Support maas mobility

- The MAAS and Drydock charts are moving to use ingress rather than node ports. Update versions and chart overrides to support this. Change-Id: I9a630f1edad9129719748b848a693e012baf9b37
2018-09-13 00:55:00 +00:00 · 2018-09-13 00:55:00 +00:00 · b857672967
parent a3a17920f7
commit b857672967
19 changed files with 110 additions and 69 deletions
--- a/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/kubernetes/dns/coredns.yaml
@ -56,13 +56,6 @@ metadata:
      dest:
        path: .values.conf.coredns.corefile
        pattern: 'UPSTREAM1'
    - src:
        schema: pegleg/CommonAddresses/v1
        name: common-addresses
        path: .dns.upstream_servers[1]
      dest:
        path: .values.conf.coredns.corefile
        pattern: 'UPSTREAM2'
 data:
  chart_name: coredns
  release: coredns
@ -95,11 +88,9 @@ data:
                pods insecure
                fallthrough in-addr.arpa ip6.arpa
                upstream UPSTREAM1
                upstream UPSTREAM2
              }
              prometheus :9153
              proxy . UPSTREAM1
              proxy . UPSTREAM2
              cache 30
          }
  dependencies:
--- a/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/kubernetes/ingress/ingress.yaml
@ -6,6 +6,8 @@ metadata:
  layeringDefinition:
    abstract: false
    layer: global
  labels:
    name: ingress-kube-system
  storagePolicy: cleartext
  substitutions:
    # Chart source
@ -50,7 +52,7 @@ data:
          nginx.ingress.kubernetes.io/proxy-read-timeout: "603"
    pod:
      replicas:
-        error_page: 2
+        error_page: 1
  dependencies:
    - ingress-kube-system-htk
 ---
--- a/deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/ucp/core/ingress.yaml
@ -7,6 +7,8 @@ metadata:
    abstract: false
    layer: global
  storagePolicy: cleartext
  labels:
    name: ucp-ingress
  substitutions:
    # Chart source
    - src:
--- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/drydock.yaml
@ -62,23 +62,6 @@ metadata:
      dest:
        path: .values.endpoints.physicalprovisioner.port.api.nodeport
    # MaaS IPs
    - src:
        schema: pegleg/CommonAddresses/v1
        name: common-addresses
        # TODO(mb874d): Can change once we have an accessible VIP from fresh nodes.
        path: .genesis.ip
      dest:
        path: .values.conf.drydock.maasdriver.maas_api_url
        pattern: 'MAAS_IP'
    - src:
        schema: pegleg/CommonAddresses/v1
        name: common-addresses
        path: .node_ports.maas_api
      dest:
        path: .values.conf.drydock.maasdriver.maas_api_url
        pattern: 'MAAS_PORT'
    # Credentials
    - src:
@ -100,12 +83,18 @@ metadata:
      dest:
        path: .values.endpoints.postgresql.path
        pattern: DB_NAME
    - src:
        schema: pegleg/AccountCatalogue/v1
        name: ucp_service_accounts
        path: .ucp.keystone.admin
      dest:
        path: .values.endpoints.identity.auth.admin
    - src:
        schema: pegleg/AccountCatalogue/v1
        name: ucp_service_accounts
        path: .ucp.drydock.keystone
      dest:
-        path: .values.endpoints.identity.auth.user
+        path: .values.endpoints.identity.auth.drydock
    # Secrets
    - dest:
@ -121,7 +110,7 @@ metadata:
        name: ucp_postgres_admin_password
        path: .
