summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorScott Hussey <sh8121@att.com>2018-06-22 16:48:19 -0500
committerScott Hussey <sh8121@att.com>2018-06-29 07:37:28 -0500
commitb09fee26b84650ebf29c3bcebabdf2d7965386c1 (patch)
treed907e7635e7e3ec008e3c3d680a14c62e56299f4
parent7af3ee934732bf1aec6b452f34727ef563a7f179 (diff)
(fix) Make rackd stateful
- Use a statefulset and PVC to make rackd systemid assignment stateful between pod restarts. This is to alleviate instability in MAAS upgrades. Change-Id: Iea5c3d3897b561d4ba479203ee6aec5885282e1a
Notes
Notes (review): Code-Review+2: Felipe Monteiro <felipe.monteiro@att.com> Code-Review+2: Pete Birley <pete@port.direct> Workflow+1: Pete Birley <pete@port.direct> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Mon, 09 Jul 2018 16:40:13 +0000 Reviewed-on: https://review.openstack.org/577565 Project: openstack/airship-maas Branch: refs/heads/master
-rw-r--r--charts/maas/templates/bin/_register-rack-controller.sh.tpl6
-rw-r--r--charts/maas/templates/bin/_start.sh.tpl11
-rw-r--r--charts/maas/templates/service-rack.yaml7
-rw-r--r--charts/maas/templates/statefulset-rack.yaml (renamed from charts/maas/templates/deployment-rack.yaml)29
-rw-r--r--charts/maas/values.yaml8
-rw-r--r--images/maas-rack-controller/2.3_nic_filter.patch13
-rw-r--r--images/maas-rack-controller/Dockerfile7
7 files changed, 71 insertions, 10 deletions
diff --git a/charts/maas/templates/bin/_register-rack-controller.sh.tpl b/charts/maas/templates/bin/_register-rack-controller.sh.tpl
index 6accb29..85256e9 100644
--- a/charts/maas/templates/bin/_register-rack-controller.sh.tpl
+++ b/charts/maas/templates/bin/_register-rack-controller.sh.tpl
@@ -2,6 +2,12 @@
2 2
3set -x 3set -x
4 4
5if [[ -r ~maas/maas_id && -r ~maas/secret ]]
6then
7 echo "Found existing maas_id and secret, assuming already registered."
8 exit 0
9fi
10
5echo "register-rack-controller URL: ${MAAS_ENDPOINT}" 11echo "register-rack-controller URL: ${MAAS_ENDPOINT}"
6 12
7# register forever 13# register forever
diff --git a/charts/maas/templates/bin/_start.sh.tpl b/charts/maas/templates/bin/_start.sh.tpl
index 0cee4c8..6b8c600 100644
--- a/charts/maas/templates/bin/_start.sh.tpl
+++ b/charts/maas/templates/bin/_start.sh.tpl
@@ -19,14 +19,19 @@ set -ex
19# show env 19# show env
20env > /tmp/env 20env > /tmp/env
21 21
22# Ensure PVC volumes have correct ownership
23
24chown maas:maas ~maas/
25chown maas:maas /etc/maas
26
22# MAAS must be able to ssh to libvirt hypervisors 27# MAAS must be able to ssh to libvirt hypervisors
23# to control VMs 28# to control VMs
24 29
25if [[ -d ~maas/keys ]] 30if [[ -r ~maas/id_rsa ]]
26then 31then
27 mkdir -p ~maas/.ssh 32 mkdir -p ~maas/.ssh
28 cp ~maas/keys/* ~maas/.ssh/ 33 cp ~maas/id_rsa ~maas/.ssh/
29 chown -R maas:maas ~maas/.ssh 34 chown -R maas:maas ~maas/.ssh/
30 chmod 700 ~maas/.ssh 35 chmod 700 ~maas/.ssh
31 chmod 600 ~maas/.ssh/* 36 chmod 600 ~maas/.ssh/*
32fi 37fi
diff --git a/charts/maas/templates/service-rack.yaml b/charts/maas/templates/service-rack.yaml
new file mode 100644
index 0000000..b24aef1
--- /dev/null
+++ b/charts/maas/templates/service-rack.yaml
@@ -0,0 +1,7 @@
1---
2apiVersion: v1
3kind: Service
4metadata:
5 name: maas-rack
6spec:
7 clusterIP: 'None'
diff --git a/charts/maas/templates/deployment-rack.yaml b/charts/maas/templates/statefulset-rack.yaml
index 9b4690d..5312b7f 100644
--- a/charts/maas/templates/deployment-rack.yaml
+++ b/charts/maas/templates/statefulset-rack.yaml
@@ -28,11 +28,14 @@ limitations under the License.
