Move MaaS chart into maas repo
Change-Id: If1d9e92d9a691892b9a3afcef5b229d704b5dcbc
This commit is contained in:
parent
a83b5f2c84
commit
668fd328d2
|
@ -0,0 +1,4 @@
|
||||||
|
[gerrit]
|
||||||
|
host=review.gerrithub.io
|
||||||
|
port=29418
|
||||||
|
project=att-comdev/maas
|
|
@ -0,0 +1,24 @@
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
apiVersion: v1
|
||||||
|
description: Chart to run MaaS
|
||||||
|
name: maas
|
||||||
|
version: 0.1.0
|
||||||
|
home: https://docs.ubuntu.com/maas
|
||||||
|
sources:
|
||||||
|
- https://git.launchpad.net/maas
|
||||||
|
- https://git.openstack.org/cgit/openstack/openstack-helm
|
||||||
|
maintainers:
|
||||||
|
- name: OpenStack-Helm Authors
|
|
@ -0,0 +1,66 @@
|
||||||
|
openstack-helm-addons/maas
|
||||||
|
==========================
|
||||||
|
|
||||||
|
This chart installs a working version of MaaS on kubernetes.
|
||||||
|
|
||||||
|
Quickstart
|
||||||
|
~~~~~~~~~
|
||||||
|
|
||||||
|
This chart requires a postgresql instance to be running.
|
||||||
|
|
||||||
|
To install postgresql:
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
helm install postgresql --namespace=maas
|
||||||
|
|
||||||
|
Note: Postgresql may take a short time to reach the ‘Running’ state.
|
||||||
|
Verify that postgresql is running:
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
# kubectl get pods -n maas
|
||||||
|
NAME READY STATUS RESTARTS AGE
|
||||||
|
postgresql-0 1/1 Running 0 1m
|
||||||
|
|
||||||
|
To deploy your MaaS chart:
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
helm install maas --namespace=maas
|
||||||
|
|
||||||
|
To verify the helm deployment was successful:
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
# helm ls
|
||||||
|
NAME REVISION UPDATED STATUS CHART
|
||||||
|
opining-mule 1 Mon Feb 13 22:20:08 2017 DEPLOYED maas-0.1.0
|
||||||
|
sweet-manatee 1 Mon Feb 13 21:57:41 2017 DEPLOYED postgresql-0.1.0
|
||||||
|
|
||||||
|
To check that all resources are working as intended:
|
||||||
|
|
||||||
|
::
|
||||||
|
|
||||||
|
# kubectl get all --namespace=maas
|
||||||
|
NAME READY STATUS RESTARTS AGE
|
||||||
|
po/maas-rack-3238195061-tn5fv 1/1 Running 0 11m
|
||||||
|
po/maas-region-0 1/1 Running 0 11m
|
||||||
|
po/postgresql-0 1/1 Running 0 34m
|
||||||
|
|
||||||
|
NAME CLUSTER-IP EXTERNAL-IP PORT(S) AGE
|
||||||
|
svc/maas-region-ui 10.105.136.244 <none> 80/TCP,8000/TCP 11m
|
||||||
|
svc/postgresql 10.107.159.38 <none> 5432/TCP 34m
|
||||||
|
|
||||||
|
NAME DESIRED CURRENT AGE
|
||||||
|
statefulsets/maas-region 1 1 11m
|
||||||
|
statefulsets/postgresql 1 1 34m
|
||||||
|
|
||||||
|
NAME DESIRED SUCCESSFUL AGE
|
||||||
|
jobs/region-import-resources 1 1 11m
|
||||||
|
|
||||||
|
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
|
||||||
|
deploy/maas-rack 1 1 1 1 11m
|
||||||
|
|
||||||
|
NAME DESIRED CURRENT READY AGE
|
||||||
|
rs/maas-rack-3238195061 1 1 1 11m
|
|
@ -0,0 +1,18 @@
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
- name: helm-toolkit
|
||||||
|
repository: http://localhost:8879/charts
|
||||||
|
version: 0.1.0
|
|
@ -0,0 +1,19 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
maas-region createadmin --username=${ADMIN_USERNAME} --password=${ADMIN_PASSWORD} --email=${ADMIN_EMAIL} || true
|
|
@ -0,0 +1,63 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
export HOME=/tmp
|
||||||
|
|
||||||
|
pgsql_superuser_cmd () {
|
||||||
|
DB_COMMAND="$1"
|
||||||
|
if [[ ! -z $2 ]]; then
|
||||||
|
EXPORT PGDATABASE=$2
|
||||||
|
fi
|
||||||
|
|
||||||
|
psql \
|
||||||
|
-h ${DB_HOST} \
|
||||||
|
-p 5432 \
|
||||||
|
-U ${ROOT_DB_USER} \
|
||||||
|
--command="${DB_COMMAND}"
|
||||||
|
}
|
||||||
|
|
||||||
|
if [[ ! -v DB_HOST ]]; then
|
||||||
|
echo "environment variable DB_HOST not set"
|
||||||
|
exit 1
|
||||||
|
elif [[ ! -v ROOT_DB_USER ]]; then
|
||||||
|
echo "environment variable ROOT_DB_USER not set"
|
||||||
|
exit 1
|
||||||
|
elif [[ ! -v ROOT_DB_PASS ]]; then
|
||||||
|
echo "environment variable ROOT_DB_PASS not set"
|
||||||
|
exit 1
|
||||||
|
elif [[ ! -v USER_DB_USER ]]; then
|
||||||
|
echo "environment variable USER_DB_USER not set"
|
||||||
|
exit 1
|
||||||
|
elif [[ ! -v USER_DB_PASS ]]; then
|
||||||
|
echo "environment variable USER_DB_PASS not set"
|
||||||
|
exit 1
|
||||||
|
elif [[ ! -v USER_DB_NAME ]]; then
|
||||||
|
echo "environment variable USER_DB_NAME not set"
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "Got DB connection info"
|
||||||
|
fi
|
||||||
|
|
||||||
|
#create db
|
||||||
|
pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$USER_DB_NAME'" | grep -q 1 || pgsql_superuser_cmd "CREATE DATABASE $USER_DB_NAME"
|
||||||
|
|
||||||
|
#create db user
|
||||||
|
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$USER_DB_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
|
||||||
|
pgsql_superuser_cmd "CREATE ROLE ${USER_DB_USER} LOGIN PASSWORD '$USER_DB_PASS';" && pgsql_superuser_cmd "ALTER USER ${USER_DB_USER} WITH SUPERUSER"
|
||||||
|
|
||||||
|
#give permissions to user
|
||||||
|
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $USER_DB_NAME to $USER_DB_USER;"