    - dest:
-        path: .values.endpoints.identity.auth.user.password
+        path: .values.endpoints.identity.auth.drydock.password
      src:
        schema: deckhand/Passphrase/v1
        name: ucp_drydock_keystone_password
--- a/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/ucp/drydock/maas.yaml
@ -102,9 +102,15 @@ metadata:
    - src:
        schema: pegleg/EndpointCatalogue/v1
        name: ucp_endpoints
-        path: .ucp.maas_region_ui
+        path: .ucp.maas_region
      dest:
-        path: .values.endpoints.maas_region_ui
+        path: .values.endpoints.maas_region
    - src:
        schema: pegleg/EndpointCatalogue/v1
        name: ucp_endpoints
        path: .ucp.physicalprovisioner
      dest:
        path: .values.endpoints.physicalprovisioner
    # Account and credential substitutions
    - src:
@ -131,7 +137,7 @@ metadata:
        name: ucp_service_accounts
        path: .ucp.maas.admin
      dest:
-        path: .values.endpoints.maas_region_ui.auth.admin
+        path: .values.endpoints.maas_region.auth.admin
    # Secrets
    - dest:
--- a/deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml
+++ b/deployment_files/global/v1.0demo/software/charts/ucp/services-chart-group.yaml
@ -11,8 +11,8 @@ data:
  description: Airship Services
  sequenced: true
  chart_group:
    - ucp-maas
    - ucp-tiller
    - ucp-maas
    - ucp-armada
    - ucp-barbican
    - ucp-deckhand
--- a/deployment_files/global/v1.0demo/software/config/endpoints.yaml
+++ b/deployment_files/global/v1.0demo/software/config/endpoints.yaml
@ -17,6 +17,7 @@ data:
        internal: keystone-api
      host_fqdn_override:
        default: null
        public: keystone.gate.local
      path:
        default: /v3
      scheme:
@ -119,19 +120,19 @@ data:
        api:
          default: 9000
          nodeport: 31900
          public: 80
      path:
        default: /api/v1.0
      scheme:
        default: http
      host_fqdn_override:
        default: null
-    maas_region_ui:
+        public: drydock.gate.local
-      name: maas-region-ui
+    maas_region:
      name: maas-region
      hosts:
-        default: maas-region-ui
+        default: maas-region
        public: maas
      path:
        default: /MAAS
      scheme:
        default: "http"
      port:
@ -168,6 +169,7 @@ data:
        default: http
      host_fqdn_override:
        default: null
        public: shipyard.gate.local
    airflow_web:
      name: airflow-web
      hosts:
--- a/deployment_files/global/v1.0demo/software/config/versions.yaml
+++ b/deployment_files/global/v1.0demo/software/config/versions.yaml
@ -150,7 +150,6 @@ data:
        location: https://git.openstack.org/openstack/openstack-helm
        subpath: ceph
        reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601
      #TODO Update to new HTK with split ceph charts
      ceph-htk:
        type: git
        location: https://git.openstack.org/openstack/openstack-helm
@ -180,14 +179,12 @@ data:
