Support maas mobility

- The MAAS and Drydock charts are moving to use ingress
  rather than node ports. Update versions and chart overrides
  to support this.

Change-Id: I9a630f1edad9129719748b848a693e012baf9b37
This commit is contained in:
Scott Hussey 2018-09-13 00:55:00 +00:00
parent a3a17920f7
commit b857672967
19 changed files with 110 additions and 69 deletions

View File

@ -56,13 +56,6 @@ metadata:
dest:
path: .values.conf.coredns.corefile
pattern: 'UPSTREAM1'
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .dns.upstream_servers[1]
dest:
path: .values.conf.coredns.corefile
pattern: 'UPSTREAM2'
data:
chart_name: coredns
release: coredns
@ -95,11 +88,9 @@ data:
pods insecure
fallthrough in-addr.arpa ip6.arpa
upstream UPSTREAM1
upstream UPSTREAM2
}
prometheus :9153
proxy . UPSTREAM1
proxy . UPSTREAM2
cache 30
}
dependencies:

View File

@ -6,6 +6,8 @@ metadata:
layeringDefinition:
abstract: false
layer: global
labels:
name: ingress-kube-system
storagePolicy: cleartext
substitutions:
# Chart source
@ -50,7 +52,7 @@ data:
nginx.ingress.kubernetes.io/proxy-read-timeout: "603"
pod:
replicas:
error_page: 2
error_page: 1
dependencies:
- ingress-kube-system-htk
---

View File

@ -7,6 +7,8 @@ metadata:
abstract: false
layer: global
storagePolicy: cleartext
labels:
name: ucp-ingress
substitutions:
# Chart source
- src:

View File

@ -62,23 +62,6 @@ metadata:
dest:
path: .values.endpoints.physicalprovisioner.port.api.nodeport
# MaaS IPs
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
# TODO(mb874d): Can change once we have an accessible VIP from fresh nodes.
path: .genesis.ip
dest:
path: .values.conf.drydock.maasdriver.maas_api_url
pattern: 'MAAS_IP'
- src:
schema: pegleg/CommonAddresses/v1
name: common-addresses
path: .node_ports.maas_api
dest:
path: .values.conf.drydock.maasdriver.maas_api_url
pattern: 'MAAS_PORT'
# Credentials
- src:
@ -100,12 +83,18 @@ metadata:
dest:
path: .values.endpoints.postgresql.path
pattern: DB_NAME
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.keystone.admin
dest:
path: .values.endpoints.identity.auth.admin
- src:
schema: pegleg/AccountCatalogue/v1
name: ucp_service_accounts
path: .ucp.drydock.keystone
dest:
path: .values.endpoints.identity.auth.user
path: .values.endpoints.identity.auth.drydock
# Secrets
- dest:
@ -121,7 +110,7 @@ metadata:
name: ucp_postgres_admin_password
path: .
- dest:
path: .values.endpoints.identity.auth.user.password
path: .values.endpoints.identity.auth.drydock.password
src:
schema: deckhand/Passphrase/v1
name: ucp_drydock_keystone_password

View File

@ -102,9 +102,15 @@ metadata:
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.maas_region_ui
path: .ucp.maas_region
dest:
path: .values.endpoints.maas_region_ui
path: .values.endpoints.maas_region
- src:
schema: pegleg/EndpointCatalogue/v1
name: ucp_endpoints
path: .ucp.physicalprovisioner
dest:
path: .values.endpoints.physicalprovisioner
# Account and credential substitutions
- src:
@ -131,7 +137,7 @@ metadata:
name: ucp_service_accounts
path: .ucp.maas.admin
dest:
path: .values.endpoints.maas_region_ui.auth.admin
path: .values.endpoints.maas_region.auth.admin
# Secrets
- dest:

View File

@ -11,8 +11,8 @@ data:
description: Airship Services
sequenced: true
chart_group:
- ucp-maas
- ucp-tiller
- ucp-maas
- ucp-armada
- ucp-barbican
- ucp-deckhand

View File

@ -17,6 +17,7 @@ data:
internal: keystone-api
host_fqdn_override:
default: null
public: keystone.gate.local
path:
default: /v3
scheme:
@ -119,19 +120,19 @@ data:
api:
default: 9000
nodeport: 31900
public: 80
path:
default: /api/v1.0
scheme:
default: http
host_fqdn_override:
default: null
maas_region_ui:
name: maas-region-ui
public: drydock.gate.local
maas_region:
name: maas-region
hosts:
default: maas-region-ui
default: maas-region
public: maas
path:
default: /MAAS
scheme:
default: "http"
port:
@ -168,6 +169,7 @@ data:
default: http
host_fqdn_override:
default: null
public: shipyard.gate.local
airflow_web:
name: airflow-web
hosts:

View File

@ -150,7 +150,6 @@ data:
location: https://git.openstack.org/openstack/openstack-helm
subpath: ceph
reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601
#TODO Update to new HTK with split ceph charts
ceph-htk:
type: git
location: https://git.openstack.org/openstack/openstack-helm
@ -180,14 +179,12 @@ data:
type: git
location: https://git.openstack.org/openstack/airship-drydock
subpath: charts/drydock
reference: f8c821e7219f84f12e3a90e3101c6f20d3049b5b
# TODO waiting for https://review.openstack.org/#/c/595902/ to move to
# openstack-helm-infra version.
reference: master
drydock-htk:
type: git
location: https://git.openstack.org/openstack/openstack-helm
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: f902cd14fac7de4c4c9f7d019191268a6b4e9601
reference: bc1afb87d7aa529a4ed5321d889cdfe2f1af8a44
ingress:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
@ -212,7 +209,7 @@ data:
type: git
location: https://git.openstack.org/openstack/airship-promenade
subpath: charts/promenade
reference: 88c786b8e92d053fd0cba7237df68cc087b81f26
reference: 24e4ebf37aac7cc4cf3e8341bc0c0fc48c274fbb
promenade-htk:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
@ -232,14 +229,12 @@ data:
type: git
location: https://git.openstack.org/openstack/airship-maas
subpath: charts/maas
# TODO(bryan-strassner) set to new version
# when https://review.openstack.org/#/c/595398/ is complete
reference: refs/changes/98/595398/5
reference: master
maas-htk:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 9f6194ff770d3776ae3572bcbe841a9289357244
reference: 4cd00f3ac539f625e7cd9733ae46232b2082027a
mariadb:
type: git
location: https://git.openstack.org/openstack/openstack-helm
@ -456,7 +451,7 @@ data:
tiller: gcr.io/kubernetes-helm/tiller:v2.10.0
promenade:
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
promenade: quay.io/airshipit/promenade:88c786b8e92d053fd0cba7237df68cc087b81f26
promenade: quay.io/airshipit/promenade:24e4ebf37aac7cc4cf3e8341bc0c0fc48c274fbb
ks_user: docker.io/openstackhelm/heat:ocata
ks_service: docker.io/openstackhelm/heat:ocata
ks_endpoints: docker.io/openstackhelm/heat:ocata

View File

@ -17,9 +17,8 @@ data:
cluster_domain: cluster.local
service_ip: 10.96.0.10
upstream_servers:
- 8.8.8.8
- 8.8.4.4
upstream_servers_joined: 8.8.8.8,8.8.4.4
- 172.24.1.9
upstream_servers_joined: 172.24.1.9
genesis:
hostname: n0

View File

@ -40,5 +40,5 @@ data:
metric: 10
dns:
domain: gate.local
servers: '8.8.8.8 8.8.4.4'
servers: '172.24.1.9'
...

View File

@ -0,0 +1,24 @@
---
schema: armada/Chart/v1
metadata:
schema: metadata/Document/v1
name: ingress-kube-system
replacement: true
layeringDefinition:
abstract: false
layer: site
parentSelector:
name: ingress-kube-system
actions:
- method: merge
path: .
storagePolicy: cleartext
data:
values:
network:
ingress:
disable-ipv6: "true"
vip:
manage: true
addr: '172.24.1.6/32'
...