28{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} 28{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
29--- 29---
30apiVersion: apps/v1beta1 30apiVersion: apps/v1beta1
31kind: Deployment 31kind: StatefulSet
32metadata: 32metadata:
33 name: maas-rack 33 name: maas-rack
34spec: 34spec:
35 serviceName: maas-rack
35 replicas: {{ .Values.pod.replicas.rack }} 36 replicas: {{ .Values.pod.replicas.rack }}
37 updateStrategy:
38 type: 'RollingUpdate'
36 template: 39 template:
37 metadata: 40 metadata:
38 labels: 41 labels:
@@ -98,12 +101,18 @@ spec:
98 mountPath: /lib/systemd/system/register-rack-controller.service 101 mountPath: /lib/systemd/system/register-rack-controller.service
99 subPath: register-rack-controller.service 102 subPath: register-rack-controller.service
100 readOnly: true 103 readOnly: true
104 - name: rackd-state
105 mountPath: /etc/maas
106 subPath: etc
107 readOnly: false
108 - name: rackd-state
109 mountPath: /var/lib/maas
110 subPath: home
111 readOnly: false
101{{- if .Values.manifests.secret_ssh_key }} 112{{- if .Values.manifests.secret_ssh_key }}
102 - name: maas-ssh
103 mountPath: /var/lib/maas/keys
104 - name: priv-key 113 - name: priv-key
105 subPath: PRIVATE_KEY 114 subPath: PRIVATE_KEY
106 mountPath: /var/lib/maas/keys/id_rsa 115 mountPath: /var/lib/maas/id_rsa
107{{- end }} 116{{- end }}
108{{ if $mounts_maas_rack.volumeMounts }}{{ toYaml $mounts_maas_rack.volumeMounts | indent 12 }}{{ end }} 117{{ if $mounts_maas_rack.volumeMounts }}{{ toYaml $mounts_maas_rack.volumeMounts | indent 12 }}{{ end }}
109 volumes: 118 volumes:
@@ -117,8 +126,6 @@ spec:
117 - name: pod-tmp 126 - name: pod-tmp
118 emptyDir: {} 127 emptyDir: {}
119{{- if .Values.manifests.secret_ssh_key }} 128{{- if .Values.manifests.secret_ssh_key }}
120 - name: maas-ssh
121 emptyDir: {}
122 - name: priv-key 129 - name: priv-key
123 secret: 130 secret:
124 secretName: {{ .Release.Name}}-{{ .Values.secrets.ssh_key }} 131 secretName: {{ .Release.Name}}-{{ .Values.secrets.ssh_key }}
@@ -133,4 +140,14 @@ spec:
133 name: maas-etc 140 name: maas-etc
134 defaultMode: 0444 141 defaultMode: 0444
135{{ if $mounts_maas_rack.volumes }}{{ toYaml $mounts_maas_rack.volumes | indent 8 }}{{ end }} 142{{ if $mounts_maas_rack.volumes }}{{ toYaml $mounts_maas_rack.volumes | indent 8 }}{{ end }}
143 volumeClaimTemplates:
144 - metadata:
145 name: rackd-state
146 annotations:
147 {{ .Values.storage.rackd.pvc.class_path }}: {{ .Values.storage.rackd.pvc.class_name }}
148 spec:
149 accessModes: [ "ReadWriteOnce" ]
150 resources:
151 requests:
152 storage: {{ .Values.storage.rackd.pvc.size }}
136{{- end }} 153{{- end }}
diff --git a/charts/maas/values.yaml b/charts/maas/values.yaml
index 3e25984..0865fea 100644
--- a/charts/maas/values.yaml
+++ b/charts/maas/values.yaml
@@ -99,6 +99,7 @@ network:
99 proxy: 99 proxy:
