openstack
/
openstack-helm
Code Issues Proposed changes

Rabbitmq Credential Management 

- This PS implements job to create new user
for each chart

Change-Id: I7335ba4ad4bc9f70871100dbd9e6f030049abe07
This commit is contained in:
Renis 2018-02-03 21:16:34 -08:00
parent 62698f7ea7
commit 1ecc905b65
56 changed files with 1181 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
barbican/templates/configmap-bin.yaml
View File

@ -42,4 +42,6 @@ data:
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
barbican/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "barbican" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
barbican/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "barbican" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
barbican/values.yaml
View File

@ -35,6 +35,7 @@ images:
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
barbican_api: docker.io/openstackhelm/barbican:newton
rabbit_init: docker.io/rabbitmq:3.7-management
pull_policy: "IfNotPresent"
pod:
@ -108,6 +109,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
@ -195,6 +203,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
conf:
paste:
@ -390,6 +402,9 @@ secrets:
oslo_db:
admin: barbican-db-admin
barbican: barbican-db-user
oslo_messaging:
admin: barbican-rabbitmq-admin
barbican: barbican-rabbitmq-user
endpoints:
cluster_domain_suffix: cluster.local
@ -459,9 +474,12 @@ endpoints:
default: 3306
oslo_messaging:
auth:
barbican:
admin:
username: rabbitmq
password: password
barbican:
username: barbican
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -471,6 +489,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
hosts:
default: memcached
@ -489,6 +509,7 @@ manifests:
job_db_init: true
job_db_sync: true
job_db_drop: false
job_rabbit_init: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
@ -496,5 +517,6 @@ manifests:
pod_test: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_api: true
service_api: true

2
ceilometer/templates/configmap-bin.yaml
View File

@ -51,4 +51,6 @@ data:
{{ tuple "bin/_ceilometer-compute.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ceilometer-notification.sh: |
{{ tuple "bin/_ceilometer-notification.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
ceilometer/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "ceilometer" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
ceilometer/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ceilometer" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
ceilometer/values.yaml
View File

@ -46,6 +46,7 @@ images:
db_init_mongodb: docker.io/mongo:3.4.9-jessie
db_init: docker.io/kolla/ubuntu-source-ceilometer-api:3.0.3
ceilometer_db_sync: docker.io/kolla/ubuntu-source-ceilometer-api:3.0.3
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -1576,6 +1577,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
notification:
jobs:
- ceilometer-db-init-mongodb
@ -1612,6 +1617,9 @@ secrets:
mongodb:
admin: ceilometer-mongodb-admin
ceilometer: ceilometer-mongodb-user
oslo_messaging:
admin: ceilometer-rabbitmq-admin
ceilometer: ceilometer-rabbitmq-user
bootstrap:
enabled: false
@ -1768,9 +1776,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
ceilometer:
admin:
username: rabbitmq
password: password
ceilometer:
username: ceilometer
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -1780,6 +1791,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
pod:
affinity:
@ -1886,6 +1899,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "124Mi"
@ -1931,10 +1951,12 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
pod_rally_test: true
secret_db: true
secret_keystone: true
secret_mongodb: true
secret_rabbitmq: true
service_api: true
service_ingress_api: true

2
cinder/templates/configmap-bin.yaml
View File

@ -61,4 +61,6 @@ data:
bootstrap.sh: |
{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
cinder/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "cinder" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
cinder/templates/secret_rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "cinder" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
cinder/values.yaml
View File

@ -47,6 +47,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
cinder_db_sync: docker.io/openstackhelm/cinder:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -154,6 +155,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_init:
requests:
memory: "128Mi"
@ -568,6 +576,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
scheduler:
jobs:
- cinder-db-sync
@ -622,6 +634,9 @@ secrets:
rbd:
backup: cinder-backup-rbd-keyring
volume: cinder-volume-rbd-keyring
oslo_messaging:
admin: cinder-rabbitmq-admin
cinder: cinder-rabbitmq-user
# We use a different layout of the endpoints here to account for versioning
# this swaps the service name and type, and should be rolled out to other
@ -762,9 +777,12 @@ endpoints:
default: 3306
oslo_messaging:
auth:
cinder:
admin:
username: rabbitmq
password: password
cinder:
username: cinder
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -774,6 +792,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
hosts:
default: memcached
@ -796,6 +816,7 @@ manifests:
job_bootstrap: true
job_clean: true
job_db_init: true
job_rabbit_init: true
job_db_sync: true
job_db_drop: false
job_ks_endpoints: true
@ -807,5 +828,6 @@ manifests:
pvc_backup: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_api: true
service_ingress_api: true

2
congress/templates/configmap-bin.yaml
View File

@ -46,4 +46,6 @@ data:
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
congress/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "congress" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
congress/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "congress" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
congress/values.yaml
View File

@ -41,6 +41,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
congress_db_sync: docker.io/openstackhelm/congress:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -130,6 +131,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
policy_engine:
jobs:
- congress-db-sync
@ -159,6 +164,9 @@ secrets:
admin: congress-db-admin
congress: congress-db-user
rbd: images-rbd-keyring
oslo_messaging:
admin: congress-rabbitmq-admin
congress: congress-rabbitmq-user
bootstrap:
enabled: false
@ -242,9 +250,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
congress:
admin:
username: rabbitmq
password: password
congress:
username: congress
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -254,6 +265,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
policy:
datasource_services:
@ -403,6 +416,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
@ -450,6 +470,7 @@ manifests:
job_db_init: true
job_db_sync: true
job_ds_create: true
job_rabbit_init: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
@ -457,3 +478,4 @@ manifests:
secret_keystone: true
service_api: true
service_ingress_api: true
secret_rabbitmq: true

2
glance/templates/configmap-bin.yaml
View File

@ -55,4 +55,6 @@ data:
{{ tuple "bin/_clean-image.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
clean-secrets.sh: |
{{ tuple "bin/_clean-secrets.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
glance/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "glance" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
glance/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "glance" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

25
glance/values.yaml
View File

@ -46,6 +46,7 @@ images:
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
glance_api: docker.io/openstackhelm/glance:newton
glance_registry: docker.io/openstackhelm/glance:newton
# Bootstrap image requires curl
@ -356,6 +357,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
registry:
jobs:
- glance-storage-init
@ -390,6 +395,10 @@ secrets:
admin: glance-db-admin
glance: glance-db-user
rbd: images-rbd-keyring
oslo_messaging:
admin: glance-rabbitmq-admin
glance: glance-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -493,9 +502,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
glance:
admin:
username: rabbitmq
password: password
glance:
username: glance
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -505,6 +517,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
ceph_object_store:
name: radosgw
namespace: ceph
@ -632,6 +646,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
bootstrap:
requests:
memory: "128Mi"
@ -663,12 +684,14 @@ manifests:
job_ks_service: true
job_ks_user: true
job_storage_init: true
job_rabbit_init: true
pdb_api: true
pdb_registry: true
pod_rally_test: true
pvc_images: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_api: true
service_ingress_registry: true
service_api: true

2
heat/templates/configmap-bin.yaml
View File

@ -52,4 +52,6 @@ data:
{{ tuple "bin/_heat-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
heat-engine-cleaner.sh: |
{{ tuple "bin/_heat-engine-cleaner.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
heat/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "heat" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
heat/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "heat" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
heat/values.yaml
View File

@ -42,6 +42,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
heat_db_sync: docker.io/openstackhelm/heat:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -365,6 +366,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
trusts:
jobs:
- heat-ks-user
@ -384,6 +389,9 @@ secrets:
oslo_db:
admin: heat-db-admin
heat: heat-db-user
oslo_messaging:
admin: heat-rabbitmq-admin
heat: heat-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -510,9 +518,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
heat:
admin:
username: rabbitmq
password: password
heat:
username: heat
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -522,6 +533,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
pod:
user:
@ -664,6 +677,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -706,11 +726,13 @@ manifests:
job_ks_user_domain: true
job_ks_user_trustee: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
pdb_cfn: true
pdb_cloudwatch: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_api: true
service_cfn: true
service_cloudwatch: true

74
helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl Normal file
View File

@ -0,0 +1,74 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.manifests.job_rabbit_init" -}}
{{- $envAll := index . "envAll" -}}
{{- $serviceName := index . "serviceName" -}}
{{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}}
{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.rabbit_init -}}
{{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}}
{{- $serviceUser := index . "serviceUser" | default $serviceName -}}
{{- $serviceUserPretty := $serviceUser | replace "_" "-" -}}
{{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ printf "%s-%s" $serviceUserPretty "rabbit-init" | quote }}
spec:
template:
metadata:
labels:
{{ tuple $envAll $serviceName "rabbit-init" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
spec:
serviceAccountName: {{ $serviceAccountName | quote }}
restartPolicy: OnFailure
nodeSelector:
{{ toYaml $nodeSelector | indent 8 }}
initContainers:
{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: rabbit-init
image: {{ $envAll.Values.images.tags.rabbit_init | quote }}
imagePullPolicy: {{ $envAll.Values.images.pull_policy | quote }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.rabbit_init | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
command:
- /tmp/rabbit-init.sh
volumeMounts:
- name: rabbit-init-sh
mountPath: /tmp/rabbit-init.sh
subPath: rabbit-init.sh
readOnly: true
env:
- name: RABBITMQ_ADMIN_CONNECTION
valueFrom:
secretKeyRef:
name: {{ $envAll.Values.secrets.oslo_messaging.admin }}
key: RABBITMQ_CONNECTION
- name: RABBITMQ_USER_CONNECTION
valueFrom:
secretKeyRef:
name: {{ index $envAll.Values.secrets.oslo_messaging $serviceName }}
key: RABBITMQ_CONNECTION
volumes:
- name: rabbit-init-sh
configMap:
name: {{ $configMapBin | quote }}
defaultMode: 0555
{{- end -}}

67
helm-toolkit/templates/scripts/_rabbit-init.sh.tpl Normal file
View File

@ -0,0 +1,67 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "helm-toolkit.scripts.rabbit_init" }}
#!/bin/bash
set -ex
# Extract connection details
RABBIT_HOSTNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
| awk -F'[:/]' '{print $1}'`
RABBIT_PORT=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $2}' \
| awk -F'[:/]' '{print $2}'`
# Extract Admin User creadential
RABBITMQ_ADMIN_USERNAME=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $4}'`
RABBITMQ_ADMIN_PASSWORD=`echo $RABBITMQ_ADMIN_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $5}'`
# Extract User creadential
RABBITMQ_USERNAME=`echo $RABBITMQ_USER_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $4}'`
RABBITMQ_PASSWORD=`echo $RABBITMQ_USER_CONNECTION | awk -F'[@]' '{print $1}' \
| awk -F'[//:]' '{print $5}'`
# Using admin creadential, list current rabbitmq users
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
list users
# if user already exist, credentials will be overwritten
# Using admin creadential, adding new admin rabbitmq user"
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
declare user name=$RABBITMQ_USERNAME password=$RABBITMQ_PASSWORD \
tags="administrator"
# Declare permissions for new user
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_ADMIN_USERNAME --password=$RABBITMQ_ADMIN_PASSWORD \
declare permission vhost="/" user=$RABBITMQ_USERNAME \
configure=".*" write=".*" read=".*"
# Using new user creadential, list current rabbitmq users
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_USERNAME --password=$RABBITMQ_PASSWORD \
list users
# Using new user creadential, list permissions
rabbitmqadmin --host=$RABBIT_HOSTNAME --port=$RABBIT_PORT \
--username=$RABBITMQ_USERNAME --password=$RABBITMQ_PASSWORD \
list permissions
{{- end }}

