(fix) Add nodeSelector to Drydock Pod

Add ingress support

- Add nodeSelectors to the PodSpec for the Drydock API
  pod

- Physical nodes bootstrapping need to access the Drydock
  API to retrieve the bootactions that should be executed during
  deployment. This moves that access from a nodeport to ingress.

Change-Id: I3db41932c567cc85e89ad003389b7a019a10715f
This commit is contained in:
Scott Hussey 2018-09-14 12:19:29 -05:00
parent 2bfb9c59cd
commit 70e5f095d6
5 changed files with 35 additions and 6 deletions

View File

@ -87,7 +87,7 @@ lint: pep8 helm_lint
# Dry run templating of chart
.PHONY: dry-run
dry-run: clean helm-init
dry-run: helm-init
$(HELM) template --set manifests.secret_ssh_key=true --set conf.ssh.private_key=foo charts/drydock
# Initialize local helm config

View File

@ -31,7 +31,7 @@
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup"| set .Values.conf.drydock.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- $userIdentity := .Values.endpoints.identity.auth.user -}}
{{- $userIdentity := .Values.endpoints.identity.auth.drydock -}}
{{- if empty .Values.conf.drydock.keystone_authtoken.project_name -}}
{{- set .Values.conf.drydock.keystone_authtoken "project_name" $userIdentity.project_name | quote | trunc 0 -}}

View File

@ -33,6 +33,8 @@ spec:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
nodeSelector:
{{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value | quote }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: Always
affinity:
@ -41,6 +43,9 @@ spec:
{{ tuple $envAll "api" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: drydock-api
image: {{ .Values.images.tags.drydock }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
env:
- name: 'MAAS_API_KEY'
valueFrom:
@ -51,9 +56,6 @@ spec:
value: {{ .Values.conf.uwsgi.workers | default 1 | quote }}
- name: 'DRYDOCK_API_THREADS'
value: {{ .Values.conf.uwsgi.threads | default 1 | quote }}
image: {{ .Values.images.tags.drydock }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
ports:
- name: drydock-api
containerPort: {{ tuple "physicalprovisioner" "default" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}

View File

@ -0,0 +1,17 @@
{{/* # Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License. */}}
{{- if .Values.manifests.ingress_drydock }}
{{ dict "envAll" . "backendServiceType" "physicalprovisioner" "backendPort" "drydock-api" | include "helm-toolkit.manifests.ingress" }}
{{- end -}}

View File

@ -45,7 +45,14 @@ images:
network:
api:
nodeport:
enabled: true
enabled: false
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
pod:
lifecycle:
@ -127,6 +134,7 @@ manifests:
configmap_etc: true
configmap_bin: true
service_drydock: true
ingress_drydock: true
deployment_drydock: true
test_drydock_api: true
test_drydock_auth: true
@ -215,6 +223,7 @@ endpoints:
name: drydock
hosts:
default: drydock-api
public: drydock
port:
api:
default: 9000
@ -225,6 +234,7 @@ endpoints:
default: http
host_fqdn_override:
default: null
public: drydock.test.local
postgresql:
name: postgresql
auth: