From 354b311ec575ad5c326fd9cbaf63bc35a748c4f0 Mon Sep 17 00:00:00 2001 From: Steve Wilkerson Date: Thu, 10 May 2018 17:09:18 -0500 Subject: [PATCH] Add local-registry image managment to OSH from OSH-Infra This PS adds the local registry image managment to OSH from OSH-Infra. With this the delta between helm-toolkits in the Repo's is removed, allowing the toolkit from OSH-Infra to be used and the one from OSH to be depreciated. Change-Id: If5e218cf7df17261fe5ef249d281f9d9637e2f6a Co-Authored-By: Pete Birley --- barbican/templates/configmap-bin.yaml | 4 ++ barbican/templates/deployment-api.yaml | 5 +-- barbican/templates/job-image-repo-sync.yaml | 20 +++++++++ barbican/templates/pod-test.yaml | 4 +- barbican/values.yaml | 38 +++++++++++++++++ ceilometer/templates/configmap-bin.yaml | 4 ++ ceilometer/templates/daemonset-compute.yaml | 5 +-- ceilometer/templates/deployment-api.yaml | 5 +-- ceilometer/templates/deployment-central.yaml | 5 +-- .../templates/deployment-collector.yaml | 5 +-- .../templates/deployment-notification.yaml | 5 +-- ceilometer/templates/job-db-init-mongodb.yaml | 5 +-- ceilometer/templates/job-image-repo-sync.yaml | 20 +++++++++ ceilometer/templates/pod-rally-test.yaml | 5 +-- ceilometer/values.yaml | 38 +++++++++++++++++ ceph-client/templates/configmap-bin.yaml | 6 ++- .../deployment-cephfs-provisioner.yaml | 5 +-- ceph-client/templates/deployment-mds.yaml | 5 +-- ceph-client/templates/deployment-mgr.yaml | 5 +-- .../templates/deployment-rbd-provisioner.yaml | 5 +-- ceph-client/templates/deployment-rgw.yaml | 5 +-- ceph-client/templates/job-bootstrap.yaml | 5 +-- .../templates/job-cephfs-client-key.yaml | 5 +-- .../templates/job-image-repo-sync.yaml | 20 +++++++++ .../job-namespace-client-key-cleaner.yaml | 5 +-- .../templates/job-namespace-client-key.yaml | 5 +-- ceph-client/templates/job-rbd-pool.yaml | 5 +-- ceph-client/values.yaml | 38 +++++++++++++++++ ceph-mon/templates/configmap-bin.yaml | 5 +++ ceph-mon/templates/daemonset-mon.yaml | 5 +-- ceph-mon/templates/deployment-moncheck.yaml | 5 +-- ceph-mon/templates/job-bootstrap.yaml | 5 +-- ceph-mon/templates/job-image-repo-sync.yaml | 20 +++++++++ ceph-mon/templates/job-keyring.yaml | 6 +-- .../templates/job-storage-admin-keys.yaml | 5 +-- ceph-mon/values.yaml | 38 +++++++++++++++++ ceph-osd/templates/configmap-bin.yaml | 4 ++ ceph-osd/templates/daemonset-osd.yaml | 10 ++--- ceph-osd/templates/job-image-repo-sync.yaml | 20 +++++++++ ceph-osd/values.yaml | 40 ++++++++++++++++++ cinder/templates/configmap-bin.yaml | 4 ++ .../cron-job-cinder-volume-usage-audit.yaml | 5 +-- cinder/templates/deployment-api.yaml | 5 +-- cinder/templates/deployment-backup.yaml | 5 +-- cinder/templates/deployment-scheduler.yaml | 5 +-- cinder/templates/deployment-volume.yaml | 5 +-- cinder/templates/job-backup-storage-init.yaml | 5 +-- cinder/templates/job-clean.yaml | 5 +-- cinder/templates/job-image-repo-sync.yaml | 20 +++++++++ cinder/templates/job-storage-init.yaml | 5 +-- cinder/templates/pod-rally-test.yaml | 5 +-- cinder/values.yaml | 38 +++++++++++++++++ congress/templates/configmap-bin.yaml | 4 ++ congress/templates/deployment-api.yaml | 5 +-- congress/templates/deployment-datasource.yaml | 5 +-- .../templates/deployment-policy-engine.yaml | 5 +-- congress/templates/job-ds-create.yaml | 5 +-- congress/templates/job-image-repo-sync.yaml | 20 +++++++++ congress/templates/pod-test.yaml | 3 +- congress/values.yaml | 38 +++++++++++++++++ etcd/templates/configmap-bin.yaml | 4 ++ etcd/templates/deployment.yaml | 6 +-- etcd/templates/job-image-repo-sync.yaml | 20 +++++++++ etcd/values.yaml | 42 ++++++++++++++++++- glance/templates/configmap-bin.yaml | 4 ++ glance/templates/deployment-api.yaml | 5 +-- glance/templates/deployment-registry.yaml | 5 +-- glance/templates/job-clean.yaml | 5 +-- glance/templates/job-image-repo-sync.yaml | 20 +++++++++ glance/templates/job-storage-init.yaml | 5 +-- glance/templates/pod-rally-test.yaml | 5 +-- glance/values.yaml | 38 +++++++++++++++++ gnocchi/templates/configmap-bin.yaml | 4 ++ gnocchi/templates/daemonset-metricd.yaml | 5 +-- gnocchi/templates/daemonset-statsd.yaml | 5 +-- gnocchi/templates/deployment-api.yaml | 5 +-- gnocchi/templates/job-clean.yaml | 5 +-- gnocchi/templates/job-db-init-indexer.yaml | 5 +-- gnocchi/templates/job-db-sync.yaml | 5 +-- gnocchi/templates/job-image-repo-sync.yaml | 20 +++++++++ gnocchi/templates/job-storage-init.yaml | 5 +-- gnocchi/templates/pod-gnocchi-test.yaml | 5 +-- gnocchi/values.yaml | 38 +++++++++++++++++ heat/templates/configmap-bin.yaml | 4 ++ heat/templates/cron-job-engine-cleaner.yaml | 5 +-- heat/templates/deployment-api.yaml | 5 +-- heat/templates/deployment-cfn.yaml | 5 +-- heat/templates/deployment-cloudwatch.yaml | 5 +-- heat/templates/deployment-engine.yaml | 5 +-- heat/templates/job-image-repo-sync.yaml | 20 +++++++++ heat/templates/job-ks-user-domain.yaml | 5 +-- heat/templates/job-trusts.yaml | 5 +-- heat/values.yaml | 38 +++++++++++++++++ .../templates/manifests/_job-bootstrap.yaml | 5 +-- .../manifests/_job-db-drop-mysql.yaml.tpl | 5 +-- .../manifests/_job-db-init-mysql.yaml.tpl | 5 +-- .../templates/manifests/_job-db-sync.yaml.tpl | 5 +-- .../manifests/_job-ks-endpoints.yaml.tpl | 5 +-- .../manifests/_job-ks-service.yaml.tpl | 5 +-- .../templates/manifests/_job-ks-user.yaml.tpl | 5 +-- .../manifests/_job-rabbit-init.yaml.tpl | 5 +-- helm-toolkit/templates/snippets/_image.tpl | 25 +++++++++++ .../_kubernetes_entrypoint_init_container.tpl | 22 +++++++++- .../_kubernetes_pod_rbac_serviceaccount.tpl | 19 ++++++++- horizon/templates/configmap-bin.yaml | 4 ++ horizon/templates/deployment.yaml | 5 +-- horizon/templates/job-db-sync.yaml | 5 +-- horizon/templates/job-image-repo-sync.yaml | 20 +++++++++ horizon/values.yaml | 38 +++++++++++++++++ ingress/templates/configmap-bin.yaml | 4 ++ ingress/templates/deployment-error.yaml | 5 +-- ingress/templates/deployment-ingress.yaml | 5 +-- ingress/templates/job-image-repo-sync.yaml | 20 +++++++++ ingress/values.yaml | 39 +++++++++++++++++ ironic/templates/configmap-bin.yaml | 4 ++ ironic/templates/deployment-api.yaml | 5 +-- ironic/templates/job-image-repo-sync.yaml | 20 +++++++++ .../job-manage-cleaning-network.yaml | 5 +-- ironic/templates/statefulset-conductor.yaml | 5 +-- ironic/values.yaml | 38 +++++++++++++++++ keystone/templates/configmap-bin.yaml | 4 ++ .../templates/cron-job-credential-rotate.yaml | 5 +-- .../templates/cron-job-fernet-rotate.yaml | 5 +-- keystone/templates/deployment-api.yaml | 5 +-- keystone/templates/job-credential-setup.yaml | 5 +-- keystone/templates/job-domain-manage.yaml | 5 +-- keystone/templates/job-fernet-setup.yaml | 5 +-- keystone/templates/job-image-repo-sync.yaml | 20 +++++++++ keystone/templates/pod-rally-test.yaml | 5 +-- keystone/values.yaml | 38 +++++++++++++++++ ldap/templates/configmap-bin.yaml | 4 ++ ldap/templates/job-image-repo-sync.yaml | 20 +++++++++ ldap/templates/statefulset.yaml | 5 +-- ldap/values.yaml | 40 +++++++++++++++++- libvirt/templates/configmap-bin.yaml | 4 ++ libvirt/templates/daemonset-libvirt.yaml | 5 +-- libvirt/templates/job-image-repo-sync.yaml | 20 +++++++++ libvirt/values.yaml | 41 ++++++++++++++++++ magnum/templates/configmap-bin.yaml | 4 ++ magnum/templates/deployment-api.yaml | 5 +-- magnum/templates/job-image-repo-sync.yaml | 20 +++++++++ magnum/templates/job-ks-user-domain.yaml | 5 +-- magnum/templates/statefulset-conductor.yaml | 5 +-- magnum/values.yaml | 39 +++++++++++++++++ mariadb/templates/configmap-bin.yaml | 4 ++ mariadb/templates/deployment-error.yaml | 5 +-- mariadb/templates/deployment-ingress.yaml | 5 +-- mariadb/templates/job-image-repo-sync.yaml | 20 +++++++++ mariadb/templates/statefulset.yaml | 5 +-- mariadb/values.yaml | 40 +++++++++++++++++- memcached/templates/configmap-bin.yaml | 4 ++ memcached/templates/deployment.yaml | 5 +-- memcached/templates/job-image-repo-sync.yaml | 20 +++++++++ memcached/values.yaml | 39 +++++++++++++++++ mistral/templates/configmap-bin.yaml | 4 ++ mistral/templates/deployment-api.yaml | 6 +-- mistral/templates/deployment-executor.yaml | 6 +-- mistral/templates/job-image-repo-sync.yaml | 20 +++++++++ mistral/templates/pod-rally-test.yaml | 5 +-- mistral/templates/statefulset-engine.yaml | 5 +-- .../templates/statefulset-event-engine.yaml | 5 +-- mistral/values.yaml | 38 +++++++++++++++++ mongodb/templates/configmap-bin.yaml | 4 ++ mongodb/templates/job-image-repo-sync.yaml | 20 +++++++++ mongodb/templates/statefulset.yaml | 5 +-- mongodb/values.yaml | 41 +++++++++++++++++- neutron/templates/configmap-bin.yaml | 4 ++ neutron/templates/daemonset-dhcp-agent.yaml | 9 ++-- neutron/templates/daemonset-l3-agent.yaml | 9 ++-- neutron/templates/daemonset-lb-agent.yaml | 9 ++-- .../templates/daemonset-metadata-agent.yaml | 9 ++-- neutron/templates/daemonset-ovs-agent.yaml | 9 ++-- neutron/templates/daemonset-sriov-agent.yaml | 9 ++-- neutron/templates/deployment-server.yaml | 4 +- neutron/templates/job-image-repo-sync.yaml | 20 +++++++++ neutron/templates/pod-rally-test.yaml | 5 +-- neutron/values.yaml | 37 ++++++++++++++++ nova/templates/configmap-bin.yaml | 4 ++ nova/templates/cron-job-cell-setup.yaml | 5 +-- nova/templates/daemonset-compute.yaml | 9 ++-- nova/templates/deployment-api-metadata.yaml | 5 +-- nova/templates/deployment-api-osapi.yaml | 5 +-- nova/templates/deployment-conductor.yaml | 5 +-- nova/templates/deployment-consoleauth.yaml | 5 +-- nova/templates/deployment-novncproxy.yaml | 5 +-- nova/templates/deployment-placement.yaml | 5 +-- nova/templates/deployment-scheduler.yaml | 5 +-- nova/templates/deployment-spiceproxy.yaml | 5 +-- nova/templates/job-cell-setup.yaml | 5 +-- nova/templates/job-image-repo-sync.yaml | 20 +++++++++ .../templates/job-ks-placement-endpoints.yaml | 5 +-- nova/templates/job-ks-placement-service.yaml | 5 +-- nova/templates/job-ks-placement-user.yaml | 5 +-- nova/templates/pod-rally-test.yaml | 5 +-- .../templates/statefulset-compute-ironic.yaml | 6 +-- nova/values.yaml | 37 ++++++++++++++++ openvswitch/templates/configmap-bin.yaml | 4 ++ openvswitch/templates/daemonset-ovs-db.yaml | 5 +-- .../templates/daemonset-ovs-vswitchd.yaml | 5 +-- .../templates/job-image-repo-sync.yaml | 20 +++++++++ openvswitch/values.yaml | 42 +++++++++++++++++++ postgresql/templates/configmap-bin.yaml | 4 ++ postgresql/templates/job-image-repo-sync.yaml | 20 +++++++++ postgresql/templates/statefulset.yaml | 5 +-- postgresql/values.yaml | 41 +++++++++++++++++- rabbitmq/templates/configmap-bin.yaml | 4 ++ rabbitmq/templates/job-image-repo-sync.yaml | 20 +++++++++ .../prometheus/exporter-deployment.yaml | 5 +-- rabbitmq/templates/pod-test.yaml | 5 +-- rabbitmq/templates/statefulset.yaml | 6 +-- rabbitmq/values.yaml | 38 +++++++++++++++++ rally/templates/configmap-bin.yaml | 4 ++ rally/templates/job-bootstrap.yaml | 5 +-- rally/templates/job-image-repo-sync.yaml | 20 +++++++++ rally/templates/job-ks-endpoints.yaml | 5 +-- rally/templates/job-ks-service.yaml | 5 +-- rally/templates/job-manage-db.yaml | 5 +-- rally/templates/job-run-task.yaml | 5 +-- rally/values.yaml | 38 +++++++++++++++++ senlin/templates/configmap-bin.yaml | 4 ++ senlin/templates/cron-job-engine-cleaner.yaml | 5 +-- senlin/templates/deployment-api.yaml | 5 +-- senlin/templates/deployment-engine.yaml | 5 +-- senlin/templates/job-image-repo-sync.yaml | 20 +++++++++ senlin/templates/pod-test.yaml | 5 +-- senlin/values.yaml | 38 +++++++++++++++++ tempest/templates/configmap-bin.yaml | 4 ++ tempest/templates/job-image-repo-sync.yaml | 20 +++++++++ tempest/templates/job-run-tests.yaml | 5 +-- tempest/values.yaml | 38 +++++++++++++++++ 230 files changed, 2236 insertions(+), 437 deletions(-) create mode 100644 barbican/templates/job-image-repo-sync.yaml create mode 100644 ceilometer/templates/job-image-repo-sync.yaml create mode 100644 ceph-client/templates/job-image-repo-sync.yaml create mode 100644 ceph-mon/templates/job-image-repo-sync.yaml create mode 100644 ceph-osd/templates/job-image-repo-sync.yaml create mode 100644 cinder/templates/job-image-repo-sync.yaml create mode 100644 congress/templates/job-image-repo-sync.yaml create mode 100644 etcd/templates/job-image-repo-sync.yaml create mode 100644 glance/templates/job-image-repo-sync.yaml create mode 100644 gnocchi/templates/job-image-repo-sync.yaml create mode 100644 heat/templates/job-image-repo-sync.yaml create mode 100644 helm-toolkit/templates/snippets/_image.tpl create mode 100644 horizon/templates/job-image-repo-sync.yaml create mode 100644 ingress/templates/job-image-repo-sync.yaml create mode 100644 ironic/templates/job-image-repo-sync.yaml create mode 100644 keystone/templates/job-image-repo-sync.yaml create mode 100644 ldap/templates/job-image-repo-sync.yaml create mode 100644 libvirt/templates/job-image-repo-sync.yaml create mode 100644 magnum/templates/job-image-repo-sync.yaml create mode 100644 mariadb/templates/job-image-repo-sync.yaml create mode 100644 memcached/templates/job-image-repo-sync.yaml create mode 100644 mistral/templates/job-image-repo-sync.yaml create mode 100644 mongodb/templates/job-image-repo-sync.yaml create mode 100644 neutron/templates/job-image-repo-sync.yaml create mode 100644 nova/templates/job-image-repo-sync.yaml create mode 100644 openvswitch/templates/job-image-repo-sync.yaml create mode 100644 postgresql/templates/job-image-repo-sync.yaml create mode 100644 rabbitmq/templates/job-image-repo-sync.yaml create mode 100644 rally/templates/job-image-repo-sync.yaml create mode 100644 senlin/templates/job-image-repo-sync.yaml create mode 100644 tempest/templates/job-image-repo-sync.yaml diff --git a/barbican/templates/configmap-bin.yaml b/barbican/templates/configmap-bin.yaml index 87608f7a14..b35a222c76 100644 --- a/barbican/templates/configmap-bin.yaml +++ b/barbican/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: barbican-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml index fbcfcce069..abbf4f7e04 100644 --- a/barbican/templates/deployment-api.yaml +++ b/barbican/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_barbican_api := .Values.pod.mounts.barbican_api.barbican_api }} {{- $mounts_barbican_api_init := .Values.pod.mounts.barbican_api.init_container }} {{- $serviceAccountName := "barbican-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_barbican_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_barbican_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: barbican-api image: {{ .Values.images.tags.barbican_api }} diff --git a/barbican/templates/job-image-repo-sync.yaml b/barbican/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..2104d4dcca --- /dev/null +++ b/barbican/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "barbican" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/barbican/templates/pod-test.yaml b/barbican/templates/pod-test.yaml index 81756d6642..801eb42b67 100644 --- a/barbican/templates/pod-test.yaml +++ b/barbican/templates/pod-test.yaml @@ -22,7 +22,7 @@ limitations under the License. {{- $mounts_barbican_tests_init := .Values.pod.mounts.barbican_tests.init_container }} {{- $serviceAccountName := print .Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +36,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} restartPolicy: Never initContainers: -{{ tuple $envAll $dependencies $mounts_barbican_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "tests" $mounts_barbican_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: {{.Release.Name}}-barbican-test image: {{ .Values.images.tags.scripted_test }} diff --git a/barbican/values.yaml b/barbican/values.yaml index e71b506b73..b7a803975a 100644 --- a/barbican/values.yaml +++ b/barbican/values.yaml @@ -36,7 +36,13 @@ images: ks_endpoints: docker.io/openstackhelm/heat:newton barbican_api: docker.io/openstackhelm/barbican:newton rabbit_init: docker.io/rabbitmq:3.7-management + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync pod: user: @@ -144,6 +150,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" network: api: @@ -166,6 +179,14 @@ bootstrap: openstack token issue dependencies: + dynamic: + common: + local_image_registry: + jobs: + - barbican-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -194,6 +215,10 @@ dependencies: services: - endpoint: internal service: oslo_db + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry ks_endpoints: jobs: - barbican-ks-service @@ -416,6 +441,18 @@ secrets: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -524,6 +561,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_rabbit_init: true job_ks_endpoints: true job_ks_service: true diff --git a/ceilometer/templates/configmap-bin.yaml b/ceilometer/templates/configmap-bin.yaml index 67a300caaf..6c7d59a9ff 100644 --- a/ceilometer/templates/configmap-bin.yaml +++ b/ceilometer/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: ceilometer-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/ceilometer/templates/daemonset-compute.yaml b/ceilometer/templates/daemonset-compute.yaml index 2eac2fe1fe..1e372e8702 100644 --- a/ceilometer/templates/daemonset-compute.yaml +++ b/ceilometer/templates/daemonset-compute.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.daemonset_compute }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.compute }} {{- $mounts_ceilometer_compute := .Values.pod.mounts.ceilometer_compute.ceilometer_compute }} {{- $mounts_ceilometer_compute_init := .Values.pod.mounts.ceilometer_compute.init_container }} {{- $serviceAccountName := "ceilometer-compute" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "compute" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -47,7 +46,7 @@ spec: nodeSelector: {{ .Values.labels.compute.node_selector_key }}: {{ .Values.labels.compute.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_ceilometer_compute_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "compute" $mounts_ceilometer_compute_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-compute image: {{ .Values.images.tags.ceilometer_compute }} diff --git a/ceilometer/templates/deployment-api.yaml b/ceilometer/templates/deployment-api.yaml index 81b2390302..832ac337c1 100644 --- a/ceilometer/templates/deployment-api.yaml +++ b/ceilometer/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_ceilometer_api := .Values.pod.mounts.ceilometer_api.ceilometer_api }} {{- $mounts_ceilometer_api_init := .Values.pod.mounts.ceilometer_api.init_container }} {{- $serviceAccountName := "ceilometer-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_ceilometer_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_ceilometer_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-api image: {{ .Values.images.tags.ceilometer_api }} diff --git a/ceilometer/templates/deployment-central.yaml b/ceilometer/templates/deployment-central.yaml index 03c8ca2513..a069161e37 100644 --- a/ceilometer/templates/deployment-central.yaml +++ b/ceilometer/templates/deployment-central.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_central }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.central }} {{- $mounts_ceilometer_central := .Values.pod.mounts.ceilometer_central.ceilometer_central }} {{- $mounts_ceilometer_central_init := .Values.pod.mounts.ceilometer_central.init_container }} {{- $serviceAccountName := "ceilometer-central" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "central" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.central.node_selector_key }}: {{ .Values.labels.central.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_ceilometer_central_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "central" $mounts_ceilometer_central_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-central image: {{ .Values.images.tags.ceilometer_central }} diff --git a/ceilometer/templates/deployment-collector.yaml b/ceilometer/templates/deployment-collector.yaml index 15c7b27d7d..6c5dd7d6aa 100644 --- a/ceilometer/templates/deployment-collector.yaml +++ b/ceilometer/templates/deployment-collector.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_collector }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.collector }} {{- $mounts_ceilometer_collector := .Values.pod.mounts.ceilometer_collector.ceilometer_collector }} {{- $mounts_ceilometer_collector_init := .Values.pod.mounts.ceilometer_collector.init_container }} {{- $serviceAccountName := "ceilometer-collector" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "collector" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.collector.node_selector_key }}: {{ .Values.labels.collector.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_ceilometer_collector_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "collector" $mounts_ceilometer_collector_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-collector image: {{ .Values.images.tags.ceilometer_collector }} diff --git a/ceilometer/templates/deployment-notification.yaml b/ceilometer/templates/deployment-notification.yaml index 2e1771a918..5b9d1aae2a 100644 --- a/ceilometer/templates/deployment-notification.yaml +++ b/ceilometer/templates/deployment-notification.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_notification }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.notification }} {{- $mounts_ceilometer_notification := .Values.pod.mounts.ceilometer_notification.ceilometer_notification }} {{- $mounts_ceilometer_notification_init := .Values.pod.mounts.ceilometer_notification.init_container }} {{- $serviceAccountName := "ceilometer-notification" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "notification" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.notification.node_selector_key }}: {{ .Values.labels.notification.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_ceilometer_notification_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "notification" $mounts_ceilometer_notification_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-notification image: {{ .Values.images.tags.ceilometer_notification }} diff --git a/ceilometer/templates/job-db-init-mongodb.yaml b/ceilometer/templates/job-db-init-mongodb.yaml index 4b362521ed..49be0d5d6c 100644 --- a/ceilometer/templates/job-db-init-mongodb.yaml +++ b/ceilometer/templates/job-db-init-mongodb.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_db_init_mongodb }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.db_init_mongodb }} {{- $serviceAccountName := "ceilometer-db-init-mongodb" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_init_mongodb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -33,7 +32,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_init_mongodb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceilometer-db-init-mongodb image: {{ .Values.images.tags.db_init_mongodb }} diff --git a/ceilometer/templates/job-image-repo-sync.yaml b/ceilometer/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..de8291f138 --- /dev/null +++ b/ceilometer/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ceilometer" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ceilometer/templates/pod-rally-test.yaml b/ceilometer/templates/pod-rally-test.yaml index c6084c4c68..c65973994b 100644 --- a/ceilometer/templates/pod-rally-test.yaml +++ b/ceilometer/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.ceilometer_tests.ceilometer_tests }} {{- $mounts_tests_init := .Values.pod.mounts.ceilometer_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml index c29de64251..db98b56979 100644 --- a/ceilometer/values.yaml +++ b/ceilometer/values.yaml @@ -58,7 +58,13 @@ images: ceilometer_compute: quay.io/larryrensing/ubuntu-source-ceilometer-compute:3.0.3 ceilometer_notification: quay.io/larryrensing/ubuntu-source-ceilometer-notification:3.0.3 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync network: api: @@ -1492,6 +1498,14 @@ conf: override: null dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ceilometer-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -1616,6 +1630,10 @@ dependencies: service: metering - endpoint: internal service: metric + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -1644,6 +1662,18 @@ bootstrap: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -1943,6 +1973,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -1958,6 +1995,7 @@ manifests: job_db_init: true job_db_init_mongodb: true job_db_sync: true + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/ceph-client/templates/configmap-bin.yaml b/ceph-client/templates/configmap-bin.yaml index e34a33ad2f..5b8e5bc7a6 100644 --- a/ceph-client/templates/configmap-bin.yaml +++ b/ceph-client/templates/configmap-bin.yaml @@ -22,6 +22,11 @@ kind: ConfigMap metadata: name: ceph-client-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} + {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} @@ -57,4 +62,3 @@ data: {{ tuple "bin/rgw/_init_keystone.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} - diff --git a/ceph-client/templates/deployment-cephfs-provisioner.yaml b/ceph-client/templates/deployment-cephfs-provisioner.yaml index 3930b67309..9e30e113ec 100644 --- a/ceph-client/templates/deployment-cephfs-provisioner.yaml +++ b/ceph-client/templates/deployment-cephfs-provisioner.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_cephfs_provisioner .Values.deployment.cephfs_provisioner }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cephfs_provisioner }} {{- $serviceAccountName := printf "%s-%s" .Release.Name "ceph-cephfs-provisioner" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cephfs_provisioner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -147,7 +146,7 @@ spec: nodeSelector: {{ .Values.labels.provisioner.node_selector_key }}: {{ .Values.labels.provisioner.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "cephfs_provisioner" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-cephfs-provisioner image: {{ .Values.images.tags.ceph_cephfs_provisioner }} diff --git a/ceph-client/templates/deployment-mds.yaml b/ceph-client/templates/deployment-mds.yaml index 469fc8cfc9..7df88fbcaa 100644 --- a/ceph-client/templates/deployment-mds.yaml +++ b/ceph-client/templates/deployment-mds.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_mds ( and .Values.deployment.ceph .Values.conf.features.mds) }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.mds }} {{- $serviceAccountName := "ceph-mds"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "mds" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: Deployment apiVersion: apps/v1beta1 @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.mds.node_selector_key }}: {{ .Values.labels.mds.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "mds" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-init-dirs image: {{ .Values.images.tags.ceph_mds }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ceph-client/templates/deployment-mgr.yaml b/ceph-client/templates/deployment-mgr.yaml index 513fe9ad7c..098c7e5511 100644 --- a/ceph-client/templates/deployment-mgr.yaml +++ b/ceph-client/templates/deployment-mgr.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_mgr (and .Values.deployment.ceph .Values.conf.features.mgr ) }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.mgr }} {{- $serviceAccountName := "ceph-mgr"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "mgr" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: Deployment apiVersion: apps/v1beta1 @@ -42,7 +41,7 @@ spec: hostNetwork: true dnsPolicy: {{ .Values.pod.dns_policy }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "mgr" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-init-dirs image: {{ .Values.images.tags.ceph_mgr }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ceph-client/templates/deployment-rbd-provisioner.yaml b/ceph-client/templates/deployment-rbd-provisioner.yaml index 45ac0fdae6..9033b77806 100644 --- a/ceph-client/templates/deployment-rbd-provisioner.yaml +++ b/ceph-client/templates/deployment-rbd-provisioner.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_rbd_provisioner .Values.deployment.rbd_provisioner }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.rbd_provisioner }} {{- $serviceAccountName := printf "%s-%s" .Release.Name "ceph-rbd-provisioner" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "rbd_provisioner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 @@ -137,7 +136,7 @@ spec: nodeSelector: {{ .Values.labels.provisioner.node_selector_key }}: {{ .Values.labels.provisioner.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "rbd_provisioner" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-rbd-provisioner image: {{ .Values.images.tags.ceph_rbd_provisioner }} diff --git a/ceph-client/templates/deployment-rgw.yaml b/ceph-client/templates/deployment-rgw.yaml index 91abf8ff96..8bdb51b92a 100644 --- a/ceph-client/templates/deployment-rgw.yaml +++ b/ceph-client/templates/deployment-rgw.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_rgw ( and .Values.deployment.ceph .Values.conf.features.rgw ) }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.rgw }} {{- $serviceAccountName := "ceph-rgw"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "rgw" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: Deployment apiVersion: apps/v1beta1 @@ -38,7 +37,7 @@ spec: nodeSelector: {{ .Values.labels.rgw.node_selector_key }}: {{ .Values.labels.rgw.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "rgw" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-init-dirs image: {{ .Values.images.tags.ceph_rgw }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ceph-client/templates/job-bootstrap.yaml b/ceph-client/templates/job-bootstrap.yaml index eeafaefd9f..2c5bd7815f 100644 --- a/ceph-client/templates/job-bootstrap.yaml +++ b/ceph-client/templates/job-bootstrap.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.bootstrap }} {{- $serviceAccountName := "ceph-client-bootstrap"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "bootstrap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-client-bootstrap image: {{ .Values.images.tags.ceph_bootstrap }} diff --git a/ceph-client/templates/job-cephfs-client-key.yaml b/ceph-client/templates/job-cephfs-client-key.yaml index fc17463269..0b1399e1d1 100644 --- a/ceph-client/templates/job-cephfs-client-key.yaml +++ b/ceph-client/templates/job-cephfs-client-key.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if and .Values.manifests.job_cephfs_client_key .Values.deployment.cephfs_provisioner }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cephfs_client_key_generator }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := "ceph-cephfs-client-key-generator" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cephfs_client_key_generator" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -94,7 +93,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "cephfs_client_key_generator" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-storage-keys-generator image: {{ .Values.images.tags.ceph_config_helper }} diff --git a/ceph-client/templates/job-image-repo-sync.yaml b/ceph-client/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..1814e9aef2 --- /dev/null +++ b/ceph-client/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ceph-client" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ceph-client/templates/job-namespace-client-key-cleaner.yaml b/ceph-client/templates/job-namespace-client-key-cleaner.yaml index d87d1cba3d..f6464375da 100644 --- a/ceph-client/templates/job-namespace-client-key-cleaner.yaml +++ b/ceph-client/templates/job-namespace-client-key-cleaner.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if and .Values.manifests.job_namespace_client_key_cleaner .Values.deployment.client_secrets }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.namespace_client_key_cleaner }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := print "ceph-namespace-client-key-cleaner-" $randStringSuffix }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "namespace_client_key_cleaner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -67,7 +66,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "namespace_client_key_cleaner" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-namespace-client-keys-cleaner image: {{ .Values.images.tags.ceph_config_helper }} diff --git a/ceph-client/templates/job-namespace-client-key.yaml b/ceph-client/templates/job-namespace-client-key.yaml index bcb00fb16e..4e6dad4dc4 100644 --- a/ceph-client/templates/job-namespace-client-key.yaml +++ b/ceph-client/templates/job-namespace-client-key.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if and .Values.manifests.job_namespace_client_key .Values.deployment.client_secrets }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.namespace_client_key_generator }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := "ceph-namespace-client-key-generator" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "namespace_client_key_generator" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -94,7 +93,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "namespace_client_key_generator" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-storage-keys-generator image: {{ .Values.images.tags.ceph_config_helper }} diff --git a/ceph-client/templates/job-rbd-pool.yaml b/ceph-client/templates/job-rbd-pool.yaml index 1f4b210b39..dd832bb439 100644 --- a/ceph-client/templates/job-rbd-pool.yaml +++ b/ceph-client/templates/job-rbd-pool.