2
ironic/templates/configmap-bin.yaml
View File

@ -54,4 +54,6 @@ data:
{{ tuple "bin/_ironic-conductor-http.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ironic-conductor-http-init.sh: |
{{ tuple "bin/_ironic-conductor-http-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
ironic/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "ironic" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
ironic/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ironic" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
ironic/values.yaml
View File

@ -39,6 +39,7 @@ images:
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ironic_api: docker.io/openstackhelm/ironic:newton
ironic_conductor: docker.io/openstackhelm/ironic:newton
ironic_pxe: docker.io/openstackhelm/ironic:newton
@ -209,6 +210,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
manage_cleaning_network:
services:
- endpoint: internal
@ -222,6 +227,9 @@ secrets:
oslo_db:
admin: ironic-db-admin
ironic: ironic-db-user
oslo_messaging:
admin: ironic-rabbitmq-admin
ironic: ironic-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -336,9 +344,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
ironic:
admin:
username: rabbitmq
password: password
ironic:
username: ironic
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -348,6 +359,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
network:
name: neutron
hosts:
@ -457,6 +470,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -477,9 +497,11 @@ manifests:
job_ks_service: true
job_ks_user: true
job_manage_cleaning_network: true
job_rabbit_init: true
pdb_api: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_api: true
service_ingress_api: true
statefulset_conductor: true

2
keystone/templates/configmap-bin.yaml
View File

@ -45,4 +45,6 @@ data:
{{ tuple "bin/_domain-manage-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
domain-manage.sh: |
{{ tuple "bin/_domain-manage.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
keystone/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "keystone" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
keystone/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "keystone" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
keystone/values.yaml
View File

@ -35,6 +35,7 @@ images:
keystone_db_sync: docker.io/openstackhelm/keystone:newton
db_drop: docker.io/openstackhelm/heat:newton
ks_user: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
keystone_fernet_setup: docker.io/openstackhelm/keystone:newton
keystone_fernet_rotate: docker.io/openstackhelm/keystone:newton
keystone_credential_setup: docker.io/openstackhelm/keystone:newton
@ -111,6 +112,10 @@ dependencies:
services:
- endpoint: internal
service: oslo_db
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
domain_manage:
services:
- endpoint: internal
@ -223,6 +228,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -734,6 +746,9 @@ secrets:
oslo_db:
admin: keystone-db-admin
keystone: keystone-db-user
oslo_messaging:
admin: keystone-rabbitmq-admin
keystone: keystone-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -794,9 +809,12 @@ endpoints:
oslo_messaging:
namespace: null
auth:
keystone:
admin:
username: rabbitmq
password: password
keystone:
username: keystone
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -806,6 +824,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
namespace: null
hosts:
@ -830,11 +850,13 @@ manifests:
job_db_drop: false
job_domain_manage: true
job_fernet_setup: true
job_rabbit_init: true
pdb_api: true
pod_rally_test: true
secret_credential_keys: true
secret_db: true
secret_fernet_keys: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_api: true
service_api: true

2
magnum/templates/configmap-bin.yaml
View File

@ -42,4 +42,6 @@ data:
{{ tuple "bin/_magnum-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
magnum-conductor.sh: |
{{ tuple "bin/_magnum-conductor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
magnum/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "magnum" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
magnum/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "magnum" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

25
magnum/values.yaml
View File

@ -36,6 +36,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
magnum_db_sync: docker.io/openstackhelm/magnum:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -186,7 +187,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
# Names of secrets used by bootstrap and environmental checks
secrets:
identity:
@ -195,6 +199,9 @@ secrets:
oslo_db:
admin: magnum-db-admin
magnum: magnum-db-user
oslo_messaging:
admin: magnum-rabbitmq-admin
magnum: magnum-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -275,9 +282,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
magnum:
admin:
username: rabbitmq
password: password
magnum:
username: magnum
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -287,6 +297,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
pod:
user:
@ -391,6 +403,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -411,9 +430,11 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_api: true
service_ingress_api: true
statefulset_conductor: true

