diff --git a/charts/maas/templates/bin/_maas-vip-configure.sh.tpl b/charts/maas/templates/bin/_maas-vip-configure.sh.tpl index f1f6285..8c5d7b6 100644 --- a/charts/maas/templates/bin/_maas-vip-configure.sh.tpl +++ b/charts/maas/templates/bin/_maas-vip-configure.sh.tpl @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh {{/* Copyright 2018 The Openstack-Helm Authors. @@ -18,20 +18,20 @@ limitations under the License.*/}} set -ex -COMMAND="${@:-start}" +COMMAND="${*:-start}" -function kernel_modules () { +kernel_modules () { chroot /mnt/host-rootfs modprobe dummy } -function test_vip () { +test_vip () { ip addr show ${interface} | \ awk "/inet / && /${interface}/{print \$2 }" | \ awk -F '/' '{ print $1 }' | \ grep -q "${addr%/*}" } -function start () { +start () { kernel_modules ip link show ${interface} > /dev/null || ip link add ${interface} type dummy if ! test_vip; then @@ -40,11 +40,11 @@ function start () { ip link set ${interface} up } -function sleep () { - exec /usr/bin/dumb-init bash -c "while :; do sleep 2073600; done" +sleep () { + exec /bin/sh -c "while :; do sleep 2073600; done" } -function stop () { +stop () { ip link show ${interface} > /dev/null || exit 0 if test_vip; then ip addr del ${addr} dev ${interface} diff --git a/charts/maas/templates/configmap-etc.yaml b/charts/maas/templates/configmap-etc.yaml index 4a07137..d24a9b9 100644 --- a/charts/maas/templates/configmap-etc.yaml +++ b/charts/maas/templates/configmap-etc.yaml @@ -44,3 +44,5 @@ data: drivers.yaml: | {{ tuple "etc/_drivers.yaml.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} + sleep-inittab: | + ::sysinit:/tmp/maas-vip-configure.sh sleep diff --git a/charts/maas/templates/configmap-ingress.yaml b/charts/maas/templates/configmap-ingress.yaml index d2dde34..d959075 100644 --- a/charts/maas/templates/configmap-ingress.yaml +++ b/charts/maas/templates/configmap-ingress.yaml @@ -22,7 +22,6 @@ kind: ConfigMap metadata: name: maas-ingress-services-tcp data: - {{ tuple "maas_region" "public" "region_api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-api" {{ tuple "maas_region" "public" "region_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-proxy" ... --- diff --git a/charts/maas/templates/deployment-maas-ingress.yaml b/charts/maas/templates/deployment-maas-ingress.yaml index a46e597..842000e 100644 --- a/charts/maas/templates/deployment-maas-ingress.yaml +++ b/charts/maas/templates/deployment-maas-ingress.yaml @@ -168,7 +168,7 @@ spec: initContainers: {{ tuple $envAll "maas_ingress" $mounts_maas_ingress_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: maas-ingress-vip-init - image: {{ .Values.images.tags.ingress }} + image: {{ .Values.images.tags.ingress_vip }} imagePullPolicy: {{ .Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} securityContext: @@ -192,7 +192,7 @@ spec: readOnly: true containers: - name: maas-ingress-vip - image: {{ .Values.images.tags.ingress }} + image: {{ .Values.images.tags.ingress_vip }} imagePullPolicy: {{ .Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} securityContext: @@ -201,8 +201,7 @@ spec: - 'NET_ADMIN' runAsUser: 0 command: - - /tmp/maas-vip-configure.sh - - sleep + - /bin/init env: {{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.network.maas_ingress | indent 12 }} volumeMounts: @@ -210,6 +209,10 @@ spec: name: maas-bin subPath: maas-vip-configure readOnly: true + - mountPath: /etc/inittab + name: maas-etc + subPath: sleep-inittab + readOnly: true lifecycle: preStop: exec: @@ -240,9 +243,9 @@ spec: - name: RELEASE_NAME value: {{ .Release.Name | quote }} - name: HTTP_PORT - value: "8808" + value: {{ tuple "maas_ingress" "podport" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} - name: HTTPS_PORT - value: "8543" + value: {{ tuple "maas_ingress" "podport" "https" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} - name: HEALTHZ_PORT value: {{ tuple "maas_ingress" "podport" "healthz" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} - name: STATUS_PORT @@ -260,6 +263,10 @@ spec: configMap: name: maas-bin defaultMode: 0555 + - name: maas-etc + configMap: + name: maas-etc + defaultMode: 0444 - name: host-rootfs hostPath: path: / diff --git a/charts/maas/templates/etc/_curtin_userdata.tpl b/charts/maas/templates/etc/_curtin_userdata.tpl index 84ee704..421c54e 100644 --- a/charts/maas/templates/etc/_curtin_userdata.tpl +++ b/charts/maas/templates/etc/_curtin_userdata.tpl @@ -39,8 +39,8 @@ def find_ba_key(n): {{ "{{" }}py: ba_files_url = ''.join([{{ quote $drydock_url }},'/bootactions/nodes/',node.hostname,'/files']){{ "}}" }} {{ "{{" }}if ba_key{{ "}}" }} drydock_00: ["sh", "-c", "echo Installing Drydock Boot Actions."] - drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"] - drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"] + drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"] + drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"] drydock_03: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-units.tar.gz > /tmp/bootaction-unit-names.txt"] drydock_04: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-files.tar.gz > /tmp/bootaction-file-names.txt"] drydock_05: ["curtin", "in-target", "--", "sh", "-c", "xargs -a /tmp/bootaction-unit-names.txt -n 1 basename > /tmp/bootaction-unit-basenames.txt || echo 'Did not run basenames on units'"] diff --git a/charts/maas/templates/statefulset-rack.yaml b/charts/maas/templates/statefulset-rack.yaml index ea1dd0b..78e37ea 100644 --- a/charts/maas/templates/statefulset-rack.yaml +++ b/charts/maas/templates/statefulset-rack.yaml @@ -103,10 +103,6 @@ spec: mountPath: /usr/local/bin/register-rack-controller.sh subPath: register-rack-controller.sh readOnly: true - - name: maas-etc - mountPath: /lib/systemd/system/register-rack-controller.service - subPath: register-rack-controller.service - readOnly: true - name: rackd-state mountPath: /etc/maas subPath: etc diff --git a/charts/maas/values.yaml b/charts/maas/values.yaml index 1facbdf..c28e7e4 100644 --- a/charts/maas/values.yaml +++ b/charts/maas/values.yaml @@ -79,7 +79,8 @@ images: export_api_key: quay.io/airshipit/maas-region-controller:latest maas_cache: quay.io/airshipit/sstream-cache:latest dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 + ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0 + ingress_vip: docker.io/busybox:latest error_pages: gcr.io/google_containers/defaultbackend:1.0 pull_policy: IfNotPresent local_registry: diff --git a/images/maas-rack-controller/2.3_hostheader.patch b/images/maas-rack-controller/2.3_hostheader.patch new file mode 100644 index 0000000..6cd77bd --- /dev/null +++ b/images/maas-rack-controller/2.3_hostheader.patch @@ -0,0 +1,10 @@ +1047c1047 +< if family in {AF_INET, AF_INET6}: +--- +> if family in {AF_INET6}: +1051a1052,1054 +> info_url = info_url_base._replace(netloc=netloc) +> elif family in {AF_INET}: +> info_url = info_url_base +1054d1056 +< info_url = info_url_base._replace(netloc=netloc) diff --git a/images/maas-rack-controller/Dockerfile b/images/maas-rack-controller/Dockerfile index 23e73da..9420ea3 100644 --- a/images/maas-rack-controller/Dockerfile +++ b/images/maas-rack-controller/Dockerfile @@ -52,8 +52,12 @@ RUN systemctl enable register-rack-controller.service COPY 2.3_nic_filter.patch /tmp/2.3_nic_filter.patch # sh8121att: patch so that interfaces with MAC 00:00:00:00:00:00 omit the MAC address COPY 2.3_mac_address.patch /tmp/2.3_mac_address.patch +# sh8121att: patch so query for RPC info contains proper Host header +copy 2.3_hostheader.patch /tmp/2.3_hostheader.patch + RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch network.py < /tmp/2.3_nic_filter.patch RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch ipaddr.py < /tmp/2.3_mac_address.patch +RUN cd /usr/lib/python3/dist-packages/provisioningserver/rpc && patch clusterservice.py < /tmp/2.3_hostheader.patch # echo journalctl logs to the container's stdout COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service