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
rm -f /var/run/rsyslogd.pid
|
||||||
|
service rsyslog restart
|
||||||
|
|
||||||
|
maas-region dbupgrade
|
|
@ -0,0 +1,74 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
function clear_secret {
|
||||||
|
wget \
|
||||||
|
--server-response \
|
||||||
|
--ca-certificate=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
|
||||||
|
--header='Content-Type: application/json' \
|
||||||
|
--header="Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
|
||||||
|
--method=DELETE \
|
||||||
|
https://kubernetes.default.svc.cluster.local/api/v1/namespaces/${SECRET_NAMESPACE}/secrets/${SECRET_NAME}
|
||||||
|
}
|
||||||
|
|
||||||
|
function post_secret {
|
||||||
|
wget \
|
||||||
|
--server-response \
|
||||||
|
--ca-certificate=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt \
|
||||||
|
--header='Content-Type: application/json' \
|
||||||
|
--header="Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)" \
|
||||||
|
--method=POST \
|
||||||
|
--body-file=/tmp/secret.json \
|
||||||
|
https://kubernetes.default.svc.cluster.local/api/v1/namespaces/${SECRET_NAMESPACE}/secrets \
|
||||||
|
2>&1 | grep -E "HTTP/1.1 (201 Created|409 Conflict)"
|
||||||
|
}
|
||||||
|
|
||||||
|
KEY=$(maas-region apikey --username=${ADMIN_USERNAME})
|
||||||
|
|
||||||
|
if [ "x$KEY" != "x" ]; then
|
||||||
|
ENCODED_KEY=$(echo -n $KEY | base64 -w 0)
|
||||||
|
cat <<EOS > /tmp/secret.json
|
||||||
|
{
|
||||||
|
"apiVersion": "v1",
|
||||||
|
"kind": "Secret",
|
||||||
|
"type": "Opaque",
|
||||||
|
"metadata": {
|
||||||
|
"name": "${SECRET_NAME}"
|
||||||
|
},
|
||||||
|
"data": {
|
||||||
|
"token": "$ENCODED_KEY"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOS
|
||||||
|
while true; do
|
||||||
|
result=$(post_secret)
|
||||||
|
if [ ! -z "$(echo $result | grep 201)" ]; then
|
||||||
|
echo 'Secret created'
|
||||||
|
break
|
||||||
|
elif [ ! -z "$(echo $result | grep 409)" ]; then
|
||||||
|
echo 'Secret exists, clearing before trying again'
|
||||||
|
clear_secret
|
||||||
|
else
|
||||||
|
echo Secret creation failed
|
||||||
|
fi
|
||||||
|
sleep 15
|
||||||
|
done
|
||||||
|
else
|
||||||
|
echo "Failed to get key from maas."
|
||||||
|
exit 1
|
||||||
|
fi
|
|
@ -0,0 +1,63 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
function check_for_download {
|
||||||
|
|
||||||
|
while [[ ${JOB_TIMEOUT} -gt 0 ]]; do
|
||||||
|
if maas ${ADMIN_USERNAME} boot-resources is-importing | grep -q 'true';
|
||||||
|
then
|
||||||
|
echo -e '\nBoot resources currently importing\n'
|
||||||
|
let TIMEOUT-=${RETRY_TIMER}
|
||||||
|
sleep ${RETRY_TIMER}
|
||||||
|
else
|
||||||
|
echo 'Boot resources have completed importing'
|
||||||
|
# TODO(sthussey) Need to check synced images exist - could be a import failure
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
exit 1
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
function configure_proxy {
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=enable_http_proxy value=${MAAS_PROXY_ENABLED}
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=http_proxy value=${MAAS_PROXY_SERVER}
|
||||||
|
}
|
||||||
|
|
||||||
|
function configure_ntp {
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=ntp_servers value=${MAAS_NTP_SERVERS}
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=ntp_external_only value=${MAAS_NTP_EXTERNAL_ONLY}
|
||||||
|
}
|
||||||
|
|
||||||
|
function configure_dns {
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=dnssec_validation value=${MAAS_DNS_DNSSEC_REQUIRED}
|
||||||
|
maas ${ADMIN_USERNAME} maas set-config name=upstream_dns value=${MAAS_DNS_SERVERS}
|
||||||
|
}
|
||||||
|
|
||||||
|
KEY=$(maas-region apikey --username=${ADMIN_USERNAME})
|
||||||
|
maas login ${ADMIN_USERNAME} ${MAAS_ENDPOINT} $KEY
|
||||||
|
|
||||||
|
configure_proxy
|
||||||
|
configure_ntp
|
||||||
|
configure_dns
|
||||||
|
|
||||||
|
# make call to import images
|
||||||
|
maas ${ADMIN_USERNAME} boot-resources import
|
||||||
|
# see if we can find > 0 images
|
||||||
|
sleep ${RETRY_TIMER}
|
||||||
|
check_for_download
|
|
@ -0,0 +1,19 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
maas-region apikey --username=${ADMIN_USERNAME} || exit 1
|
|
@ -0,0 +1,18 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -x
|
||||||
|
|
||||||
|
echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
|
||||||
|
|
||||||
|
# register forever
|
||||||
|
while [ 1 ];
|
||||||
|
do
|
||||||
|
if maas-rack register --url=${MAAS_ENDPOINT} --secret="${MAAS_REGION_SECRET}";
|
||||||
|
then
|
||||||
|
echo "Successfully registered with MaaS Region Controller"
|
||||||
|
break
|
||||||
|
else
|
||||||
|
echo "Unable to register with ${MAAS_ENDPOINT}... will try again"
|
||||||
|
sleep 10
|
||||||
|
fi;
|
||||||
|
done;
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
# show env
|
||||||
|
env > /tmp/env
|
||||||
|
|
||||||
|
exec /bin/systemd --system
|
|
@ -0,0 +1,39 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: maas-bin
|
||||||
|
data:
|
||||||
|
db-init.sh: |+
|
||||||
|
{{ tuple "bin/_db-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