        type: git
        location: https://git.openstack.org/openstack/airship-drydock
        subpath: charts/drydock
-        reference: f8c821e7219f84f12e3a90e3101c6f20d3049b5b
+        reference: master
      # TODO waiting for https://review.openstack.org/#/c/595902/ to move to
      #      openstack-helm-infra version.
      drydock-htk:
        type: git
-        location: https://git.openstack.org/openstack/openstack-helm
+        location: https://git.openstack.org/openstack/openstack-helm-infra
        subpath: helm-toolkit
-        reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601
+        reference: bc1afb87d7aa529a4ed5321d889cdfe2f1af8a44
      ingress:
        type: git
        location: https://git.openstack.org/openstack/openstack-helm-infra
@ -212,7 +209,7 @@ data:
        type: git
        location: https://git.openstack.org/openstack/airship-promenade
        subpath: charts/promenade
-        reference: 88c786b8e92d053fd0cba7237df68cc087b81f26
+        reference: 24e4ebf37aac7cc4cf3e8341bc0c0fc48c274fbb
      promenade-htk:
        type: git
        location: https://git.openstack.org/openstack/openstack-helm-infra
@ -232,14 +229,12 @@ data:
        type: git
        location: https://git.openstack.org/openstack/airship-maas
        subpath: charts/maas
-        # TODO(bryan-strassner) set to new version
+        reference: master
        #     when https://review.openstack.org/#/c/595398/ is complete
        reference: refs/changes/98/595398/5
      maas-htk:
        type: git
        location: https://git.openstack.org/openstack/openstack-helm-infra
        subpath: helm-toolkit
-        reference: 9f6194ff770d3776ae3572bcbe841a9289357244
+        reference: 4cd00f3ac539f625e7cd9733ae46232b2082027a
      mariadb:
        type: git
        location: https://git.openstack.org/openstack/openstack-helm
@ -456,7 +451,7 @@ data:
        tiller: gcr.io/kubernetes-helm/tiller:v2.10.0
      promenade:
        dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
-        promenade: quay.io/airshipit/promenade:88c786b8e92d053fd0cba7237df68cc087b81f26
+        promenade: quay.io/airshipit/promenade:24e4ebf37aac7cc4cf3e8341bc0c0fc48c274fbb
        ks_user: docker.io/openstackhelm/heat:ocata
        ks_service: docker.io/openstackhelm/heat:ocata
        ks_endpoints: docker.io/openstackhelm/heat:ocata
--- a/deployment_files/site/gate-multinode/networks/common-addresses.yaml
+++ b/deployment_files/site/gate-multinode/networks/common-addresses.yaml
@ -17,9 +17,8 @@ data:
    cluster_domain: cluster.local
    service_ip: 10.96.0.10
    upstream_servers:
-      - 8.8.8.8
+      - 172.24.1.9
-      - 8.8.4.4
+    upstream_servers_joined: 172.24.1.9
    upstream_servers_joined: 8.8.8.8,8.8.4.4
  genesis:
    hostname: n0
--- a/deployment_files/site/gate-multinode/networks/physical/network.yaml
+++ b/deployment_files/site/gate-multinode/networks/physical/network.yaml
@ -40,5 +40,5 @@ data:
      metric: 10
  dns:
    domain: gate.local
-    servers: '8.8.8.8 8.8.4.4'
+    servers: '172.24.1.9'
 ...
--- a/deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml
+++ b/deployment_files/site/gate-multinode/software/charts/kubernetes/ingress/ingress.yaml
@ -0,0 +1,24 @@
 ---
 schema: armada/Chart/v1
 metadata:
  schema: metadata/Document/v1
  name: ingress-kube-system
  replacement: true
  layeringDefinition:
    abstract: false
    layer: site
    parentSelector:
        name: ingress-kube-system
    actions:
        - method: merge
          path: .
  storagePolicy: cleartext
 data:
  values:
    network:
      ingress:
        disable-ipv6: "true"
      vip:
        manage: true
        addr: '172.24.1.6/32'
 ...
--- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml
+++ b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/drydock.yaml
@ -26,6 +26,8 @@ data:
      secret_ssh_key: true
    conf:
      drydock:
        maasdriver:
          maas_api_url: 'http://maas.gate.local:9085/MAAS/api/2.0/'
        plugins:
          oob_driver:
            - 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver'
--- a/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml
+++ b/deployment_files/site/gate-multinode/software/charts/ucp/drydock/maas.yaml
@ -25,11 +25,36 @@ data:
    manifests:
      secret_ssh_key: true
    conf:
-      cache:
+      maas:
-        enabled: true
+        dns: {dns_servers: '172.24.1.9'}
-      dns:
+        ntp: {use_external_only: 'true' }
-        dns_servers: 172.24.1.9
+      cache: {enabled: true}
    network:
      maas_ingress:
-        addr: 172.24.1.5/32
+        addr: '172.24.1.5/32'
    endpoints:
      maas_region:
        host_fqdn_override:
          public: maas.gate.local
        port:
          region_api:
            public: 9085
      maas_ingress:
        hosts:
          default: maas-ingress
          error_pages: maas-ingress-error
        host_fqdn_override:
          public: null
        port:
          http:
            default: 9080
          https:
            default: 9443
          error_pages:
            default: 8080
            podport: 8080
          healthz:
            podport: 10259
          status:
            podport: 18089
 ...
