova" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
|
|
||||||
{{- $mounts_nova_bootstrap := .Values.pod.mounts.nova_bootstrap.nova_bootstrap }}
|
|
||||||
{{- $mounts_nova_bootstrap_init := .Values.pod.mounts.nova_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "nova-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: nova-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "nova" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_nova_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: nova-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: nova-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
- name: nova-etc
|
|
||||||
mountPath: /etc/nova/nova.conf
|
|
||||||
subPath: nova.conf
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_nova_bootstrap.volumeMounts }}{{ toYaml $mounts_nova_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: nova-etc
|
|
||||||
configMap:
|
|
||||||
name: nova-etc
|
|
||||||
defaultMode: 0444
|
|
||||||
- name: nova-bin
|
|
||||||
configMap:
|
|
||||||
name: nova-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_nova_bootstrap.volumes }}{{ toYaml $mounts_nova_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -83,7 +83,9 @@ images:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: true
|
enabled: true
|
||||||
|
ks_user: admin
|
||||||
script: null
|
script: null
|
||||||
|
structured:
|
||||||
flavors:
|
flavors:
|
||||||
enabled: true
|
enabled: true
|
||||||
options:
|
options:
|
||||||
|
@ -14,54 +14,7 @@ See the License for the specific language governing permissions and
|
|||||||
limitations under the License.
|
limitations under the License.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
||||||
{{- if .Values.manifests.job_bootstrap }}
|
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
|
||||||
{{- $envAll := . }}
|
{{- $bootstrapJob := dict "envAll" . "serviceName" "senlin" "keystoneUser" .Values.bootstrap.ks_user -}}
|
||||||
{{- if .Values.bootstrap.enabled }}
|
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
|
||||||
{{- $dependencies := .Values.dependencies.bootstrap }}
|
|
||||||
{{- $mounts_senlin_bootstrap := .Values.pod.mounts.senlin_bootstrap.senlin_bootstrap }}
|
|
||||||
{{- $mounts_senlin_bootstrap_init := .Values.pod.mounts.senlin_bootstrap.init_container }}
|
|
||||||
|
|
||||||
{{- $serviceAccountName := "senlin-bootstrap" }}
|
|
||||||
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
|
|
||||||
---
|
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: senlin-bootstrap
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
labels:
|
|
||||||
{{ tuple $envAll "senlin" "bootstrap" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
|
||||||
spec:
|
|
||||||
serviceAccountName: {{ $serviceAccountName }}
|
|
||||||
restartPolicy: OnFailure
|
|
||||||
nodeSelector:
|
|
||||||
{{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
|
|
||||||
initContainers:
|
|
||||||
{{ tuple $envAll $dependencies $mounts_senlin_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
|
||||||
containers:
|
|
||||||
- name: senlin-bootstrap
|
|
||||||
image: {{ .Values.images.tags.bootstrap }}
|
|
||||||
imagePullPolicy: {{ .Values.images.pull_policy }}
|
|
||||||
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
|
||||||
env:
|
|
||||||
{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin }}
|
|
||||||
{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
|
|
||||||
{{- end }}
|
|
||||||
command:
|
|
||||||
- /tmp/bootstrap.sh
|
|
||||||
volumeMounts:
|
|
||||||
- name: senlin-bin
|
|
||||||
mountPath: /tmp/bootstrap.sh
|
|
||||||
subPath: bootstrap.sh
|
|
||||||
readOnly: true
|
|
||||||
{{ if $mounts_senlin_bootstrap.volumeMounts }}{{ toYaml $mounts_senlin_bootstrap.volumeMounts | indent 12 }}{{ end }}
|
|
||||||
volumes:
|
|
||||||
- name: senlin-bin
|
|
||||||
configMap:
|
|
||||||
name: senlin-bin
|
|
||||||
defaultMode: 0555
|
|
||||||
{{ if $mounts_senlin_bootstrap.volumes }}{{ toYaml $mounts_senlin_bootstrap.volumes | indent 8 }}{{ end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -144,6 +144,7 @@ network:
|
|||||||
|
|
||||||
bootstrap:
|
bootstrap:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
ks_user: senlin
|
||||||
script: |
|
script: |
|
||||||
openstack token issue
|
openstack token issue
|
||||||
|
|
||||||
|
@ -25,7 +25,6 @@ images:
|
|||||||
db_drop: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
db_drop: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
||||||
db_init: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
db_init: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
||||||
glance_api: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
|
glance_api: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
|
||||||
glance_bootstrap: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
|
||||||
glance_db_sync: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
|
glance_db_sync: 'docker.io/kolla/ubuntu-source-glance-api:3.0.3'
|
||||||
glance_registry: 'docker.io/kolla/ubuntu-source-glance-registry:3.0.3'
|
glance_registry: 'docker.io/kolla/ubuntu-source-glance-registry:3.0.3'
|
||||||
heat_api: 'docker.io/kolla/ubuntu-source-heat-api:3.0.3'
|
heat_api: 'docker.io/kolla/ubuntu-source-heat-api:3.0.3'
|
||||||
@ -36,7 +35,6 @@ images:
|
|||||||
horizon: 'docker.io/kolla/ubuntu-source-horizon:ocata'
|
horizon: 'docker.io/kolla/ubuntu-source-horizon:ocata'
|
||||||
horizon_db_sync: 'docker.io/kolla/ubuntu-source-horizon:ocata'
|
horizon_db_sync: 'docker.io/kolla/ubuntu-source-horizon:ocata'
|
||||||
ironic_api: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
|
ironic_api: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
|
||||||
ironic_bootstrap: 'docker.io/kolla/ubuntu-source-heat-engine:3.0.3'
|
|
||||||
ironic_conductor: 'docker.io/kolla/ubuntu-source-ironic-conductor:3.0.3'
|
ironic_conductor: 'docker.io/kolla/ubuntu-source-ironic-conductor:3.0.3'
|
||||||
ironic_db_sync: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
|
ironic_db_sync: 'docker.io/kolla/ubuntu-source-ironic-api:3.0.3'
|
||||||
ironic_pxe: 'docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3'
|
ironic_pxe: 'docker.io/kolla/ubuntu-source-ironic-pxe:3.0.3'
|
||||||
|
Loading…
x
Reference in New Issue
Block a user