db-sync.sh: |+
|
||||||
|
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
bootstrap-admin-user.sh: |
|
||||||
|
{{ tuple "bin/_bootstrap-admin-user.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
import-boot-resources.sh: |
|
||||||
|
{{ tuple "bin/_import-boot-resources.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
job-readiness.sh: |
|
||||||
|
{{ tuple "bin/_job-readiness.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
start.sh: |
|
||||||
|
{{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
export-api-key.sh: |
|
||||||
|
{{ tuple "bin/_export-api-key.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
register-rack-controller.sh: |
|
||||||
|
{{ tuple "bin/_register-rack-controller.sh" . | include "helm-toolkit.utils.template" | indent 4 }}
|
|
@ -0,0 +1,74 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
|
||||||
|
{{- include "maas.conf.maas_values_skeleton" .Values.conf.maas | trunc 0 -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.maas.database.database_host -}}
|
||||||
|
{{- tuple "maas_db" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | set .Values.conf.maas.database "database_host" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.maas.url.maas_url -}}
|
||||||
|
{{- tuple "maas_region_ui" "default" "region_ui" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.maas.url "maas_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: ConfigMap
|
||||||
|
metadata:
|
||||||
|
name: maas-etc
|
||||||
|
data:
|
||||||
|
curtin_userdata: |+
|
||||||
|
{{ if .Values.conf.curtin.override -}}
|
||||||
|
{{ .Values.conf.curtin.override | indent 4 }}
|
||||||
|
{{- else -}}
|
||||||
|
{{- if .Values.conf.curtin.prefix -}}
|
||||||
|
{{ .Values.conf.curtin.prefix | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{ tuple "etc/_curtin_userdata.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.conf.curtin.append -}}
|
||||||
|
{{ .Values.conf.curtin.append | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
named.conf.options: |+
|
||||||
|
{{ if .Values.conf.bind.override -}}
|
||||||
|
{{ .Values.conf.bind.override | indent 4 }}
|
||||||
|
{{- else -}}
|
||||||
|
{{- if .Values.conf.bind.prefix -}}
|
||||||
|
{{ .Values.conf.bind.prefix | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{ tuple "etc/_region-dns-config.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.conf.bind.append -}}
|
||||||
|
{{ .Values.conf.bind.append | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
regiond.conf: |
|
||||||
|
{{ if .Values.conf.maas.override -}}
|
||||||
|
{{ .Values.conf.maas.override | indent 4 }}
|
||||||
|
{{- else -}}
|
||||||
|
{{- if .Values.conf.maas.prefix -}}
|
||||||
|
{{ .Values.conf.maas.prefix | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{ tuple "etc/_regiond.conf.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.conf.maas.append -}}
|
||||||
|
{{ .Values.conf.maas.append | indent 4 }}
|
||||||
|
{{- end }}
|
||||||
|
nsswitch.conf: |
|
||||||
|
{{ tuple "etc/_nsswitch.conf.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
||||||
|
register-rack-controller.service: |
|
||||||
|
{{ tuple "etc/_register-rack-controller.service.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
|
|
@ -0,0 +1,88 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
{{- if empty .Values.conf.maas.url.maas_url -}}
|
||||||
|
{{- tuple "maas_region_ui" "default" "region_ui" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.maas.url "maas_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.rack_controller }}
|
||||||
|
{{- $mounts_maas_rack := .Values.pod.mounts.maas_rack }}
|
||||||
|
{{- $mounts_maas_rack_init := .Values.pod.mounts.maas_rack.init_container }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1beta1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: maas-rack
|
||||||
|
spec:
|
||||||
|
replicas: {{ .Values.pod.replicas.rack }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "rack" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
annotations:
|
||||||
|
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
|
||||||
|
spec:
|
||||||
|
affinity:
|
||||||
|
{{ tuple $envAll "maas" "rack" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.rack.node_selector_key }}: {{ .Values.labels.rack.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $mounts_maas_rack_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
hostNetwork: true
|
||||||
|
dnsPolicy: ClusterFirst
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: maas-rack
|
||||||
|
image: {{ .Values.images.maas_rack }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
env:
|
||||||
|
- name: MAAS_ENDPOINT
|
||||||
|
value: {{ .Values.conf.maas.url.maas_url }}
|
||||||
|
- name: MAAS_REGION_SECRET
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_region.name }}
|
||||||
|
key: REGION_SECRET
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.maas_rack | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/start.sh
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/start.sh
|
||||||
|