2
mistral/templates/configmap-bin.yaml
View File

@ -46,4 +46,6 @@ data:
{{ tuple "bin/_mistral-event-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
mistral-executor.sh: |
{{ tuple "bin/_mistral-executor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
mistral/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "mistral" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
mistral/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "mistral" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
mistral/values.yaml
View File

@ -43,6 +43,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
mistral_db_sync: docker.io/kolla/ubuntu-source-mistral-api:3.0.3
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -139,6 +140,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
# Names of secrets used by bootstrap and environmental checks
secrets:
@ -148,6 +153,9 @@ secrets:
oslo_db:
admin: mistral-db-admin
mistral: mistral-db-user
oslo_messaging:
admin: mistral-rabbitmq-admin
mistral: mistral-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -220,9 +228,12 @@ endpoints:
default: 3306
oslo_messaging:
auth:
mistral:
admin:
username: rabbitmq
password: password
mistral:
username: mistral
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -232,6 +243,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
hosts:
default: memcached
@ -434,6 +447,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -455,9 +475,11 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_api: true
service_api: true
statefulset_engine: true

2
neutron/templates/configmap-bin.yaml
View File

@ -63,4 +63,6 @@ data:
{{ tuple "bin/_neutron-openvswitch-agent-init-modules.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
neutron-server.sh: |
{{ tuple "bin/_neutron-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
neutron/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "neutron" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
neutron/templates/secret_rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "neutron" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

35
neutron/values.yaml
View File

@ -26,6 +26,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
neutron_db_sync: docker.io/openstackhelm/neutron:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -157,6 +158,8 @@ dependencies:
service: oslo_db
dhcp:
daemonset: null
jobs:
- neutron-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -178,8 +181,14 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
l3:
daemonset: null
jobs:
- neutron-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -188,6 +197,8 @@ dependencies:
- endpoint: internal
service: compute
lb_agent:
jobs:
- neutron-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -195,6 +206,8 @@ dependencies:
service: network
metadata:
daemonset: null
jobs:
- neutron-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -205,6 +218,8 @@ dependencies:
- endpoint: public
service: compute_metadata
ovs_agent:
jobs:
- neutron-rabbit-init
daemonset:
- openvswitch-vswitchd
- openvswitch-db
@ -218,6 +233,7 @@ dependencies:
- neutron-db-sync
- neutron-ks-user
- neutron-ks-endpoints
- neutron-rabbit-init
services:
- endpoint: internal
service: oslo_db
@ -367,6 +383,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
@ -1040,6 +1063,9 @@ secrets:
oslo_db:
admin: neutron-db-admin
neutron: neutron-db-user
oslo_messaging:
admin: neutron-rabbitmq-admin
neutron: neutron-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -1065,8 +1091,11 @@ endpoints:
default: 3306
oslo_messaging:
auth:
admin:
username: rabbitmq
password: password
neutron:
username: rabbitmq
username: neutron
password: password
hosts:
default: rabbitmq
@ -1077,6 +1106,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
hosts:
default: memcached
@ -1197,9 +1228,11 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_server: true
pod_rally_test: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_server: true
service_server: true

2
nova/templates/configmap-bin.yaml
View File

@ -79,4 +79,6 @@ data:
{{ tuple "bin/_ssh-start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
cell-setup.sh: |
{{ tuple "bin/_cell-setup.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
nova/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "nova" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
nova/templates/secret_rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "nova" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

31
nova/values.yaml
View File

@ -65,6 +65,7 @@ images:
db_drop: docker.io/openstackhelm/heat:newton
db_init: docker.io/openstackhelm/heat:newton
dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.2.1'
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -199,6 +200,7 @@ dependencies:
- nova-db-sync
- nova-ks-user
- nova-ks-endpoints
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -217,6 +219,7 @@ dependencies:
cell_setup:
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -231,6 +234,7 @@ dependencies:
- libvirt
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -243,6 +247,7 @@ dependencies:
compute_ironic:
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -257,6 +262,7 @@ dependencies:
conductor:
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -269,6 +275,7 @@ dependencies:
consoleauth:
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -306,6 +313,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
novncproxy:
jobs:
- nova-db-sync
@ -315,6 +326,7 @@ dependencies:
scheduler:
jobs:
- nova-db-sync
- nova-rabbit-init
services:
- endpoint: internal
service: oslo_messaging
@ -1048,6 +1060,9 @@ secrets:
oslo_db_cell0:
admin: nova-db-api-admin
nova: nova-db-api-user
oslo_messaging:
admin: nova-rabbitmq-admin
nova: nova-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -1107,9 +1122,12 @@ endpoints:
default: 3306
oslo_messaging:
auth:
nova:
admin:
username: rabbitmq
password: password
nova:
username: nova
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -1119,6 +1137,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
oslo_cache:
hosts:
default: memcached
@ -1493,6 +1513,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
@ -1563,6 +1590,7 @@ manifests:
job_db_init_placement: true
job_db_sync: true
job_db_drop: false
job_rabbit_init: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
@ -1578,6 +1606,7 @@ manifests:
secret_db: true
secret_keystone: true
secret_keystone_placement: true
secret_rabbitmq: true
service_ingress_metadata: true
service_ingress_placement: true
service_ingress_osapi: true

2
senlin/templates/configmap-bin.yaml
View File

@ -42,4 +42,6 @@ data:
{{ tuple "bin/_senlin-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
senlin-engine.sh: |
{{ tuple "bin/_senlin-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

19
senlin/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,19 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "senlin" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

30
senlin/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "senlin" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

24
senlin/values.yaml
View File

@ -36,6 +36,7 @@ images:
db_init: docker.io/openstackhelm/heat:newton
senlin_db_sync: docker.io/openstackhelm/senlin:newton
db_drop: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_endpoints: docker.io/openstackhelm/heat:newton
@ -198,6 +199,10 @@ dependencies:
services:
- endpoint: internal
service: identity
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
# Names of secrets used by bootstrap and environmental checks
secrets:
@ -207,6 +212,9 @@ secrets:
oslo_db:
admin: senlin-db-admin
senlin: senlin-db-user
oslo_messaging:
admin: senlin-rabbitmq-admin
senlin: senlin-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
@ -287,9 +295,12 @@ endpoints:
default: 11211
oslo_messaging:
auth:
senlin:
admin:
username: rabbitmq
password: password
senlin:
username: senlin
password: password
hosts:
default: rabbitmq
host_fqdn_override:
@ -299,6 +310,8 @@ endpoints:
port:
amqp:
default: 5672
http:
default: 15672
pod:
user:
@ -403,6 +416,13 @@ pod:
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
@ -423,9 +443,11 @@ manifests:
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
secret_db: true
secret_keystone: true
secret_rabbitmq: true
service_ingress_api: true
service_api: true
statefulset_engine: true