100 node_port: 100 node_port:
101 enabled: true 101 enabled: true
102 # Do not change the port, hardcoded in MAAS source
102 port: 31800 103 port: 31800
103 gui: 104 gui:
104 node_port: 105 node_port:
@@ -113,6 +114,13 @@ network:
113 db_service: 5432 114 db_service: 5432
114 db_service_target: 5432 115 db_service_target: 5432
115 116
117storage:
118 rackd:
119 pvc:
120 class_path: volume.beta.kubernetes.io/storage-class
121 class_name: general
122 size: 5Gi
123
116conf: 124conf:
117 ssh: 125 ssh:
118 # A SSH private key strings to mount 126 # A SSH private key strings to mount
diff --git a/images/maas-rack-controller/2.3_nic_filter.patch b/images/maas-rack-controller/2.3_nic_filter.patch
new file mode 100644
index 0000000..23ca783
--- /dev/null
+++ b/images/maas-rack-controller/2.3_nic_filter.patch
@@ -0,0 +1,13 @@
1diff --git a/src/provisioningserver/utils/network.py b/src/provisioningserver/utils/network.py
2index 48eb8fd..41d13a0 100644
3--- a/src/provisioningserver/utils/network.py
4+++ b/src/provisioningserver/utils/network.py
5@@ -1141,7 +1141,7 @@ def get_all_interfaces_definition(annotate_with_monitored: bool=True) -> dict:
6 interfaces = {}
7 dhclient_info = get_dhclient_info()
8 iproute_info = get_ip_route()
9- exclude_types = ["loopback", "ipip"]
10+ exclude_types = ["loopback", "ipip", "ethernet"]
11 if not running_in_container():
12 exclude_types.append("ethernet")
13 ipaddr_info = {
diff --git a/images/maas-rack-controller/Dockerfile b/images/maas-rack-controller/Dockerfile
index 81fd850..720d2f0 100644
--- a/images/maas-rack-controller/Dockerfile
+++ b/images/maas-rack-controller/Dockerfile
@@ -11,7 +11,8 @@ RUN apt-get -qq update && \
11 sudo \ 11 sudo \
12 software-properties-common \ 12 software-properties-common \
13 libvirt-bin \ 13 libvirt-bin \
14 systemd 14 systemd \
15 patch
15# Don't start any optional services except for the few we need. 16# Don't start any optional services except for the few we need.
16 17
17RUN find /etc/systemd/system \ 18RUN find /etc/systemd/system \
@@ -42,6 +43,10 @@ RUN systemctl enable register-rack-controller.service
42RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump 43RUN mv /usr/sbin/tcpdump /usr/bin/tcpdump
43RUN ln -s /usr/bin/tcpdump /usr/sbin/tcpdump 44RUN ln -s /usr/bin/tcpdump /usr/sbin/tcpdump
44 45
46# Patch so that Calico interfaces are ignored
47COPY 2.3_nic_filter.patch /tmp/2.3_nic_filter.patch
48RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch network.py < /tmp/2.3_nic_filter.patch
49
45# echo journalctl logs to the container's stdout 50# echo journalctl logs to the container's stdout
46COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service 51COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service
47RUN mkdir -p /etc/systemd/system/basic.target.wants ;\ 52RUN mkdir -p /etc/systemd/system/basic.target.wants ;\