subPath: start.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /usr/local/bin/register-rack-controller.sh
|
||||||
|
subPath: register-rack-controller.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /lib/systemd/system/register-rack-controller.service
|
||||||
|
subPath: register-rack-controller.service
|
||||||
|
readOnly: true
|
||||||
|
{{ if $mounts_maas_rack.volumeMounts }}{{ toYaml $mounts_maas_rack.volumeMounts | indent 12 }}{{ end }}
|
||||||
|
volumes:
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
{{ if $mounts_maas_rack.volumes }}{{ toYaml $mounts_maas_rack.volumes | indent 8 }}{{ end }}
|
|
@ -0,0 +1,53 @@
|
||||||
|
#cloud-config
|
||||||
|
debconf_selections:
|
||||||
|
maas: |
|
||||||
|
{{ "{{" }}for line in str(curtin_preseed).splitlines(){{ "}}" }}
|
||||||
|
{{ "{{" }}line{{ "}}" }}
|
||||||
|
{{ "{{" }}endfor{{ "}}" }}
|
||||||
|
early_commands:
|
||||||
|
{{ "{{" }}if third_party_drivers and driver{{ "}}" }}
|
||||||
|
{{ "{{" }}py: key_string = ''.join(['\\x%x' % x for x in driver['key_binary']]){{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['key_binary'] and driver['repository'] and driver['package']{{ "}}" }}
|
||||||
|
driver_00_get_key: /bin/echo -en '{{ "{{" }}key_string{{ "}}" }}' > /tmp/maas-{{ "{{" }}driver['package']{{ "}}" }}.gpg
|
||||||
|
driver_01_add_key: ["apt-key", "add", "/tmp/maas-{{ "{{" }}driver['package']{{ "}}" }}.gpg"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['repository']{{ "}}" }}
|
||||||
|
driver_02_add: ["add-apt-repository", "-y", "deb {{ "{{" }}driver['repository']{{ "}}" }} {{ "{{" }}node.get_distro_series(){{ "}}" }} main"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['package']{{ "}}" }}
|
||||||
|
driver_03_update_install: ["sh", "-c", "apt-get update --quiet && apt-get --assume-yes install {{ "{{" }}driver['package']{{ "}}" }}"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['module']{{ "}}" }}
|
||||||
|
driver_04_load: ["sh", "-c", "depmod && modprobe {{ "{{" }}driver['module']{{ "}}" }} || echo 'Warning: Failed to load module: {{ "{{" }}driver['module']{{ "}}" }}'"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
{{ "{{" }}else{{ "}}" }}
|
||||||
|
driver_00: ["sh", "-c", "echo third party drivers not installed or necessary."]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
late_commands:
|
||||||
|
{{ "{{" }}py: bootdata_url = ''.join([{{ .Values.bootdata_url | quote }},node.hostname,"/promconfig"]){{ "}}" }}
|
||||||
|
{{ "{{" }}py: promsvc_url = ''.join([{{ .Values.bootdata_url | quote }},node.hostname,"/promservice"]){{ "}}" }}
|
||||||
|
{{ "{{" }}py: vfsvc_url = ''.join([{{ .Values.bootdata_url | quote }},node.hostname,"/vfservice"]){{ "}}" }}
|
||||||
|
{{ "{{" }}py: prominit_url = ''.join([{{ .Values.bootdata_url | quote }},node.hostname,"/prominit"]){{ "}}" }}
|
||||||
|
drydock_01: ["curtin", "in-target","--", "wget", "--no-proxy", "{{ "{{" }}bootdata_url{{ "}}" }}", "-O", "/etc/prom_init.yaml"]
|
||||||
|
drydock_02: ["curtin", "in-target","--", "wget", "--no-proxy", "{{ "{{" }}prominit_url{{ "}}" }}", "-O", "/var/tmp/prom_init.sh"]
|
||||||
|
drydock_03: ["curtin", "in-target","--", "chmod", "555", "/var/tmp/prom_init.sh"]
|
||||||
|
drydock_04: ["curtin", "in-target","--", "wget", "--no-proxy", "{{ "{{" }}promsvc_url{{ "}}" }}", "-O", "/lib/systemd/system/prom_init.service"]
|
||||||
|
drydock_05: ["curtin", "in-target","--", "systemctl", "enable", "prom_init.service"]
|
||||||
|
drydock_06: ["curtin", "in-target","--", "wget", "--no-proxy", "{{ "{{" }}vfsvc_url{{ "}}" }}", "-O", "/lib/systemd/system/drydock_vf.service"]
|
||||||
|
drydock_07: ["curtin", "in-target","--", "systemctl", "enable", "drydock_vf.service"]
|
||||||
|
maas: [wget, '--no-proxy', {{ "{{" }}node_disable_pxe_url|escape.json{{ "}}" }}, '--post-data', {{ "{{" }}node_disable_pxe_data|escape.json{{ "}}" }}, '-O', '/dev/null']
|
||||||
|
{{ "{{" }}if third_party_drivers and driver{{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['key_binary'] and driver['repository'] and driver['package']{{ "}}" }}
|
||||||
|
driver_00_key_get: curtin in-target -- sh -c "/bin/echo -en '{{ "{{" }}key_string{{ "}}" }}' > /tmp/maas-{{ "{{" }}driver['package']{{ "}}" }}.gpg"
|
||||||
|
driver_02_key_add: ["curtin", "in-target", "--", "apt-key", "add", "/tmp/maas-{{ "{{" }}driver['package']{{ "}}" }}.gpg"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
{{ "{{" }}if driver['repository']{{ "}}" }}
|
||||||
|
driver_03_add: ["curtin", "in-target", "--", "add-apt-repository", "-y", "deb {{ "{{" }}driver['repository']{{ "}}" }} {{ "{{" }}node.get_distro_series(){{ "}}" }} main"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
driver_04_update_install: ["curtin", "in-target", "--", "apt-get", "update", "--quiet"]
|
||||||
|
{{ "{{" }}if driver['package']{{ "}}" }}
|
||||||
|
driver_05_install: ["curtin", "in-target", "--", "apt-get", "-y", "install", "{{ "{{" }}driver['package']{{ "}}" }}"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
||||||
|
driver_06_depmod: ["curtin", "in-target", "--", "depmod"]
|
||||||
|
driver_07_update_initramfs: ["curtin", "in-target", "--", "update-initramfs", "-u"]
