summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorScott Hussey <sh8121@att.com>2018-11-21 09:47:18 -0600
committerDan Crank <dan.no@att.com>2018-12-07 22:18:45 +0000
commit617607e42690befae69c86ad9b21134fdd467cbb (patch)
tree72e2ce23733c891f00b1add8792a4f2a20be9bfe
parent2aaca3f60bbee0d3eb1acde1f0eaa5295b622cb7 (diff)
(fix) Fix static ports in MAAS ingress
- Some residual static configuration was left in the MAAS ingress deployment template. Update it to render the ingress ports from endpoints and also to remove the TCP forwarder for the MAAS region API and instead use a standard Ingress resource. Change-Id: I7764d48ea919147503e9bf2521c52cb6f0028538
Notes
Notes (review): Code-Review+2: Aaron Sheffield <ajs@sheffieldfamily.net> Code-Review+1: Ahmad Mahmoudi <am495p@att.com> Code-Review+2: Mark Burnett <mark.m.burnett@gmail.com> Workflow+1: Scott Hussey <sthussey@att.com> Code-Review+1: Dan Crank <dan.no@att.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Fri, 07 Dec 2018 23:26:14 +0000 Reviewed-on: https://review.openstack.org/619283 Project: openstack/airship-maas Branch: refs/heads/master
-rw-r--r--charts/maas/templates/bin/_maas-vip-configure.sh.tpl16
-rw-r--r--charts/maas/templates/configmap-etc.yaml2
-rw-r--r--charts/maas/templates/configmap-ingress.yaml1
-rw-r--r--charts/maas/templates/deployment-maas-ingress.yaml19
-rw-r--r--charts/maas/templates/etc/_curtin_userdata.tpl4
-rw-r--r--charts/maas/templates/statefulset-rack.yaml4
-rw-r--r--charts/maas/values.yaml3
-rw-r--r--images/maas-rack-controller/2.3_hostheader.patch10
-rw-r--r--images/maas-rack-controller/Dockerfile4
9 files changed, 41 insertions, 22 deletions
diff --git a/charts/maas/templates/bin/_maas-vip-configure.sh.tpl b/charts/maas/templates/bin/_maas-vip-configure.sh.tpl
index f1f6285..8c5d7b6 100644
--- a/charts/maas/templates/bin/_maas-vip-configure.sh.tpl
+++ b/charts/maas/templates/bin/_maas-vip-configure.sh.tpl
@@ -1,4 +1,4 @@
1#!/bin/bash 1#!/bin/sh
2 2
3{{/* 3{{/*
4Copyright 2018 The Openstack-Helm Authors. 4Copyright 2018 The Openstack-Helm Authors.
@@ -18,20 +18,20 @@ limitations under the License.*/}}
18 18
19set -ex 19set -ex
20 20
21COMMAND="${@:-start}" 21COMMAND="${*:-start}"
22 22
23function kernel_modules () { 23kernel_modules () {
24 chroot /mnt/host-rootfs modprobe dummy 24 chroot /mnt/host-rootfs modprobe dummy
25} 25}
26 26
27function test_vip () { 27test_vip () {
28 ip addr show ${interface} | \ 28 ip addr show ${interface} | \
29 awk "/inet / && /${interface}/{print \$2 }" | \ 29 awk "/inet / && /${interface}/{print \$2 }" | \
30 awk -F '/' '{ print $1 }' | \ 30 awk -F '/' '{ print $1 }' | \
31 grep -q "${addr%/*}" 31 grep -q "${addr%/*}"
32} 32}
33 33
34function start () { 34start () {
35 kernel_modules 35 kernel_modules
36 ip link show ${interface} > /dev/null || ip link add ${interface} type dummy 36 ip link show ${interface} > /dev/null || ip link add ${interface} type dummy
37 if ! test_vip; then 37 if ! test_vip; then
@@ -40,11 +40,11 @@ function start () {
40 ip link set ${interface} up 40 ip link set ${interface} up
41} 41}
42 42
43function sleep () { 43sleep () {
44 exec /usr/bin/dumb-init bash -c "while :; do sleep 2073600; done" 44 exec /bin/sh -c "while :; do sleep 2073600; done"
45} 45}
46 46
47function stop () { 47stop () {
48 ip link show ${interface} > /dev/null || exit 0 48 ip link show ${interface} > /dev/null || exit 0
49 if test_vip; then 49 if test_vip; then
50 ip addr del ${addr} dev ${interface} 50 ip addr del ${addr} dev ${interface}
diff --git a/charts/maas/templates/configmap-etc.yaml b/charts/maas/templates/configmap-etc.yaml
index 4a07137..d24a9b9 100644
--- a/charts/maas/templates/configmap-etc.yaml
+++ b/charts/maas/templates/configmap-etc.yaml
@@ -44,3 +44,5 @@ data:
44 drivers.yaml: | 44 drivers.yaml: |
45{{ tuple "etc/_drivers.yaml.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} 45{{ tuple "etc/_drivers.yaml.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
46{{- end }} 46{{- end }}
47 sleep-inittab: |
48 ::sysinit:/tmp/maas-vip-configure.sh sleep
diff --git a/charts/maas/templates/configmap-ingress.yaml b/charts/maas/templates/configmap-ingress.yaml
index d2dde34..d959075 100644
--- a/charts/maas/templates/configmap-ingress.yaml
+++ b/charts/maas/templates/configmap-ingress.yaml
@@ -22,7 +22,6 @@ kind: ConfigMap
22metadata: 22metadata:
23 name: maas-ingress-services-tcp 23 name: maas-ingress-services-tcp
24data: 24data:
25 {{ tuple "maas_region" "public" "region_api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-api"
26 {{ tuple "maas_region" "public" "region_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-proxy" 25 {{ tuple "maas_region" "public" "region_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-proxy"
27... 26...
28--- 27---
diff --git a/charts/maas/templates/deployment-maas-ingress.yaml b/charts/maas/templates/deployment-maas-ingress.yaml
index a46e597..842000e 100644
--- a/charts/maas/templates/deployment-maas-ingress.yaml
+++ b/charts/maas/templates/deployment-maas-ingress.yaml
@@ -168,7 +168,7 @@ spec:
168 initContainers: 168 initContainers:
169{{ tuple $envAll "maas_ingress" $mounts_maas_ingress_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} 169{{ tuple $envAll "maas_ingress" $mounts_maas_ingress_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
170 - name: maas-ingress-vip-init 170 - name: maas-ingress-vip-init
171 image: {{ .Values.images.tags.ingress }} 171 image: {{ .Values.images.tags.ingress_vip }}
172 imagePullPolicy: {{ .Values.images.pull_policy }} 172 imagePullPolicy: {{ .Values.images.pull_policy }}
173{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} 173{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
174 securityContext: 174 securityContext:
@@ -192,7 +192,7 @@ spec:
192 readOnly: true 192 readOnly: true
193 containers: 193 containers:
194 - name: maas-ingress-vip 194 - name: maas-ingress-vip
195 image: {{ .Values.images.tags.ingress }} 195 image: {{ .Values.images.tags.ingress_vip }}
196 imagePullPolicy: {{ .Values.images.pull_policy }} 196 imagePullPolicy: {{ .Values.images.pull_policy }}
197{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} 197{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
198 securityContext: 198 securityContext:
@@ -201,8 +201,7 @@ spec:
201 - 'NET_ADMIN' 201 - 'NET_ADMIN'
202 runAsUser: 0 202 runAsUser: 0
203 command: 203 command:
204 - /tmp/maas-vip-configure.sh 204 - /bin/init
205 - sleep
206 env: 205 env:
207{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.network.maas_ingress | indent 12 }} 206{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.network.maas_ingress | indent 12 }}
208 volumeMounts: 207 volumeMounts:
@@ -210,6 +209,10 @@ spec:
210 name: maas-bin 209 name: maas-bin
211 subPath: maas-vip-configure 210 subPath: maas-vip-configure
212 readOnly: true 211 readOnly: true
212 - mountPath: /etc/inittab
213 name: maas-etc
214 subPath: sleep-inittab
215 readOnly: true
213 lifecycle: 216 lifecycle:
214 preStop: 217 preStop:
215 exec: 218 exec:
@@ -240,9 +243,9 @@ spec:
240 - name: RELEASE_NAME 243 - name: RELEASE_NAME
241 value: {{ .Release.Name | quote }} 244 value: {{ .Release.Name | quote }}
242 - name: HTTP_PORT 245 - name: HTTP_PORT
243 value: "8808" 246 value: {{ tuple "maas_ingress" "podport" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
244 - name: HTTPS_PORT 247 - name: HTTPS_PORT
245 value: "8543" 248 value: {{ tuple "maas_ingress" "podport" "https" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
246 - name: HEALTHZ_PORT 249 - name: HEALTHZ_PORT
247 value: {{ tuple "maas_ingress" "podport" "healthz" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }} 250 value: {{ tuple "maas_ingress" "podport" "healthz" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
248 - name: STATUS_PORT 251 - name: STATUS_PORT
@@ -260,6 +263,10 @@ spec:
260 configMap: 263 configMap:
261 name: maas-bin 264 name: maas-bin
262 defaultMode: 0555 265 defaultMode: 0555
266 - name: maas-etc
267 configMap:
268 name: maas-etc
269 defaultMode: 0444
263 - name: host-rootfs 270 - name: host-rootfs
264 hostPath: 271 hostPath:
265 path: / 272 path: /
diff --git a/charts/maas/templates/etc/_curtin_userdata.tpl b/charts/maas/templates/etc/_curtin_userdata.tpl
index 84ee704..421c54e 100644
--- a/charts/maas/templates/etc/_curtin_userdata.tpl
+++ b/charts/maas/templates/etc/_curtin_userdata.tpl
@@ -39,8 +39,8 @@ def find_ba_key(n):
39{{ "{{" }}py: ba_files_url = ''.join([{{ quote $drydock_url }},'/bootactions/nodes/',node.hostname,'/files']){{ "}}" }} 39{{ "{{" }}py: ba_files_url = ''.join([{{ quote $drydock_url }},'/bootactions/nodes/',node.hostname,'/files']){{ "}}" }}
40{{ "{{" }}if ba_key{{ "}}" }} 40{{ "{{" }}if ba_key{{ "}}" }}
41 drydock_00: ["sh", "-c", "echo Installing Drydock Boot Actions."] 41 drydock_00: ["sh", "-c", "echo Installing Drydock Boot Actions."]