--- a/deployment_files/site/gate-multinode/software/configs/versions.yaml
+++ b/deployment_files/site/gate-multinode/software/configs/versions.yaml
@ -21,9 +21,14 @@ data:
    ucp:
      maas:
        location: https://git.openstack.org/openstack/airship-maas
-        reference: refs/changes/53/600253/1
+        reference: refs/changes/53/600253/39
      maas-htk:
        location: https://git.openstack.org/openstack/openstack-helm-infra
        subpath: helm-toolkit
        reference: 4cd00f3ac539f625e7cd9733ae46232b2082027a
  images:
    ucp:
      maas:
-        maas_region: docker.io/sthussey/maas-region-controller:dev
+        maas_region: 'docker.io/sthussey/maas-region-controller:dev'
        maas_cache: 'quay.io/airshipit/sstream-cache:master'
 ...
--- a/tools/multi_nodes_gate/airship_gate/lib/config.sh
+++ b/tools/multi_nodes_gate/airship_gate/lib/config.sh
@ -16,6 +16,7 @@ export SHIPYARD_PASSWORD=${SHIPYARD_OS_PASSWORD:-password18}
 export REGISTRY_DATA_DIR=${REGISTRY_DATA_DIR:-/mnt/registry}
 export VIRSH_POOL=${VIRSH_POOL:-airship}
 export VIRSH_POOL_PATH=${VIRSH_POOL_PATH:-/var/lib/libvirt/airship}
 export UPSTREAM_DNS=${UPSTREAM_DNS:-"8.8.8.8 208.67.220.220"}
 config_vm_memory() {
    nodename=${1}
--- a/tools/multi_nodes_gate/airship_gate/lib/ingress.sh
+++ b/tools/multi_nodes_gate/airship_gate/lib/ingress.sh
@ -30,5 +30,5 @@ ingress_dns_start() {
  ssh_cmd "${nodename}" mkdir -p "${remote_work_dir}"
  rsync_cmd "$DNS_ZONE_FILE" "${nodename}:${remote_zone_file}"
  rsync_cmd "$COREFILE" "${nodename}:${remote_corefile}"
-  ssh_cmd "${nodename}" docker run -d -v /var/tmp/coredns:/data -w /data --network host -P $IMAGE_COREDNS -conf $(basename $remote_corefile)
+  ssh_cmd "${nodename}" docker run -d -v /var/tmp/coredns:/data -w /data --network host --restart always -P $IMAGE_COREDNS -conf $(basename $remote_corefile)
 }
--- a/tools/multi_nodes_gate/airship_gate/lib/virsh.sh
+++ b/tools/multi_nodes_gate/airship_gate/lib/virsh.sh
@ -117,11 +117,11 @@ vm_clean() {
 }
 vm_clean_all() {
-    log Removing all VMs in parallel
+    log Removing all VMs
    VM_NAMES=($(config_vm_names))
    for NAME in ${VM_NAMES[*]}
    do
-        vm_clean "${NAME}" &
+        vm_clean "${NAME}"
    done
    wait
 }
--- a/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json
+++ b/tools/multi_nodes_gate/airship_gate/manifests/multinode_deploy.json
@ -6,10 +6,8 @@
  },
  "ingress": {
    "domain": "gate.local",
-    "172.24.1.5": [
+    "172.24.1.5": ["maas"],
-      "maas",
+    "172.24.1.6": ["drydock","shipyard","keystone"]
      "drydock"
    ]
  },
  "stages": [
    {
--- a/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub
+++ b/tools/multi_nodes_gate/airship_gate/templates/ingress_corefile.sub
@ -4,6 +4,6 @@ ${DNS_DOMAIN} {
 }
 . {
-    forward . /etc/resolv.conf
+    forward . ${UPSTREAM_DNS}
    log
 }