|
||||||
|
{{ "{{" }}endif{{ "}}" }}
|
|
@ -0,0 +1,20 @@
|
||||||
|
# /etc/nsswitch.conf
|
||||||
|
#
|
||||||
|
# Example configuration of GNU Name Service Switch functionality.
|
||||||
|
# If you have the `glibc-doc-reference' and `info' packages installed, try:
|
||||||
|
# `info libc "Name Service Switch"' for information about this file.
|
||||||
|
|
||||||
|
passwd: compat
|
||||||
|
group: compat
|
||||||
|
shadow: compat
|
||||||
|
gshadow: files
|
||||||
|
|
||||||
|
hosts: files dns
|
||||||
|
networks: files
|
||||||
|
|
||||||
|
protocols: db files
|
||||||
|
services: db files
|
||||||
|
ethers: db files
|
||||||
|
rpc: db files
|
||||||
|
|
||||||
|
netgroup: nis
|
|
@ -0,0 +1,18 @@
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
options { directory "/var/cache/bind";
|
||||||
|
auth-nxdomain no;
|
||||||
|
listen-on-v6 { any; };
|
||||||
|
include "/etc/bind/maas/named.conf.options.inside.maas"; };
|
|
@ -0,0 +1,36 @@
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
{{ include "maas.conf.maas_values_skeleton" .Values.conf.maas | trunc 0 }}
|
||||||
|
{{ include "maas.conf.maas" .Values.conf.maas }}
|
||||||
|
|
||||||
|
{{- define "maas.conf.maas_values_skeleton" -}}
|
||||||
|
{{- if not .database -}}{{- set . "database" dict -}}{{- end -}}
|
||||||
|
{{- if not .url -}}{{- set . "url" dict -}}{{- end -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
{{- if empty .Values.conf.maas.url.maas_url -}}
|
||||||
|
{{- tuple "maas_region_ui" "default" "region_ui" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.maas.url "maas_url" | quote | trunc 0 -}}
|
||||||
|
{{- end -}}
|
||||||
|
|
||||||
|
|
||||||
|
{{- define "maas.conf.maas" -}}
|
||||||
|
|
||||||
|
database_host: {{ .database.database_host }}
|
||||||
|
database_name: {{ .database.database_name }}
|
||||||
|
database_pass: {{ .database.database_password }}
|
||||||
|
database_user: {{ .database.database_user }}
|
||||||
|
maas_url: {{ .url.maas_url }}
|
||||||
|
|
||||||
|
{{- end -}}
|
|
@ -0,0 +1,12 @@
|
||||||
|
[Unit]
|
||||||
|
Description=Register with MaaS Region Controller
|
||||||
|
Wants=network-online.target
|
||||||
|
After=network-online.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
PassEnvironment=MAAS_ENDPOINT MAAS_REGION_SECRET
|
||||||
|
ExecStart=/usr/local/bin/register-rack-controller.sh
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
|
@ -0,0 +1,66 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.bootstrap_admin_user }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: maas-bootstrap-admin-user
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "bootstrap-admin-user" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: maas-bootstrap-admin-user
|
||||||
|
image: {{ .Values.images.bootstrap }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.bootstrap_admin_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
- name: ADMIN_USERNAME
|
||||||
|
value: {{ .Values.conf.maas.credentials.admin_username }}
|
||||||
|
- name: ADMIN_PASSWORD
|
||||||
|
value: {{ .Values.conf.maas.credentials.admin_password }}
|
||||||
|
- name: ADMIN_EMAIL
|
||||||
|
value: {{ .Values.conf.maas.credentials.admin_email}}
|
||||||
|
command:
|
||||||
|
- /tmp/bootstrap-admin-user.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/bootstrap-admin-user.sh
|
||||||
|
subPath: bootstrap-admin-user.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/regiond.conf
|
||||||
|
subPath: regiond.conf
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
|
@ -0,0 +1,82 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.db_init }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: maas-db-init
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "db-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: maas-db-init
|
||||||
|
image: {{ .Values.images.db_init | quote }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy | quote }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
env:
|
||||||
|
- name: ROOT_DB_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.admin }}
|
||||||
|
key: DATABASE_USERNAME
|
||||||
|
- name: ROOT_DB_PASS
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.admin }}
|
||||||
|
key: DATABASE_PASSWORD
|
||||||
|
- name: DB_HOST
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.user }}
|
||||||
|
key: DATABASE_HOST
|
||||||
|
- name: USER_DB_USER
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.user }}
|
||||||
|
key: DATABASE_USERNAME
|
||||||
|
- name: USER_DB_PASS
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.user }}
|
||||||
|
key: DATABASE_PASSWORD
|
||||||
|
- name: USER_DB_NAME
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ .Values.secrets.maas_db.user }}
|
||||||
|
key: DATABASE_NAME
|
||||||
|
command:
|
||||||
|
- /tmp/db-init.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/db-init.sh
|
||||||
|
subPath: db-init.sh
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
|
@ -0,0 +1,59 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.db_sync }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: maas-db-sync
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: maas-db-sync
|
||||||
|
image: {{ .Values.images.db_sync }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/db-sync.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/regiond.conf
|
||||||
|
subPath: regiond.conf
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/db-sync.sh
|
||||||
|
subPath: db-sync.sh
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
|
@ -0,0 +1,79 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.export_api_key }}
|
||||||
|
{{- $initMounts := .Values.pod.mounts.export_api_key.export_api_key }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: maas-export-api-key
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "export-api-key" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $initMounts | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: exporter
|
||||||
|
image: {{ .Values.images.export_api_key }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
env:
|
||||||
|
- name: SECRET_NAMESPACE
|
||||||
|
value: {{ .Values.conf.maas.credentials.secret.namespace }}
|
||||||
|
- name: ADMIN_USERNAME
|
||||||
|
value: {{ .Values.conf.maas.credentials.admin_username }}
|
||||||
|
- name: SECRET_NAME
|
||||||
|
value: {{ .Values.conf.maas.credentials.secret.name }}
|
||||||
|
command:
|
||||||
|
- /tmp/export-api-key.sh
|
||||||
|
readinessProbe:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/job-readiness.sh
|
||||||
|
initialDelaySeconds: 60
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/export-api-key.sh
|
||||||
|
subPath: export-api-key.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/job-readiness.sh
|
||||||
|
subPath: job-readiness.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/bind/named.conf.options
|
||||||
|
subPath: named.conf.options
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/regiond.conf
|
||||||
|
subPath: regiond.conf
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
|
@ -0,0 +1,93 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.import_resources }}
|
||||||
|
---
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
name: maas-import-resources
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
{{ tuple $envAll "maas" "import-resources" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: OnFailure
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies "[]" | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: region-import-resources
|
||||||
|
image: {{ .Values.images.maas_region }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
env:
|
||||||
|
- name: JOB_TIMEOUT
|
||||||
|
value: {{ .Values.jobs.import_boot_resources.timeout | quote }}
|
||||||
|
- name: ADMIN_USERNAME
|
||||||
|
value: {{ .Values.conf.maas.credentials.admin_username }}
|
||||||
|
- name: RETRY_TIMER
|
||||||
|
value: {{ .Values.jobs.import_boot_resources.retry_timer | quote }}
|
||||||
|
- name: MAAS_ENDPOINT
|
||||||
|
value: {{ tuple "maas_region_ui" "default" "region_ui" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
|
||||||
|
- name: MAAS_PROXY_ENABLED
|
||||||
|
value: {{ .Values.conf.maas.proxy.proxy_enabled | quote }}
|
||||||
|
- name: MAAS_PROXY_SERVER
|
||||||
|
value: {{ .Values.conf.maas.proxy.proxy_server }}
|
||||||
|
- name: MAAS_NTP_SERVERS
|
||||||
|
value: {{ .Values.conf.maas.ntp.ntp_servers }}
|
||||||
|
- name: MAAS_NTP_EXTERNAL_ONLY
|
||||||
|
value: {{ .Values.conf.maas.ntp.use_external_only | quote }}
|
||||||
|
- name: MAAS_DNS_DNSSEC_REQUIRED
|
||||||
|
value: {{ .Values.conf.maas.dns.require_dnssec | quote }}
|
||||||
|
- name: MAAS_DNS_SERVERS
|
||||||
|
value: {{ .Values.conf.maas.dns.dns_servers }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.jobs.import_resources | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
command:
|
||||||
|
- /tmp/import-boot-resources.sh
|
||||||
|
readinessProbe:
|
||||||
|
exec:
|
||||||
|
command:
|
||||||
|
- /tmp/job-readiness.sh
|
||||||
|
initialDelaySeconds: 60
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/import-boot-resources.sh
|
||||||
|
subPath: import-boot-resources.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/job-readiness.sh
|
||||||
|
subPath: job-readiness.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/bind/named.conf.options
|
||||||
|
subPath: named.conf.options
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/regiond.conf
|
||||||
|
subPath: regiond.conf
|
||||||
|
readOnly: true
|
||||||
|
volumes:
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
|
@ -0,0 +1,36 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- range $key1, $userClass := tuple "admin" "user" }}
|
||||||
|
{{- $secretName := index $envAll.Values.secrets.maas_db $userClass }}
|
||||||
|
{{- $auth := index $envAll.Values.endpoints.maas_db.auth $userClass }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: {{ $secretName }}
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
DATABASE_HOST: |-
|
||||||
|
{{ tuple "maas_db" "internal" $envAll | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" | b64enc | indent 4 }}
|
||||||
|
DATABASE_USERNAME: |-
|
||||||
|
{{ $auth.username | b64enc | indent 4 }}
|
||||||
|
DATABASE_PASSWORD: |-
|
||||||
|
{{ $auth.password | b64enc | indent 4 }}
|
||||||
|
DATABASE_NAME: |-
|
||||||
|
{{ $envAll.Values.endpoints.maas_db.path | b64enc | indent 4 }}
|
||||||
|
{{ end }}
|
|
@ -0,0 +1,27 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $secretName := index $envAll.Values.secrets.maas_region "name" }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
name: {{ $secretName }}
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
REGION_SECRET: |-
|
||||||
|
{{ $envAll.Values.secrets.maas_region.value | b64enc | indent 4 }}
|
|
@ -0,0 +1,41 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
---
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: {{ tuple "maas_region_ui" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: r-ui
|
||||||
|
port: {{ .Values.network.port.service_gui }}
|
||||||
|
targetPort: {{ .Values.network.port.service_gui_target }}
|
||||||
|
{{ if .Values.network.gui.node_port.enabled }}
|
||||||
|
nodePort: {{ .Values.network.gui.node_port.port }}
|
||||||
|
{{ end }}
|
||||||
|
- port: {{ .Values.network.port.service_proxy }}
|
||||||
|
targetPort: {{ .Values.network.port.service_proxy_target }}
|
||||||
|
{{ if .Values.network.proxy.node_port.enabled }}
|
||||||
|
nodePort: {{ .Values.network.proxy.node_port.port }}
|
||||||
|
{{ end }}
|
||||||
|
name: proxy
|
||||||
|
selector:
|
||||||
|
app: maas-region
|
||||||
|
{{ if .Values.network.proxy.node_port.enabled }}
|
||||||
|
type: NodePort
|
||||||
|
{{ end }}
|
|
@ -0,0 +1,94 @@
|
||||||
|
{{/*
|
||||||
|
Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
||||||
|
*/}}
|
||||||
|
|
||||||
|
{{- $envAll := . }}
|
||||||
|
{{- $dependencies := .Values.dependencies.region_controller }}
|
||||||
|
{{- $mounts_maas_region := .Values.pod.mounts.maas_region.maas_region }}
|
||||||
|
{{- $mounts_maas_region_init := .Values.pod.mounts.maas_region.init_container }}
|
||||||
|
---
|
||||||
|
apiVersion: apps/v1beta1
|
||||||
|
kind: StatefulSet
|
||||||
|
metadata:
|
||||||
|
name: maas-region
|
||||||
|
spec:
|
||||||
|
serviceName: maas-region-ui
|
||||||
|
replicas: {{ .Values.pod.replicas.region }}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: maas-region
|
||||||
|
annotations:
|
||||||
|
spec:
|
||||||
|
affinity:
|
||||||
|
{{ tuple $envAll "maas" "region" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
|
||||||
|
nodeSelector:
|
||||||
|
{{ .Values.labels.region.node_selector_key }}: {{ .Values.labels.region.node_selector_value }}
|
||||||
|
initContainers:
|
||||||
|
{{ tuple $envAll $dependencies $mounts_maas_region_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
|
||||||
|
containers:
|
||||||
|
- name: maas-region
|
||||||
|
image: {{ .Values.images.maas_region }}
|
||||||
|
imagePullPolicy: {{ .Values.images.pull_policy }}
|
||||||
|
{{ tuple $envAll $envAll.Values.pod.resources.maas_region | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
|
||||||
|
ports:
|
||||||
|
- name: r-ui
|
||||||
|
containerPort: {{ .Values.network.port.region_container }}
|
||||||
|
readinessProbe:
|
||||||
|
tcpSocket:
|
||||||
|
port: {{ .Values.network.port.region_container }}
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
command:
|
||||||
|
- /tmp/start.sh
|
||||||
|
volumeMounts:
|
||||||
|
- name: maas-region-secret
|
||||||
|
mountPath: /var/lib/maas/secret
|
||||||
|
subPath: REGION_SECRET
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/bind/named.conf.options
|
||||||
|
subPath: named.conf.options
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/regiond.conf
|
||||||
|
subPath: regiond.conf
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/maas/preseeds/curtin_userdata
|
||||||
|
subPath: curtin_userdata
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-bin
|
||||||
|
mountPath: /tmp/start.sh
|
||||||
|
subPath: start.sh
|
||||||
|
readOnly: true
|
||||||
|
- name: maas-etc
|
||||||
|
mountPath: /etc/nsswitch.conf
|
||||||
|
subPath: nsswitch.conf
|
||||||
|
readOnly: true
|
||||||
|
{{- if $mounts_maas_region.volumeMounts }}{{ toYaml $mounts_maas_region.volumeMounts | indent 12 }}{{ end }}
|
||||||
|
volumes:
|
||||||
|
- name: maas-etc
|
||||||
|
configMap:
|
||||||
|
name: maas-etc
|
||||||
|
defaultMode: 0444
|
||||||
|
- name: maas-bin
|
||||||
|
configMap:
|
||||||
|
name: maas-bin
|
||||||
|
defaultMode: 0555
|
||||||
|
- name: maas-region-secret
|
||||||
|
secret:
|
||||||
|
secretName: {{ .Values.secrets.maas_region.name }}
|
||||||
|
{{- if $mounts_maas_region.volumes }}{{ toYaml $mounts_maas_region.volumes | indent 8 }}{{ end }}
|
|
@ -0,0 +1,263 @@
|
||||||
|
# Copyright 2017 The Openstack-Helm Authors.
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
# you may not use this file except in compliance with the License.
|
||||||
|
# You may obtain a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
# See the License for the specific language governing permissions and
|
||||||
|
# limitations under the License.
|
||||||
|
|
||||||
|
# Default values for maas.
|
||||||
|
# This is a YAML-formatted file.
|
||||||
|
# Declare variables to be passed into your templates.
|
||||||
|
|
||||||
|
dependencies:
|
||||||
|
rack_controller:
|
||||||
|
jobs:
|
||||||
|
- maas-db-sync
|
||||||
|
services:
|
||||||
|
- service: maas_region_ui
|
||||||
|
endpoint: internal
|
||||||
|
region_controller:
|
||||||
|
jobs:
|
||||||
|
- maas-db-sync
|
||||||
|
services:
|
||||||
|
- service: maas_db
|
||||||
|
endpoint: internal
|
||||||
|
db_init:
|
||||||
|
services:
|
||||||
|
- service: maas_db
|
||||||
|
endpoint: internal
|
||||||
|
db_sync:
|
||||||
|
jobs:
|
||||||
|
- maas-db-init
|
||||||
|
bootstrap_admin_user:
|
||||||
|
jobs:
|
||||||
|
- maas-db-sync
|
||||||
|
services:
|
||||||
|
- service: maas_region_ui
|
||||||
|
endpoint: internal
|
||||||
|
- service: maas_db
|
||||||
|
endpoint: internal
|
||||||
|
import_resources:
|
||||||
|
jobs:
|
||||||
|
- maas-db-sync
|
||||||
|
services:
|
||||||
|
- service: maas_region_ui
|
||||||
|
endpoint: internal
|
||||||
|
- service: maas_db
|
||||||
|
endpoint: internal
|
||||||
|
export_api_key:
|
||||||
|
jobs:
|
||||||
|
- maas-db-sync
|
||||||
|
services:
|
||||||
|
- service: maas_region_ui
|
||||||
|
endpoint: internal
|
||||||
|
- service: maas_db
|
||||||
|
endpoint: internal
|
||||||
|
|
||||||
|
|
||||||
|
images:
|
||||||
|
db_init: docker.io/postgres:9.5
|
||||||
|
db_sync: quay.io/attcomdev/maas-region:master
|
||||||
|
maas_rack: quay.io/attcomdev/maas-rack:master
|
||||||
|
maas_region: quay.io/attcomdev/maas-region:master
|
||||||
|
bootstrap: quay.io/attcomdev/maas-region:master
|
||||||
|
export_api_key: quay.io/attcomdev/maas-region:master
|
||||||
|
dep_check: docker.io/kolla/ubuntu-source-kubernetes-entrypoint:4.0.0
|
||||||
|
pull_policy: IfNotPresent
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
import_boot_resources:
|
||||||
|
retry_timer: 10
|
||||||
|
#default timeout: 15 minutes
|
||||||
|
timeout: 900
|
||||||
|
|
||||||
|
labels:
|
||||||
|
rack:
|
||||||
|
node_selector_key: ucp-control-plane
|
||||||
|
node_selector_value: enabled
|
||||||
|
region:
|
||||||
|
node_selector_key: ucp-control-plane
|
||||||
|
node_selector_value: enabled
|
||||||
|
|
||||||
|
network:
|
||||||
|
proxy:
|
||||||
|
node_port:
|
||||||
|
enabled: true
|
||||||
|
port: 31800
|
||||||
|
gui:
|
||||||
|
node_port:
|
||||||
|
enabled: true
|
||||||
|
port: 31900
|
||||||
|
port:
|
||||||
|
region_container: 80
|
||||||
|
service_gui: 80
|
||||||
|
service_gui_target: 80
|
||||||
|
service_proxy: 8000
|
||||||
|
service_proxy_target: 8000
|
||||||
|
db_service: 5432
|
||||||
|
db_service_target: 5432
|
||||||
|
|
||||||
|
conf:
|
||||||
|
bind:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
curtin:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
maas:
|
||||||
|
override:
|
||||||
|
append:
|
||||||
|
url:
|
||||||
|
maas_url: null
|
||||||
|
ntp:
|
||||||
|
# Use external only points region and rack serves and deployed nodes directly
|
||||||
|
# at external NTP servers. Otherwise we have nodes -> rack -> region -> external
|
||||||
|
use_external_only: 'false'
|
||||||
|
ntp_servers: null
|
||||||
|
dns:
|
||||||
|
require_dnssec: 'no'
|
||||||
|
# These are upstream servers
|
||||||
|
dns_servers: null
|
||||||
|
proxy:
|
||||||
|
# If proxy_enabled is true and proxy_serer is null, then nodes will use
|
||||||
|
# MAAS region server as a proxy for Apt and region server will connect directly
|
||||||
|
# to repos
|
||||||
|
# If proxy_enabled is false, regin server and all ndoes will connect directly to
|
||||||
|
# pkg repos
|
||||||
|
# If proxy_enabled is true and proxy_server is set, then region server and all nodes
|
||||||
|
# will use the specified proxy_server to connect to pkg repos
|
||||||
|
proxy_enabled: 'false'
|
||||||
|
proxy_server: null
|
||||||
|
database:
|
||||||
|
database_name: maasdb
|
||||||
|
database_user: maas
|
||||||
|
database_password: password
|
||||||
|
credentials:
|
||||||
|
admin_username: admin
|
||||||
|
admin_password: admin
|
||||||
|
admin_email: support@nowhere.com
|
||||||
|
secret:
|
||||||
|
namespace: maas
|
||||||
|
name: maas-api-key
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
maas_db:
|
||||||
|
admin: maas-db-admin
|
||||||
|
user: maas-db-user
|
||||||
|
maas_region:
|
||||||
|
name: maas-region-secret
|
||||||
|
value: 3858f62230ac3c915f300c664312c63f
|
||||||
|
|
||||||
|
pod:
|
||||||
|
affinity:
|
||||||
|
anti:
|
||||||
|
type:
|
||||||
|
default: preferredDuringSchedulingIgnoredDuringExecution
|
||||||
|
topologyKey:
|
||||||
|
default: kubernetes.io/hostname
|
||||||
|
mounts:
|
||||||
|
maas_rack:
|
||||||
|
init_container: null
|
||||||
|
maas_rack:
|
||||||
|
maas_region:
|
||||||
|
init_container: null
|
||||||
|
maas_region:
|
||||||
|
export_api_key:
|
||||||
|
init_container: null
|
||||||
|
export_api_key:
|
||||||
|
replicas:
|
||||||
|
rack: 1
|
||||||
|
region: 1
|
||||||
|
resources:
|
||||||
|
enabled: false
|
||||||
|
maas_rack:
|
||||||
|
limits:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "500m"
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "500m"
|
||||||
|
maas_region:
|
||||||
|
limits:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "500m"
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "500m"
|
||||||
|
jobs:
|
||||||
|
db_init:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
db_sync:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
bootstrap_admin_user:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
import_resources:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
export_api_key:
|
||||||
|
requests:
|
||||||
|
memory: "128Mi"
|
||||||
|
cpu: "100m"
|
||||||
|
limits:
|
||||||
|
memory: "1024Mi"
|
||||||
|
cpu: "2000m"
|
||||||
|
|
||||||
|
endpoints:
|
||||||
|
cluster_domain_suffix: cluster.local
|
||||||
|
maas_db:
|
||||||
|
auth:
|
||||||
|
admin:
|
||||||
|
username: postgres
|
||||||
|
password: password
|
||||||
|
user:
|
||||||
|
username: maas
|
||||||
|
password: password
|
||||||
|
path: maasdb
|
||||||
|
hosts:
|
||||||
|
default: postgresql
|
||||||
|
port:
|
||||||
|
postgresql:
|
||||||
|
default: 5432
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
||||||
|
maas_region_ui:
|
||||||
|
name: maas-region-ui
|
||||||
|
hosts:
|
||||||
|
default: maas-region-ui
|
||||||
|
public: maas
|
||||||
|
path:
|
||||||
|
default: /MAAS
|
||||||
|
scheme:
|
||||||
|
default: 'http'
|
||||||
|
port:
|
||||||
|
region_ui:
|
||||||
|
default: 80
|
||||||
|
public: 80
|
||||||
|
host_fqdn_override:
|
||||||
|
default: null
|
Loading…
Reference in New Issue