14
tools/deployment/armada/generate-passwords.sh
View File

@ -17,13 +17,15 @@
set -xe
passwords="DB_ADMIN_PASSWORD ELASTICSEARCH_ADMIN_PASSWORD GRAFANA_DB_PASSWORD GRAFANA_SESSION_DB_PASSWORD \
GRAFANA_ADMIN_PASSWORD KIBANA_ADMIN_PASSWORD KEYSTONE_RABBITMQ_PASSWORD KEYSTONE_DB_PASSWORD \
KEYSTONE_ADMIN_PASSWORD SWIFT_USER_PASSWORD GLANCE_RABBITMQ_PASSWORD GLANCE_DB_PASSWORD \
GLANCE_USER_PASSWORD CINDER_RABBITMQ_PASSWORD CINDER_DB_PASSWORD CINDER_USER_PASSWORD \
NOVA_RABBITMQ_PASSWORD NOVA_DB_PASSWORD NOVA_USER_PASSWORD NOVA_PLACEMENT_USER_PASSWORD \
NEUTRON_RABBITMQ_PASSWORD NEUTRON_DB_PASSWORD NEUTRON_USER_PASSWORD HEAT_RABBITMQ_PASSWORD \
GRAFANA_ADMIN_PASSWORD KIBANA_ADMIN_PASSWORD KEYSTONE_RABBITMQ_ADMIN_PASSWORD KEYSTONE_DB_PASSWORD \
KEYSTONE_ADMIN_PASSWORD SWIFT_USER_PASSWORD GLANCE_RABBITMQ_ADMIN_PASSWORD GLANCE_DB_PASSWORD \
GLANCE_USER_PASSWORD CINDER_RABBITMQ_ADMIN_PASSWORD CINDER_DB_PASSWORD CINDER_USER_PASSWORD \
NOVA_RABBITMQ_ADMIN_PASSWORD NOVA_DB_PASSWORD NOVA_USER_PASSWORD NOVA_PLACEMENT_USER_PASSWORD \
NEUTRON_RABBITMQ_ADMIN_PASSWORD NEUTRON_DB_PASSWORD NEUTRON_USER_PASSWORD HEAT_RABBITMQ_ADMIN_PASSWORD \
HEAT_DB_PASSWORD HEAT_USER_PASSWORD HEAT_TRUSTEE_PASSWORD HEAT_STACK_PASSWORD \
BARBICAN_RABBITMQ_PASSWORD BARBICAN_DB_PASSWORD BARBICAN_USER_PASSWORD OPENSTACK_EXPORTER_USER_PASSWORD"
BARBICAN_RABBITMQ_ADMIN_PASSWORD BARBICAN_DB_PASSWORD BARBICAN_USER_PASSWORD OPENSTACK_EXPORTER_USER_PASSWORD \
KEYSTONE_RABBITMQ_USER_PASSWORD GLANCE_RABBITMQ_USER_PASSWORD CINDER_RABBITMQ_USER_PASSWORD NOVA_RABBITMQ_USER_PASSWORD \
NEUTRON_RABBITMQ_USER_PASSWORD HEAT_RABBITMQ_USER_PASSWORD BARBICAN_RABBITMQ_USER_PASSWORD"
for password in $passwords
do