42 drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"] 42 drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"]
43 drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"] 43 drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"]
44 drydock_03: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-units.tar.gz > /tmp/bootaction-unit-names.txt"] 44 drydock_03: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-units.tar.gz > /tmp/bootaction-unit-names.txt"]
45 drydock_04: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-files.tar.gz > /tmp/bootaction-file-names.txt"] 45 drydock_04: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-files.tar.gz > /tmp/bootaction-file-names.txt"]
46 drydock_05: ["curtin", "in-target", "--", "sh", "-c", "xargs -a /tmp/bootaction-unit-names.txt -n 1 basename > /tmp/bootaction-unit-basenames.txt || echo 'Did not run basenames on units'"] 46 drydock_05: ["curtin", "in-target", "--", "sh", "-c", "xargs -a /tmp/bootaction-unit-names.txt -n 1 basename > /tmp/bootaction-unit-basenames.txt || echo 'Did not run basenames on units'"]
diff --git a/charts/maas/templates/statefulset-rack.yaml b/charts/maas/templates/statefulset-rack.yaml
index ea1dd0b..78e37ea 100644
--- a/charts/maas/templates/statefulset-rack.yaml
+++ b/charts/maas/templates/statefulset-rack.yaml
@@ -103,10 +103,6 @@ spec:
103 mountPath: /usr/local/bin/register-rack-controller.sh 103 mountPath: /usr/local/bin/register-rack-controller.sh
104 subPath: register-rack-controller.sh 104 subPath: register-rack-controller.sh
105 readOnly: true 105 readOnly: true
106 - name: maas-etc
107 mountPath: /lib/systemd/system/register-rack-controller.service
108 subPath: register-rack-controller.service
109 readOnly: true
110 - name: rackd-state 106 - name: rackd-state
111 mountPath: /etc/maas 107 mountPath: /etc/maas
112 subPath: etc 108 subPath: etc
diff --git a/charts/maas/values.yaml b/charts/maas/values.yaml
index 1facbdf..c28e7e4 100644
--- a/charts/maas/values.yaml
+++ b/charts/maas/values.yaml
@@ -79,7 +79,8 @@ images:
79 export_api_key: quay.io/airshipit/maas-region-controller:latest 79 export_api_key: quay.io/airshipit/maas-region-controller:latest
80 maas_cache: quay.io/airshipit/sstream-cache:latest 80 maas_cache: quay.io/airshipit/sstream-cache:latest
81 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 81 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
82 ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 82 ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0
83 ingress_vip: docker.io/busybox:latest
83 error_pages: gcr.io/google_containers/defaultbackend:1.0 84 error_pages: gcr.io/google_containers/defaultbackend:1.0
84 pull_policy: IfNotPresent 85 pull_policy: IfNotPresent
85 local_registry: 86 local_registry:
diff --git a/images/maas-rack-controller/2.3_hostheader.patch b/images/maas-rack-controller/2.3_hostheader.patch
new file mode 100644
index 0000000..6cd77bd
--- /dev/null
+++ b/images/maas-rack-controller/2.3_hostheader.patch
@@ -0,0 +1,10 @@
11047c1047
2< if family in {AF_INET, AF_INET6}:
3---
4> if family in {AF_INET6}:
51051a1052,1054
6> info_url = info_url_base._replace(netloc=netloc)
7> elif family in {AF_INET}:
8> info_url = info_url_base
91054d1056
10< info_url = info_url_base._replace(netloc=netloc)
diff --git a/images/maas-rack-controller/Dockerfile b/images/maas-rack-controller/Dockerfile
index 23e73da..9420ea3 100644
--- a/images/maas-rack-controller/Dockerfile
+++ b/images/maas-rack-controller/Dockerfile
@@ -52,8 +52,12 @@ RUN systemctl enable register-rack-controller.service
52COPY 2.3_nic_filter.patch /tmp/2.3_nic_filter.patch 52COPY 2.3_nic_filter.patch /tmp/2.3_nic_filter.patch
53# sh8121att: patch so that interfaces with MAC 00:00:00:00:00:00 omit the MAC address 53# sh8121att: patch so that interfaces with MAC 00:00:00:00:00:00 omit the MAC address
54COPY 2.3_mac_address.patch /tmp/2.3_mac_address.patch 54COPY 2.3_mac_address.patch /tmp/2.3_mac_address.patch
55# sh8121att: patch so query for RPC info contains proper Host header
56copy 2.3_hostheader.patch /tmp/2.3_hostheader.patch
57
55RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch network.py < /tmp/2.3_nic_filter.patch 58RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch network.py < /tmp/2.3_nic_filter.patch
56RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch ipaddr.py < /tmp/2.3_mac_address.patch 59RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch ipaddr.py < /tmp/2.3_mac_address.patch
60RUN cd /usr/lib/python3/dist-packages/provisioningserver/rpc && patch clusterservice.py < /tmp/2.3_hostheader.patch
57 61
58# echo journalctl logs to the container's stdout 62# echo journalctl logs to the container's stdout
59COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service 63COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service