View File

@ -26,6 +26,8 @@ data:
secret_ssh_key: true
conf:
drydock:
maasdriver:
maas_api_url: 'http://maas.gate.local:9085/MAAS/api/2.0/'
plugins:
oob_driver:
- 'drydock_provisioner.drivers.oob.pyghmi_driver.driver.PyghmiDriver'

View File

@ -25,11 +25,36 @@ data:
manifests:
secret_ssh_key: true
conf:
cache:
enabled: true
dns:
dns_servers: 172.24.1.9
maas:
dns: {dns_servers: '172.24.1.9'}
ntp: {use_external_only: 'true' }
cache: {enabled: true}
network:
maas_ingress:
addr: 172.24.1.5/32
addr: '172.24.1.5/32'
endpoints:
maas_region:
host_fqdn_override:
public: maas.gate.local
port:
region_api:
public: 9085
maas_ingress:
hosts:
default: maas-ingress
error_pages: maas-ingress-error
host_fqdn_override:
public: null
port:
http:
default: 9080
https:
default: 9443
error_pages:
default: 8080
podport: 8080
healthz:
podport: 10259
status:
podport: 18089
...

View File

@ -21,9 +21,14 @@ data:
ucp:
maas:
location: https://git.openstack.org/openstack/airship-maas
reference: refs/changes/53/600253/1
reference: refs/changes/53/600253/39
maas-htk:
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: 4cd00f3ac539f625e7cd9733ae46232b2082027a
images:
ucp:
maas:
maas_region: docker.io/sthussey/maas-region-controller:dev
maas_region: 'docker.io/sthussey/maas-region-controller:dev'
maas_cache: 'quay.io/airshipit/sstream-cache:master'
...

View File

@ -16,6 +16,7 @@ export SHIPYARD_PASSWORD=${SHIPYARD_OS_PASSWORD:-password18}
export REGISTRY_DATA_DIR=${REGISTRY_DATA_DIR:-/mnt/registry}
export VIRSH_POOL=${VIRSH_POOL:-airship}
export VIRSH_POOL_PATH=${VIRSH_POOL_PATH:-/var/lib/libvirt/airship}
export UPSTREAM_DNS=${UPSTREAM_DNS:-"8.8.8.8 208.67.220.220"}
config_vm_memory() {
nodename=${1}

View File

@ -30,5 +30,5 @@ ingress_dns_start() {
ssh_cmd "${nodename}" mkdir -p "${remote_work_dir}"
rsync_cmd "$DNS_ZONE_FILE" "${nodename}:${remote_zone_file}"
rsync_cmd "$COREFILE" "${nodename}:${remote_corefile}"
ssh_cmd "${nodename}" docker run -d -v /var/tmp/coredns:/data -w /data --network host -P $IMAGE_COREDNS -conf $(basename $remote_corefile)
ssh_cmd "${nodename}" docker run -d -v /var/tmp/coredns:/data -w /data --network host --restart always -P $IMAGE_COREDNS -conf $(basename $remote_corefile)
}

View File

@ -117,11 +117,11 @@ vm_clean() {
}
vm_clean_all() {
log Removing all VMs in parallel
log Removing all VMs
VM_NAMES=($(config_vm_names))
for NAME in ${VM_NAMES[*]}
do
vm_clean "${NAME}" &
vm_clean "${NAME}"
done
wait
}

View File

@ -6,10 +6,8 @@
},
"ingress": {
"domain": "gate.local",
"172.24.1.5": [
"maas",
"drydock"
]
"172.24.1.5": ["maas"],
"172.24.1.6": ["drydock","shipyard","keystone"]
},
"stages": [
{

View File

@ -4,6 +4,6 @@ ${DNS_DOMAIN} {
}
. {
forward . /etc/resolv.conf
forward . ${UPSTREAM_DNS}
log
}