79
tools/deployment/armada/multinode/armada-osh.yaml
View File

@ -212,8 +212,8 @@ data:
oslo_messaging:
auth:
user:
username: keystone-rabbitmq
password: ${KEYSTONE_RABBITMQ_PASSWORD}
username: keystone-rabbitmq-admin
password: ${KEYSTONE_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: keystone-rabbitmq
prometheus_rabbitmq_exporter:
@ -295,9 +295,14 @@ data:
password: ${KEYSTONE_DB_PASSWORD}
oslo_messaging:
auth:
admin:
username: keystone-rabbitmq-admin
password: ${KEYSTONE_RABBITMQ_ADMIN_PASSWORD}
keystone:
username: keystone-rabbitmq
password: ${KEYSTONE_RABBITMQ_PASSWORD}
username: keystone-rabbitmq-user
password: ${KEYSTONE_RABBITMQ_USER_PASSWORD}
hosts:
default: keystone-rabbitmq
labels:
api:
node_selector_key: openstack-control-plane
@ -444,8 +449,8 @@ data:
oslo_messaging:
auth:
user:
username: glance-rabbitmq
password: ${GLANCE_RABBITMQ_PASSWORD}
username: glance-rabbitmq-admin
password: ${GLANCE_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: glance-rabbitmq
prometheus_rabbitmq_exporter:
@ -527,9 +532,12 @@ data:
default: glance-memcached
oslo_messaging:
auth:
admin:
username: glance-rabbitmq-admin
password: ${GLANCE_RABBITMQ_ADMIN_PASSWORD}
glance:
username: glance-rabbitmq
password: ${GLANCE_RABBITMQ_PASSWORD}
username: glance-rabbitmq-user
password: ${GLANCE_RABBITMQ_USER_PASSWORD}
hosts:
default: glance-rabbitmq
labels:
@ -618,8 +626,8 @@ data:
oslo_messaging:
auth:
user:
username: cinder-rabbitmq
password: ${CINDER_RABBITMQ_PASSWORD}
username: cinder-rabbitmq-admin
password: ${CINDER_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: cinder-rabbitmq
prometheus_rabbitmq_exporter:
@ -701,9 +709,12 @@ data:
default: cinder-memcached
oslo_messaging:
auth:
admin:
username: cinder-rabbitmq-admin
password: ${CINDER_RABBITMQ_ADMIN_PASSWORD}
cinder:
username: cinder-rabbitmq
password: ${CINDER_RABBITMQ_PASSWORD}
username: cinder-rabbitmq-user
password: ${CINDER_RABBITMQ_USER_PASSWORD}
hosts:
default: cinder-rabbitmq
labels:
@ -841,8 +852,8 @@ data:
oslo_messaging:
auth:
user:
username: nova-rabbitmq
password: ${NOVA_RABBITMQ_PASSWORD}
username: nova-rabbitmq-admin
password: ${NOVA_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: nova-rabbitmq
prometheus_rabbitmq_exporter:
@ -953,9 +964,12 @@ data:
default: nova-memcached
oslo_messaging:
auth:
admin:
username: nova-rabbitmq-admin
password: ${NOVA_RABBITMQ_ADMIN_PASSWORD}
nova:
username: nova-rabbitmq
password: ${NOVA_RABBITMQ_PASSWORD}
username: nova-rabbitmq-user
password: ${NOVA_RABBITMQ_USER_PASSWORD}
hosts:
default: nova-rabbitmq
labels:
@ -1065,8 +1079,8 @@ data:
oslo_messaging:
auth:
user:
username: neutron-rabbitmq
password: ${NEUTRON_RABBITMQ_PASSWORD}
username: neutron-rabbitmq-admin
password: ${NEUTRON_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: neutron-rabbitmq
prometheus_rabbitmq_exporter:
@ -1146,9 +1160,12 @@ data:
default: neutron-memcached
oslo_messaging:
auth:
admin:
username: neutron-rabbitmq-admin
password: ${NEUTRON_RABBITMQ_ADMIN_PASSWORD}
neutron:
username: neutron-rabbitmq
password: ${NEUTRON_RABBITMQ_PASSWORD}
username: neutron-rabbitmq-user
password: ${NEUTRON_RABBITMQ_USER_PASSWORD}
hosts:
default: neutron-rabbitmq
pod:
@ -1260,8 +1277,8 @@ data:
oslo_messaging:
auth:
user:
username: heat-rabbitmq
password: ${HEAT_RABBITMQ_PASSWORD}
username: heat-rabbitmq-admin
password: ${HEAT_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: heat-rabbitmq
prometheus_rabbitmq_exporter:
@ -1343,9 +1360,12 @@ data:
default: heat-memcached
oslo_messaging:
auth:
admin:
username: heat-rabbitmq-admin
password: ${HEAT_RABBITMQ_ADMIN_PASSWORD}
heat:
username: heat-rabbitmq
password: ${HEAT_RABBITMQ_PASSWORD}
username: heat-rabbitmq-user
password: ${HEAT_RABBITMQ_USER_PASSWORD}
hosts:
default: heat-rabbitmq
labels:
@ -1429,8 +1449,8 @@ data:
oslo_messaging:
auth:
user:
username: barbican-rabbitmq
password: ${BARBICAN_RABBITMQ_PASSWORD}
username: barbican-rabbitmq-admin
password: ${BARBICAN_RABBITMQ_ADMIN_PASSWORD}
hosts:
default: barbican-rabbitmq
prometheus_rabbitmq_exporter:
@ -1508,9 +1528,12 @@ data:
default: barbican-memcached
oslo_messaging:
auth:
admin:
username: barbican-rabbitmq-admin
password: ${BARBICAN_RABBITMQ_ADMIN_PASSWORD}
barbican:
username: barbican-rabbitmq
password: ${BARBICAN_RABBITMQ_PASSWORD}
username: barbican-rabbitmq-user
password: ${BARBICAN_RABBITMQ_USER_PASSWORD}
hosts:
default: barbican-rabbitmq
labels: