From 5d75b448fd2cf52a1f7766a3b7fa88ca2fbf7a47 Mon Sep 17 00:00:00 2001
From: gardlt <gardlt@tetrasol.org>
Date: Wed, 6 Dec 2017 17:09:37 +0000
Subject: [PATCH] feat(chart): adding-tiller-service

- enhancing chart deploy with tiller service

Change-Id: I8b0598f7306e98b0cb61eb2f21d4b2bd549def53
---
 armada/conf/default.py                        |  5 ++
 armada/handlers/tiller.py                     |  4 +-
 .../armada/templates/deployment-tiller.yaml   | 80 +++++++++++++++++++
 charts/armada/templates/tiller-service.yaml   | 38 +++++++++
 charts/armada/values.yaml                     |  6 ++
 etc/armada/armada.conf.sample                 |  3 +
 6 files changed, 134 insertions(+), 2 deletions(-)
 create mode 100644 charts/armada/templates/deployment-tiller.yaml
 create mode 100644 charts/armada/templates/tiller-service.yaml

diff --git a/armada/conf/default.py b/armada/conf/default.py
index accce792..1b409aea 100644
--- a/armada/conf/default.py
+++ b/armada/conf/default.py
@@ -71,6 +71,11 @@ The Keystone project domain name used for authentication.
         default='app=helm,name=tiller',
         help=utils.fmt('Labels for the tiller pod.')),
 
+    cfg.StrOpt(
+        'tiller_namespace',
+        default='kube-system',
+        help=utils.fmt('Namespace for the tiller pod.')),
+
     cfg.ListOpt(
         'tiller_release_roles',
         default=['admin'],
diff --git a/armada/handlers/tiller.py b/armada/handlers/tiller.py
index e1770e39..0232eb8d 100644
--- a/armada/handlers/tiller.py
+++ b/armada/handlers/tiller.py
@@ -102,8 +102,8 @@ class Tiller(object):
         Returns tiller pod using the tiller pod labels specified in the Armada
         config
         '''
-        pods = self.k8s.get_namespace_pod('kube-system',
-                                          CONF.tiller_pod_labels).items
+        pods = self.k8s.get_namespace_pod(
+            CONF.tiller_namespace, CONF.tiller_pod_labels).items
         # No tiller pods found
         if not pods:
             raise ex.TillerPodNotFoundException(CONF.tiller_pod_labels)
diff --git a/charts/armada/templates/deployment-tiller.yaml b/charts/armada/templates/deployment-tiller.yaml
new file mode 100644
index 00000000..939c49d1
--- /dev/null
+++ b/charts/armada/templates/deployment-tiller.yaml
@@ -0,0 +1,80 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.deployment_tiller }}
+{{- $envAll := . }}
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  labels:
+    app: helm
+    name: tiller
+  name: tiller-deploy
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: helm
+      name: tiller
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 1
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: helm
+        name: tiller
+    spec:
+      initContainers:
+{{ tuple $envAll .Values.pod_dependency list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+      containers:
+      - env:
+        - name: TILLER_NAMESPACE
+          value: {{ .Release.Namespace }}
+        - name: TILLER_HISTORY_MAX
+          value: "0"
+        image: {{ .Values.images.tags.tiller  }}
+        livenessProbe:
+          failureThreshold: 3
+          httpGet:
+            path: /liveness
+            port: 44135
+            scheme: HTTP
+          initialDelaySeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 1
+        name: tiller
+        ports:
+        - containerPort: 44134
+          name: tiller
+          protocol: TCP
+        readinessProbe:
+          failureThreshold: 3
+          httpGet:
+            path: /readiness
+            port: 44135
+            scheme: HTTP
+          initialDelaySeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          timeoutSeconds: 1
+        resources: {}
+status: {}
+{{- end }}
diff --git a/charts/armada/templates/tiller-service.yaml b/charts/armada/templates/tiller-service.yaml
new file mode 100644
index 00000000..86ccf28d
--- /dev/null
+++ b/charts/armada/templates/tiller-service.yaml
@@ -0,0 +1,38 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.service_tiller_deploy }}
+{{- $envAll := . }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: helm
+    name: tiller
+  name: tiller-deploy
+spec:
+  ports:
+  - name: tiller
+    port: 44134
+    protocol: TCP
+    targetPort: tiller
+  selector:
+    app: helm
+    name: tiller
+  sessionAffinity: None
+  type: ClusterIP
+{{- end }}
diff --git a/charts/armada/values.yaml b/charts/armada/values.yaml
index fae79d83..6ea7aba0 100644
--- a/charts/armada/values.yaml
+++ b/charts/armada/values.yaml
@@ -27,6 +27,7 @@ images:
     ks_endpoints: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
     ks_service: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
     ks_user: docker.io/kolla/ubuntu-source-heat-engine:3.0.3
+    tiller: gcr.io/kubernetes-helm/tiller:v2.7.0
 
   pull_policy: "IfNotPresent"
 
@@ -39,6 +40,8 @@ network:
       port: 31903
 
 dependencies:
+  tiller:
+    services: null
   ks_user:
     services:
     - service: identity
@@ -121,6 +124,7 @@ secrets:
 conf:
   armada:
     DEFAULT:
+      tiller_namespace: ucp
     keystone_authtoken:
       auth_type: password
       auth_version: 3
@@ -215,6 +219,7 @@ manifests:
   configmap_bin: true
   configmap_etc: true
   deployment_api: true
+  deployment_tiller: true
   ingress_api: true
   job_ks_endpoints: true
   job_ks_service: true
@@ -222,3 +227,4 @@ manifests:
   secret_keystone: true
   service_api: true
   service_ingress_api: true
+  service_tiller_deploy: true
diff --git a/etc/armada/armada.conf.sample b/etc/armada/armada.conf.sample
index c9fd2e8f..6f709d16 100644
--- a/etc/armada/armada.conf.sample
+++ b/etc/armada/armada.conf.sample
@@ -32,6 +32,9 @@
 # Labels for the tiller pod. (string value)
 #tiller_pod_labels = app=helm,name=tiller
 
+# Namespace for the tiller pod. (string value)
+#tiller_namespace = kube-system
+
 # IDs of approved API access roles. (list value)
 #tiller_release_roles = admin