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.job_rbd_pool .Values.deployment.ceph }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.rbd_pool }} {{- $serviceAccountName := "ceph-rbd-pool" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "rbd_pool" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -39,7 +38,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "rbd_pool" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-rbd-pool image: {{ .Values.images.tags.ceph_rbd_pool }} diff --git a/ceph-client/values.yaml b/ceph-client/values.yaml index 53f3dbe7f7..3877feb7ae 100644 --- a/ceph-client/values.yaml +++ b/ceph-client/values.yaml @@ -36,6 +36,12 @@ images: ks_endpoints: 'docker.io/openstackhelm/heat:newton' ks_service: 'docker.io/openstackhelm/heat:newton' ks_user: 'docker.io/openstackhelm/heat:newton' + image_repo_sync: docker.io/docker:17.07.0 + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: job: @@ -133,6 +139,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" secrets: keyrings: @@ -279,6 +292,14 @@ conf: ms_bind_port_max: 7100 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ceph-client-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: bootstrap: jobs: null @@ -344,6 +365,10 @@ dependencies: services: - endpoint: internal service: ceph_mon + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry bootstrap: enabled: false @@ -410,6 +435,18 @@ storageclass: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone namespace: null @@ -500,6 +537,7 @@ manifests: deployment_mgr: true job_bootstrap: false job_cephfs_client_key: true + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/ceph-mon/templates/configmap-bin.yaml b/ceph-mon/templates/configmap-bin.yaml index 7a17232726..d13967a549 100644 --- a/ceph-mon/templates/configmap-bin.yaml +++ b/ceph-mon/templates/configmap-bin.yaml @@ -22,6 +22,11 @@ kind: ConfigMap metadata: name: ceph-mon-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} + {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/ceph-mon/templates/daemonset-mon.yaml b/ceph-mon/templates/daemonset-mon.yaml index 7ae43f0a7c..303a854691 100644 --- a/ceph-mon/templates/daemonset-mon.yaml +++ b/ceph-mon/templates/daemonset-mon.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.daemonset_mon .Values.deployment.ceph }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.mon }} {{- $serviceAccountName := "ceph-mon"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "mon" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -63,7 +62,7 @@ spec: hostNetwork: true dnsPolicy: {{ .Values.pod.dns_policy }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "mon" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-init-dirs image: {{ .Values.images.tags.ceph_mon }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ceph-mon/templates/deployment-moncheck.yaml b/ceph-mon/templates/deployment-moncheck.yaml index 576a0cfb48..4e78b9367b 100644 --- a/ceph-mon/templates/deployment-moncheck.yaml +++ b/ceph-mon/templates/deployment-moncheck.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.deployment_moncheck .Values.deployment.ceph }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.moncheck }} {{- $serviceAccountName := "ceph-mon-check"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "moncheck" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- kind: Deployment apiVersion: apps/v1beta1 @@ -38,7 +37,7 @@ spec: nodeSelector: {{ .Values.labels.mon.node_selector_key }}: {{ .Values.labels.mon.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "moncheck" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-mon image: {{ .Values.images.tags.ceph_mon_check }} diff --git a/ceph-mon/templates/job-bootstrap.yaml b/ceph-mon/templates/job-bootstrap.yaml index 1d8b02df2a..28123cc63b 100644 --- a/ceph-mon/templates/job-bootstrap.yaml +++ b/ceph-mon/templates/job-bootstrap.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.bootstrap }} {{- $serviceAccountName := "ceph-bootstrap"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "bootstrap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-bootstrap image: {{ .Values.images.tags.ceph_bootstrap }} diff --git a/ceph-mon/templates/job-image-repo-sync.yaml b/ceph-mon/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..4a0b567a8f --- /dev/null +++ b/ceph-mon/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ceph-mon" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ceph-mon/templates/job-keyring.yaml b/ceph-mon/templates/job-keyring.yaml index caf5aa6c15..1a4c5d232e 100644 --- a/ceph-mon/templates/job-keyring.yaml +++ b/ceph-mon/templates/job-keyring.yaml @@ -20,10 +20,8 @@ limitations under the License. {{- if not (and (not $envAll.Values.manifests.deployment_rgw) (eq $cephBootstrapKey "rgw")) }} {{- $jobName := print $cephBootstrapKey "-keyring-generator" }} -{{- $dependencies := $envAll.Values.dependencies.static.job_keyring_generator }} - {{- $serviceAccountName := print "ceph-" $jobName }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "job_keyring_generator" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -67,7 +65,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "job_keyring_generator" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-{{ $jobName }} image: {{ $envAll.Values.images.tags.ceph_config_helper }} diff --git a/ceph-mon/templates/job-storage-admin-keys.yaml b/ceph-mon/templates/job-storage-admin-keys.yaml index 1ebd3d4af7..2300926826 100644 --- a/ceph-mon/templates/job-storage-admin-keys.yaml +++ b/ceph-mon/templates/job-storage-admin-keys.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.job_storage_admin_keys .Values.deployment.storage_secrets }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.storage_keys_generator }} {{- $serviceAccountName := "ceph-storage-keys-generator" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "storage_keys_generator" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -63,7 +62,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.job.node_selector_key }}: {{ $envAll.Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "storage_keys_generator" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ceph-storage-keys-generator image: {{ .Values.images.tags.ceph_config_helper }} diff --git a/ceph-mon/values.yaml b/ceph-mon/values.yaml index e295f6f371..ba0a5a442d 100644 --- a/ceph-mon/values.yaml +++ b/ceph-mon/values.yaml @@ -24,6 +24,12 @@ images: ceph_mon: 'docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04' ceph_mon_check: 'docker.io/port/ceph-config-helper:v1.10.1' dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.0' + image_repo_sync: docker.io/docker:17.07.0 + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: job: @@ -74,6 +80,13 @@ pod: requests: memory: "128Mi" cpu: "500m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" secrets: keyrings: @@ -140,6 +153,14 @@ conf: directory: /var/lib/openstack-helm/ceph/mon dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ceph-mon-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: bootstrap: jobs: null @@ -161,6 +182,10 @@ dependencies: service: ceph_mon storage_keys_generator: jobs: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry bootstrap: enabled: false @@ -203,6 +228,18 @@ storageclass: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 ceph_mon: namespace: null hosts: @@ -221,6 +258,7 @@ manifests: daemonset_mon: true deployment_moncheck: true deployment_rgw: true + job_image_repo_sync: true job_bootstrap: true job_keyring: true service_mon: true diff --git a/ceph-osd/templates/configmap-bin.yaml b/ceph-osd/templates/configmap-bin.yaml index f4bc33a5b8..c2f44e9a5b 100644 --- a/ceph-osd/templates/configmap-bin.yaml +++ b/ceph-osd/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: ceph-osd-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} osd-start.sh: | {{ tuple "bin/osd/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} osd-directory.sh: | diff --git a/ceph-osd/templates/daemonset-osd.yaml b/ceph-osd/templates/daemonset-osd.yaml index 558313c7d7..20f4071d94 100644 --- a/ceph-osd/templates/daemonset-osd.yaml +++ b/ceph-osd/templates/daemonset-osd.yaml @@ -19,8 +19,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} --- kind: DaemonSet @@ -40,7 +39,7 @@ spec: hostPID: true dnsPolicy: {{ .Values.pod.dns_policy }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "osd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-init-dirs image: {{ .Values.images.tags.ceph_osd }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -253,9 +252,8 @@ spec: {{- $daemonset := "osd" }} {{- $configMapName := "ceph-osd-etc" }} {{- $serviceAccountName := "ceph-osd"}} -{{- $dependencies := .Values.dependencies.static.osd }} -{{ tuple . $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "ceph.osd.daemonset" | toString | fromYaml }} +{{ tuple . "osd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "ceph.osd.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "ceph.osd.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "ceph.utils.osd_daemonset_overrides" }} {{- end }} diff --git a/ceph-osd/templates/job-image-repo-sync.yaml b/ceph-osd/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..8212dafb0e --- /dev/null +++ b/ceph-osd/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ceph-osd" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ceph-osd/values.yaml b/ceph-osd/values.yaml index 4905d31530..f6b1d27140 100644 --- a/ceph-osd/values.yaml +++ b/ceph-osd/values.yaml @@ -18,6 +18,12 @@ images: ceph_osd: 'docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04' ceph_bootstrap: 'docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04' dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.0' + image_repo_sync: docker.io/docker:17.07.0 + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: job: @@ -44,6 +50,15 @@ pod: limits: memory: "1024Mi" cpu: "1000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + secrets: keyrings: osd: ceph-bootstrap-osd-keyring @@ -109,6 +124,14 @@ conf: # location: /var/lib/openstack-helm/ceph/osd/journal-three dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ceph-osd-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: osd: jobs: @@ -117,6 +140,10 @@ dependencies: services: - endpoint: internal service: ceph_mon + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry bootstrap: enabled: false @@ -133,6 +160,18 @@ bootstrap: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 ceph_mon: namespace: null hosts: @@ -148,3 +187,4 @@ manifests: configmap_bin: true configmap_etc: true daemonset_osd: true + job_image_repo_sync: true diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml index acbdf47387..f0d3450606 100644 --- a/cinder/templates/configmap-bin.yaml +++ b/cinder/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: cinder-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} rally-test.sh: | {{ tuple $rallyTests | include "helm-toolkit.scripts.rally_test" | indent 4 }} db-init.py: | diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml index 61e932b31f..28dab32614 100644 --- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.cron_volume_usage_audit }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.volume_usage_audit }} {{- $mounts_cinder_volume_usage_audit := .Values.pod.mounts.cinder_volume_usage_audit.cinder_volume_usage_audit }} {{- $mounts_cinder_volume_usage_audit_init := .Values.pod.mounts.cinder_volume_usage_audit.init_container }} {{- $serviceAccountName := "cinder-volume-usage-audit" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "volume_usage_audit" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1beta1 kind: CronJob @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_cinder_volume_usage_audit_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "volume_usage_audit" $mounts_cinder_volume_usage_audit_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} containers: - name: cinder-volume-usage-audit image: {{ .Values.images.tags.cinder_volume_usage_audit }} diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml index 9daadc3c12..d0c87c5b68 100644 --- a/cinder/templates/deployment-api.yaml +++ b/cinder/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_cinder_api := .Values.pod.mounts.cinder_api.cinder_api }} {{- $mounts_cinder_api_init := .Values.pod.mounts.cinder_api.init_container }} {{- $serviceAccountName := "cinder-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_cinder_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_cinder_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - name: ceph-coordination-volume-perms image: {{ .Values.images.tags.cinder_backup }} diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml index 5c4e9a0117..426925926f 100644 --- a/cinder/templates/deployment-backup.yaml +++ b/cinder/templates/deployment-backup.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_backup }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.backup }} {{- $mounts_cinder_backup := .Values.pod.mounts.cinder_backup.cinder_backup }} {{- $mounts_cinder_backup_init := .Values.pod.mounts.cinder_backup.init_container }} {{- $serviceAccountName := "cinder-backup" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "backup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.backup.node_selector_key }}: {{ .Values.labels.backup.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_cinder_backup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "backup" $mounts_cinder_backup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }} - name: ceph-backup-keyring-placement image: {{ .Values.images.tags.cinder_backup }} diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml index 72515fd275..da5322a2b1 100644 --- a/cinder/templates/deployment-scheduler.yaml +++ b/cinder/templates/deployment-scheduler.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_scheduler }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.scheduler }} {{- $mounts_cinder_scheduler := .Values.pod.mounts.cinder_scheduler.cinder_scheduler }} {{- $mounts_cinder_scheduler_init := .Values.pod.mounts.cinder_scheduler.init_container }} {{- $serviceAccountName := "cinder-scheduler" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "scheduler" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.scheduler.node_selector_key }}: {{ .Values.labels.scheduler.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_cinder_scheduler_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "scheduler" $mounts_cinder_scheduler_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} - name: ceph-coordination-volume-perms image: {{ .Values.images.tags.cinder_backup }} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index d721be97c3..09cfd5e046 100644 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_volume }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.volume }} {{- $mounts_cinder_volume := .Values.pod.mounts.cinder_volume.cinder_volume }} {{- $mounts_cinder_volume_init := .Values.pod.mounts.cinder_volume.init_container }} {{- $serviceAccountName := "cinder-volume" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "volume" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.volume.node_selector_key }}: {{ .Values.labels.volume.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_cinder_volume_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "volume" $mounts_cinder_volume_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if include "cinder.is_ceph_volume_configured" $envAll }} - name: ceph-keyring-placement image: {{ .Values.images.tags.cinder_volume }} diff --git a/cinder/templates/job-backup-storage-init.yaml b/cinder/templates/job-backup-storage-init.yaml index 996692df45..e375d3adc0 100644 --- a/cinder/templates/job-backup-storage-init.yaml +++ b/cinder/templates/job-backup-storage-init.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_backup_storage_init }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.backup_storage_init }} {{- $serviceAccountName := "cinder-backup-storage-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "backup_storage_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -64,7 +63,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "backup_storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph" }} - name: ceph-keyring-placement image: {{ .Values.images.tags.cinder_backup_storage_init }} diff --git a/cinder/templates/job-clean.yaml b/cinder/templates/job-clean.yaml index 005d353c1f..87f8f7c31a 100644 --- a/cinder/templates/job-clean.yaml +++ b/cinder/templates/job-clean.yaml @@ -17,12 +17,11 @@ limitations under the License. {{- if .Values.manifests.job_clean }} {{- $envAll := . }} {{ if or (eq .Values.conf.cinder.DEFAULT.backup_driver "cinder.backup.drivers.ceph") (include "cinder.is_ceph_volume_configured" $envAll) }} -{{- $dependencies := .Values.dependencies.static.clean }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := print "cinder-clean-" $randStringSuffix }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "clean" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -68,7 +67,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "clean" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- if include "cinder.is_ceph_volume_configured" $envAll }} - name: cinder-volume-rbd-secret-clean diff --git a/cinder/templates/job-image-repo-sync.yaml b/cinder/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..708694f927 --- /dev/null +++ b/cinder/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "cinder" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/cinder/templates/job-storage-init.yaml b/cinder/templates/job-storage-init.yaml index 7878e99beb..69f8b6b3bf 100644 --- a/cinder/templates/job-storage-init.yaml +++ b/cinder/templates/job-storage-init.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_storage_init }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.storage_init }} {{- $serviceAccountName := "cinder-storage-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "storage_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -64,7 +63,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if include "cinder.is_ceph_volume_configured" $envAll }} - name: ceph-keyring-placement image: {{ .Values.images.tags.cinder_storage_init }} diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml index 26eb27fd42..0cf3b3f6f6 100644 --- a/cinder/templates/pod-rally-test.yaml +++ b/cinder/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.cinder_tests.cinder_tests }} {{- $mounts_tests_init := .Values.pod.mounts.cinder_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/cinder/values.yaml b/cinder/values.yaml index b298096013..415f8f1310 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -60,7 +60,13 @@ images: cinder_backup: docker.io/openstackhelm/cinder:newton cinder_backup_storage_init: docker.io/ceph/daemon:tag-build-master-luminous-ubuntu-16.04 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync jobs: volume_usage_audit: @@ -233,6 +239,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" bootstrap: enabled: true @@ -781,6 +794,14 @@ backup: size: 10Gi dependencies: + dynamic: + common: + local_image_registry: + jobs: + - cinder-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -888,6 +909,10 @@ dependencies: service: identity - endpoint: internal service: volume + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -910,6 +935,18 @@ secrets: # services. endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -1090,6 +1127,7 @@ manifests: job_bootstrap: true job_clean: true job_db_init: true + job_image_repo_sync: true job_rabbit_init: true job_db_sync: true job_db_drop: false diff --git a/congress/templates/configmap-bin.yaml b/congress/templates/configmap-bin.yaml index ff7603d79e..5f760ffe67 100644 --- a/congress/templates/configmap-bin.yaml +++ b/congress/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: congress-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/congress/templates/deployment-api.yaml b/congress/templates/deployment-api.yaml index 999ac559df..e09408d486 100644 --- a/congress/templates/deployment-api.yaml +++ b/congress/templates/deployment-api.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $serviceAccountName := "congress-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: Deployment @@ -37,7 +36,7 @@ spec: affinity: {{ tuple $envAll "congress" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} nodeSelector: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} containers: diff --git a/congress/templates/deployment-datasource.yaml b/congress/templates/deployment-datasource.yaml index 341028d790..c621f1782d 100644 --- a/congress/templates/deployment-datasource.yaml +++ b/congress/templates/deployment-datasource.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.deployment_datasource }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.datasource }} {{- $serviceAccountName := "congress-datasource-dep" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "datasource" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: Deployment @@ -37,7 +36,7 @@ spec: affinity: {{ tuple $envAll "congress" "datasource" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "datasource" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} nodeSelector: {{ .Values.labels.datasource.node_selector_key }}: {{ .Values.labels.datasource.node_selector_value }} containers: diff --git a/congress/templates/deployment-policy-engine.yaml b/congress/templates/deployment-policy-engine.yaml index 0bfff049ac..161274433a 100644 --- a/congress/templates/deployment-policy-engine.yaml +++ b/congress/templates/deployment-policy-engine.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.deployment_policy_engine }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.policy_engine }} {{- $serviceAccountName := "congress-policy-engine-dep" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "policy_engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: Deployment @@ -37,7 +36,7 @@ spec: affinity: {{ tuple $envAll "congress" "policy_engine" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "policy_engine" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} nodeSelector: {{ .Values.labels.policy_engine.node_selector_key }}: {{ .Values.labels.policy_engine.node_selector_value }} containers: diff --git a/congress/templates/job-ds-create.yaml b/congress/templates/job-ds-create.yaml index 750394cb98..ed86cbc7ea 100644 --- a/congress/templates/job-ds-create.yaml +++ b/congress/templates/job-ds-create.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ds_create }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ds_create }} {{- $serviceAccountName := "congress-ds-create" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ds_create" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ds_create" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: congress-ds-create image: {{ .Values.images.tags.congress_ds_create }} diff --git a/congress/templates/job-image-repo-sync.yaml b/congress/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..1df50584f0 --- /dev/null +++ b/congress/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "congress" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/congress/templates/pod-test.yaml b/congress/templates/pod-test.yaml index e81206e522..6ddf629263 100644 --- a/congress/templates/pod-test.yaml +++ b/congress/templates/pod-test.yaml @@ -15,10 +15,9 @@ limitations under the License. */}} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $serviceAccountName := print .Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod diff --git a/congress/values.yaml b/congress/values.yaml index 526d5297e3..23c301077a 100644 --- a/congress/values.yaml +++ b/congress/values.yaml @@ -48,7 +48,13 @@ images: congress_ds_create: docker.io/openstackhelm/congress:newton congress_scripted_test: docker.io/openstackhelm/congress:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync network: api: @@ -68,6 +74,14 @@ volume: size: 2Gi dependencies: + dynamic: + common: + local_image_registry: + jobs: + - congress-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -166,6 +180,10 @@ dependencies: service: identity - endpoint: internal service: policy + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry secrets: identity: @@ -187,6 +205,18 @@ bootstrap: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -478,6 +508,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -491,6 +528,7 @@ manifests: job_db_init: true job_db_sync: true job_ds_create: true + job_image_repo_sync: true job_rabbit_init: true job_ks_endpoints: true job_ks_service: true diff --git a/etcd/templates/configmap-bin.yaml b/etcd/templates/configmap-bin.yaml index 14d37a52a6..425416abe5 100644 --- a/etcd/templates/configmap-bin.yaml +++ b/etcd/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: {{ $configMapBinName }} data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} etcd.sh: | {{ tuple "bin/_etcd.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} diff --git a/etcd/templates/deployment.yaml b/etcd/templates/deployment.yaml index be98a76cd0..d778f70435 100644 --- a/etcd/templates/deployment.yaml +++ b/etcd/templates/deployment.yaml @@ -15,12 +15,10 @@ {{- if .Values.manifests.deployment }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.etcd }} - {{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "etcd" }} {{- $configMapBinName := printf "%s-%s" $envAll.Release.Name "etcd-bin" }} -{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "etcd" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -40,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "etcd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: etcd image: {{ .Values.images.tags.etcd }} diff --git a/etcd/templates/job-image-repo-sync.yaml b/etcd/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..e171159b66 --- /dev/null +++ b/etcd/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "etcd" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/etcd/values.yaml b/etcd/values.yaml index 8be78a1a22..bb5d883030 100644 --- a/etcd/values.yaml +++ b/etcd/values.yaml @@ -21,7 +21,13 @@ images: tags: etcd: 'gcr.io/google_containers/etcd-amd64:2.2.5' dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - pull_policy: IfNotPresent + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: server: @@ -29,7 +35,19 @@ labels: node_selector_value: enabled dependencies: + dynamic: + common: + local_image_registry: + jobs: + - etcd-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry etcd: jobs: null @@ -50,9 +68,30 @@ pod: rolling_update: max_surge: 3 max_unavailable: 1 + resources: + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 etcd: name: etcd hosts: @@ -70,4 +109,5 @@ endpoints: manifests: configmap_bin: true deployment: true + job_image_repo_sync: true service: true diff --git a/glance/templates/configmap-bin.yaml b/glance/templates/configmap-bin.yaml index bf8dea148b..a3cf1eab50 100644 --- a/glance/templates/configmap-bin.yaml +++ b/glance/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: glance-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml index 96f74b356d..68b9ddb107 100644 --- a/glance/templates/deployment-api.yaml +++ b/glance/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_glance_api := .Values.pod.mounts.glance_api.glance_api }} {{- $mounts_glance_api_init := .Values.pod.mounts.glance_api.init_container }} {{- $serviceAccountName := "glance-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "600" }} initContainers: -{{ tuple $envAll $dependencies $mounts_glance_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_glance_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: glance-perms image: {{ .Values.images.tags.glance_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml index ed670bfbd4..338d57c11a 100644 --- a/glance/templates/deployment-registry.yaml +++ b/glance/templates/deployment-registry.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_registry }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.registry }} {{- $mounts_glance_registry := .Values.pod.mounts.glance_registry.glance_registry }} {{- $mounts_glance_registry_init := .Values.pod.mounts.glance_registry.init_container }} {{- $serviceAccountName := "glance-registry" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "registry" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.registry.node_selector_key }}: {{ .Values.labels.registry.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.registry.timeout | default "600" }} initContainers: -{{ tuple $envAll $dependencies $mounts_glance_registry_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "registry" $mounts_glance_registry_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: glance-registry image: {{ .Values.images.tags.glance_registry }} diff --git a/glance/templates/job-clean.yaml b/glance/templates/job-clean.yaml index 9dd15912a9..66401eb774 100644 --- a/glance/templates/job-clean.yaml +++ b/glance/templates/job-clean.yaml @@ -17,12 +17,11 @@ limitations under the License. {{- if .Values.manifests.job_clean }} {{- $envAll := . }} {{- if .Values.bootstrap.enabled }} -{{- $dependencies := .Values.dependencies.static.clean }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := print "glance-clean-" $randStringSuffix }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "clean" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -68,7 +67,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "clean" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- if eq .Values.storage "rbd" }} - name: glance-secret-clean diff --git a/glance/templates/job-image-repo-sync.yaml b/glance/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..0b59a332dd --- /dev/null +++ b/glance/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "glance" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/glance/templates/job-storage-init.yaml b/glance/templates/job-storage-init.yaml index 85013c455a..eb4727c709 100644 --- a/glance/templates/job-storage-init.yaml +++ b/glance/templates/job-storage-init.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_storage_init }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.storage_init }} {{- $serviceAccountName := "glance-storage-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "storage_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -64,7 +63,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{ if or (eq .Values.storage "rbd") (eq .Values.storage "radosgw") }} - name: ceph-keyring-placement image: {{ .Values.images.tags.glance_api }} diff --git a/glance/templates/pod-rally-test.yaml b/glance/templates/pod-rally-test.yaml index e82c116745..7b3cb67c3b 100644 --- a/glance/templates/pod-rally-test.yaml +++ b/glance/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.glance_tests.glance_tests }} {{- $mounts_tests_init := .Values.pod.mounts.glance_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: restartPolicy: Never serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/glance/values.yaml b/glance/values.yaml index 956a621641..44974cf49a 100644 --- a/glance/values.yaml +++ b/glance/values.yaml @@ -52,7 +52,13 @@ images: # Bootstrap image requires curl bootstrap: docker.io/openstackhelm/heat:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync bootstrap: enabled: true @@ -326,6 +332,14 @@ volume: size: 2Gi dependencies: + dynamic: + common: + local_image_registry: + jobs: + - glance-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -406,6 +420,10 @@ dependencies: service: identity - endpoint: internal service: image + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -427,6 +445,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -696,6 +726,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -709,6 +746,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/gnocchi/templates/configmap-bin.yaml b/gnocchi/templates/configmap-bin.yaml index 5c227bc13a..0ea46461fc 100644 --- a/gnocchi/templates/configmap-bin.yaml +++ b/gnocchi/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: gnocchi-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/gnocchi/templates/daemonset-metricd.yaml b/gnocchi/templates/daemonset-metricd.yaml index c929643de4..09fabe710e 100644 --- a/gnocchi/templates/daemonset-metricd.yaml +++ b/gnocchi/templates/daemonset-metricd.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.daemonset_metricd }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.metricd }} {{- $mounts_gnocchi_metricd := .Values.pod.mounts.gnocchi_metricd.gnocchi_metricd }} {{- $mounts_gnocchi_metricd_init := .Values.pod.mounts.gnocchi_metricd.init_container }} {{- $serviceAccountName := "gnocchi-metricd" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "metricd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -42,7 +41,7 @@ spec: nodeSelector: {{ .Values.labels.metricd.node_selector_key }}: {{ .Values.labels.metricd.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_gnocchi_metricd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "metricd" $mounts_gnocchi_metricd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-keyring-placement image: {{ .Values.images.tags.gnocchi_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/gnocchi/templates/daemonset-statsd.yaml b/gnocchi/templates/daemonset-statsd.yaml index a43cd470a4..bbd8c2b69c 100644 --- a/gnocchi/templates/daemonset-statsd.yaml +++ b/gnocchi/templates/daemonset-statsd.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.daemonset_statsd }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.statsd }} {{- $mounts_gnocchi_statsd := .Values.pod.mounts.gnocchi_statsd.gnocchi_statsd }} {{- $mounts_gnocchi_statsd_init := .Values.pod.mounts.gnocchi_statsd.init_container }} {{- $serviceAccountName := "gnocchi-statsd" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "statsd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -41,7 +40,7 @@ spec: nodeSelector: {{ .Values.labels.statsd.node_selector_key }}: {{ .Values.labels.statsd.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_gnocchi_statsd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "statsd" $mounts_gnocchi_statsd_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-keyring-placement image: {{ .Values.images.tags.gnocchi_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/gnocchi/templates/deployment-api.yaml b/gnocchi/templates/deployment-api.yaml index a0bb647950..c575db5dc7 100644 --- a/gnocchi/templates/deployment-api.yaml +++ b/gnocchi/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_gnocchi_api := .Values.pod.mounts.gnocchi_api.gnocchi_api }} {{- $mounts_gnocchi_api_init := .Values.pod.mounts.gnocchi_api.init_container }} {{- $serviceAccountName := "gnocchi-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_gnocchi_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_gnocchi_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-keyring-placement image: {{ .Values.images.tags.gnocchi_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/gnocchi/templates/job-clean.yaml b/gnocchi/templates/job-clean.yaml index 2bfa74c68a..a17b98d371 100644 --- a/gnocchi/templates/job-clean.yaml +++ b/gnocchi/templates/job-clean.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if .Values.manifests.job_clean }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.clean }} {{- $randStringSuffix := randAlphaNum 5 | lower }} {{- $serviceAccountName := print "gnocchi-clean-" $randStringSuffix }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "clean" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -67,7 +66,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "clean" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: gnocchi-rbd-secret-clean image: {{ .Values.images.tags.gnocchi_storage_init }} diff --git a/gnocchi/templates/job-db-init-indexer.yaml b/gnocchi/templates/job-db-init-indexer.yaml index e71bff9704..a4025dd647 100644 --- a/gnocchi/templates/job-db-init-indexer.yaml +++ b/gnocchi/templates/job-db-init-indexer.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_db_init_indexer }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.db_init_postgresql }} {{- $serviceAccountName := "gnocchi-db-init-indexer" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_init_postgresql" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_init_postgresql" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: gnocchi-db-init-indexer image: {{ .Values.images.tags.db_init_indexer }} diff --git a/gnocchi/templates/job-db-sync.yaml b/gnocchi/templates/job-db-sync.yaml index faf6ec7449..ecd45746e3 100644 --- a/gnocchi/templates/job-db-sync.yaml +++ b/gnocchi/templates/job-db-sync.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_db_sync }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.db_sync }} {{- $serviceAccountName := "gnocchi-db-sync" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-keyring-placement image: {{ .Values.images.tags.gnocchi_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/gnocchi/templates/job-image-repo-sync.yaml b/gnocchi/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..7052de7b79 --- /dev/null +++ b/gnocchi/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "gnocchi" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/gnocchi/templates/job-storage-init.yaml b/gnocchi/templates/job-storage-init.yaml index 7eb14ed898..f049422a11 100644 --- a/gnocchi/templates/job-storage-init.yaml +++ b/gnocchi/templates/job-storage-init.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_storage_init }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.storage_init }} {{- $serviceAccountName := "gnocchi-storage-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "storage_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -64,7 +63,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "storage_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ceph-keyring-placement image: {{ .Values.images.tags.gnocchi_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/gnocchi/templates/pod-gnocchi-test.yaml b/gnocchi/templates/pod-gnocchi-test.yaml index 67ac81a5c6..2f884a39e2 100644 --- a/gnocchi/templates/pod-gnocchi-test.yaml +++ b/gnocchi/templates/pod-gnocchi-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_gnocchi_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_gnocchi_tests := .Values.pod.mounts.gnocchi_tests.gnocchi_tests }} {{- $mounts_gnocchi_tests_init := .Values.pod.mounts.gnocchi_tests.init_container }} {{- $serviceAccountName := print .Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: serviceAccountName: {{ $serviceAccountName }} restartPolicy: Never initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} containers: - name: {{.Release.Name}}-helm-tests image: {{ .Values.images.tags.gnocchi_api }} diff --git a/gnocchi/values.yaml b/gnocchi/values.yaml index 781fc9e7e0..2d4ab3ad78 100644 --- a/gnocchi/values.yaml +++ b/gnocchi/values.yaml @@ -36,7 +36,13 @@ images: gnocchi_api: quay.io/attcomdev/ubuntu-source-gnocchi-api:3.0.3 gnocchi_statsd: quay.io/attcomdev/ubuntu-source-gnocchi-statsd:3.0.3 gnocchi_metricd: quay.io/attcomdev/ubuntu-source-gnocchi-metricd:3.0.3 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync network: api: @@ -57,6 +63,14 @@ network: port: 8125 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - gnocchi-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -140,6 +154,10 @@ dependencies: service: oslo_db_postgresql - endpoint: internal service: metric + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry pod: user: @@ -263,6 +281,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" conf: apache: | @@ -406,6 +431,18 @@ bootstrap: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -532,6 +569,7 @@ manifests: job_db_drop: false job_db_init_indexer: true job_db_init: true + job_image_repo_sync: true secret_db_indexer: true job_db_sync: true job_ks_endpoints: true diff --git a/heat/templates/configmap-bin.yaml b/heat/templates/configmap-bin.yaml index b7079ba7bd..93a9ba4a37 100644 --- a/heat/templates/configmap-bin.yaml +++ b/heat/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: heat-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/heat/templates/cron-job-engine-cleaner.yaml b/heat/templates/cron-job-engine-cleaner.yaml index 5db6cd0b33..b48ebdf01d 100644 --- a/heat/templates/cron-job-engine-cleaner.yaml +++ b/heat/templates/cron-job-engine-cleaner.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.cron_job_engine_cleaner }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.engine_cleaner }} {{- $mounts_heat_engine_cleaner := .Values.pod.mounts.heat_engine_cleaner.heat_engine_cleaner }} {{- $mounts_heat_engine_cleaner_init := .Values.pod.mounts.heat_engine_cleaner.init_container }} {{- $serviceAccountName := "heat-engine-cleaner" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "engine_cleaner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1beta1 kind: CronJob @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_engine_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "engine_cleaner" $mounts_heat_engine_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} containers: - name: heat-engine-cleaner image: {{ .Values.images.tags.heat_engine_cleaner }} diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml index ce93dc4877..28c5e82dd7 100644 --- a/heat/templates/deployment-api.yaml +++ b/heat/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_heat_api := .Values.pod.mounts.heat_api.heat_api }} {{- $mounts_heat_api_init := .Values.pod.mounts.heat_api.init_container }} {{- $serviceAccountName := "heat-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_heat_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-api image: {{ .Values.images.tags.heat_api }} diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml index 71f7c3e60e..52e8f5bae1 100644 --- a/heat/templates/deployment-cfn.yaml +++ b/heat/templates/deployment-cfn.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_cfn }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cfn }} {{- $mounts_heat_cfn := .Values.pod.mounts.heat_cfn.heat_cfn }} {{- $mounts_heat_cfn_init := .Values.pod.mounts.heat_cfn.init_container }} {{- $serviceAccountName := "heat-cfn" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cfn" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.cfn.node_selector_key }}: {{ .Values.labels.cfn.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.cfn.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_cfn_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "cfn" $mounts_heat_cfn_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-cfn image: {{ .Values.images.tags.heat_cfn }} diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml index cdb06c02f3..95ded1fe8e 100644 --- a/heat/templates/deployment-cloudwatch.yaml +++ b/heat/templates/deployment-cloudwatch.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_cloudwatch }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cloudwatch }} {{- $mounts_heat_cloudwatch := .Values.pod.mounts.heat_cloudwatch.heat_cloudwatch }} {{- $mounts_heat_cloudwatch_init := .Values.pod.mounts.heat_cloudwatch.init_container }} {{- $serviceAccountName := "heat-cloudwatch" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cloudwatch" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.cloudwatch.node_selector_key }}: {{ .Values.labels.cloudwatch.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.cloudwatch.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_cloudwatch_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "cloudwatch" $mounts_heat_cloudwatch_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-cloudwatch image: {{ .Values.images.tags.heat_cloudwatch }} diff --git a/heat/templates/deployment-engine.yaml b/heat/templates/deployment-engine.yaml index 5931084aa8..bf899f1844 100644 --- a/heat/templates/deployment-engine.yaml +++ b/heat/templates/deployment-engine.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if or ( .Values.manifests.deployment_engine ) ( .Values.manifests.statefulset_engine ) }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.engine }} {{- $mounts_heat_engine := .Values.pod.mounts.heat_engine.heat_engine }} {{- $mounts_heat_engine_init := .Values.pod.mounts.heat_engine.init_container }} {{- $serviceAccountName := "heat-engine" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 metadata: @@ -54,7 +53,7 @@ spec: {{ .Values.labels.engine.node_selector_key }}: {{ .Values.labels.engine.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.engine.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "engine" $mounts_heat_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-engine image: {{ .Values.images.tags.heat_engine }} diff --git a/heat/templates/job-image-repo-sync.yaml b/heat/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..1f910f4318 --- /dev/null +++ b/heat/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "heat" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/heat/templates/job-ks-user-domain.yaml b/heat/templates/job-ks-user-domain.yaml index eeb27e7b02..1962fd4eaf 100644 --- a/heat/templates/job-ks-user-domain.yaml +++ b/heat/templates/job-ks-user-domain.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_user_domain }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_user }} {{- $serviceAccountName := "heat-ks-user-domain" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-ks-domain-user image: {{ .Values.images.tags.ks_user }} diff --git a/heat/templates/job-trusts.yaml b/heat/templates/job-trusts.yaml index 95b627670b..9343b56731 100644 --- a/heat/templates/job-trusts.yaml +++ b/heat/templates/job-trusts.yaml @@ -15,13 +15,12 @@ limitations under the License. */}} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.trusts }} {{- $mounts_heat_trusts := .Values.pod.mounts.heat_trusts.heat_trusts }} {{- $mounts_heat_trusts_init := .Values.pod.mounts.heat_trusts.init_container }} {{- $serviceAccountName := "heat-trusts" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "trusts" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -38,7 +37,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_heat_trusts_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "trusts" $mounts_heat_trusts_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: heat-trusts image: {{ $envAll.Values.images.tags.ks_service }} diff --git a/heat/values.yaml b/heat/values.yaml index 737df6933d..7b0b44a6d7 100644 --- a/heat/values.yaml +++ b/heat/values.yaml @@ -52,7 +52,13 @@ images: heat_engine: docker.io/openstackhelm/heat:newton heat_engine_cleaner: docker.io/openstackhelm/heat:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync jobs: engine_cleaner: @@ -296,6 +302,14 @@ bootstrap: openstack role create --or-show heat_stack_user dependencies: + dynamic: + common: + local_image_registry: + jobs: + - heat-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -411,6 +425,10 @@ dependencies: services: - endpoint: internal service: identity + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -431,6 +449,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -747,6 +777,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -763,6 +800,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user_domain: true diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.yaml b/helm-toolkit/templates/manifests/_job-bootstrap.yaml index 754ff217af..f9b6453d5c 100644 --- a/helm-toolkit/templates/manifests/_job-bootstrap.yaml +++ b/helm-toolkit/templates/manifests/_job-bootstrap.yaml @@ -23,7 +23,6 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.bootstrap -}} {{- $podVolMounts := index . "podVolMounts" | default false -}} {{- $podVols := index . "podVols" | default false -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} @@ -35,7 +34,7 @@ limitations under the License. {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "bootstrap" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "bootstrap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -52,7 +51,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "bootstrap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: bootstrap image: {{ $envAll.Values.images.tags.bootstrap }} diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl index 753ff8bd23..43cae950be 100644 --- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl @@ -28,7 +28,6 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.db_drop -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}} {{- $dbToDrop := index . "dbToDrop" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}} @@ -37,7 +36,7 @@ limitations under the License. {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-drop" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_drop" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -57,7 +56,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_drop" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $dbToDrop := $dbsToDrop }} {{ $dbToDropType := default "oslo" $dbToDrop.inputType }} diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl index c325ccf920..1656729cf6 100644 --- a/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl @@ -28,7 +28,6 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.db_init -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}} {{- $dbToInit := index . "dbToInit" | default ( dict "adminSecret" $envAll.Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "configDbSection" "database" "configDbKey" "connection" ) -}} @@ -37,7 +36,7 @@ limitations under the License. {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -54,7 +53,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $dbToInit := $dbsToInit }} {{ $dbToInitType := default "oslo" $dbToInit.inputType }} diff --git a/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl index 9ce4762681..9ce6aafd36 100644 --- a/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl @@ -23,7 +23,6 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := $envAll.Values.dependencies.static.db_sync }} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $configMapEtc := index . "configMapEtc" | default (printf "%s-%s" $serviceName "etc" ) -}} {{- $podVolMounts := index . "podVolMounts" | default false -}} @@ -34,7 +33,7 @@ limitations under the License. {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "db-sync" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -51,7 +50,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: {{ printf "%s-%s" $serviceNamePretty "db-sync" | quote }} image: {{ $dbToSync.image | quote }} diff --git a/helm-toolkit/templates/manifests/_job-ks-endpoints.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-endpoints.yaml.tpl index 3038161491..f07cb630b5 100644 --- a/helm-toolkit/templates/manifests/_job-ks-endpoints.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-endpoints.yaml.tpl @@ -24,12 +24,11 @@ limitations under the License. {{- $serviceName := index . "serviceName" -}} {{- $serviceTypes := index . "serviceTypes" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_endpoints -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-endpoints" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -46,7 +45,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := $serviceTypes }} {{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }} diff --git a/helm-toolkit/templates/manifests/_job-ks-service.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-service.yaml.tpl index 9a7c4e9322..628b24cac9 100644 --- a/helm-toolkit/templates/manifests/_job-ks-service.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-service.yaml.tpl @@ -24,12 +24,11 @@ limitations under the License. {{- $serviceName := index . "serviceName" -}} {{- $serviceTypes := index . "serviceTypes" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_service -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceNamePretty := $serviceName | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceNamePretty "ks-service" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_service" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -46,7 +45,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := $serviceTypes }} - name: {{ printf "%s-%s" $osServiceType "ks-service-registration" | quote }} diff --git a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl index c4908637cd..1a79094cc1 100644 --- a/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-ks-user.yaml.tpl @@ -23,13 +23,12 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.ks_user -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceUser := index . "serviceUser" | default $serviceName -}} {{- $serviceUserPretty := $serviceUser | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "ks-user" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -46,7 +45,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ks-user image: {{ $envAll.Values.images.tags.ks_user }} diff --git a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl index bbbde4f8b4..53365289ab 100644 --- a/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl +++ b/helm-toolkit/templates/manifests/_job-rabbit-init.yaml.tpl @@ -18,13 +18,12 @@ limitations under the License. {{- $envAll := index . "envAll" -}} {{- $serviceName := index . "serviceName" -}} {{- $nodeSelector := index . "nodeSelector" | default ( dict $envAll.Values.labels.job.node_selector_key $envAll.Values.labels.job.node_selector_value ) -}} -{{- $dependencies := index . "dependencies" | default $envAll.Values.dependencies.static.rabbit_init -}} {{- $configMapBin := index . "configMapBin" | default (printf "%s-%s" $serviceName "bin" ) -}} {{- $serviceUser := index . "serviceUser" | default $serviceName -}} {{- $serviceUserPretty := $serviceUser | replace "_" "-" -}} {{- $serviceAccountName := printf "%s-%s" $serviceUserPretty "rabbit-init" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "rabbit_init" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -41,7 +40,7 @@ spec: nodeSelector: {{ toYaml $nodeSelector | indent 8 }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "rabbit_init" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: rabbit-init image: {{ $envAll.Values.images.tags.rabbit_init | quote }} diff --git a/helm-toolkit/templates/snippets/_image.tpl b/helm-toolkit/templates/snippets/_image.tpl new file mode 100644 index 0000000000..34b077f078 --- /dev/null +++ b/helm-toolkit/templates/snippets/_image.tpl @@ -0,0 +1,25 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- define "helm-toolkit.snippets.image" -}} +{{- $envAll := index . 0 -}} +{{- $image := index . 1 -}} +{{- $imageTag := index $envAll.Values.images.tags $image -}} +{{- if and ($envAll.Values.images.local_registry.active) (not (has $image $envAll.Values.images.local_registry.exclude )) -}} +{{- $registryPrefix := printf "%s:%s" (tuple "local_image_registry" "node" $envAll | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup") (tuple "local_image_registry" "node" "registry" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup") -}} +image: {{ printf "%s/%s" $registryPrefix $imageTag | quote }} +{{- else -}} +image: {{ $imageTag | quote }} +{{- end }} +imagePullPolicy: {{ $envAll.Values.images.pull_policy }} +{{- end -}} diff --git a/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl b/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl index 76468cd25b..af0eea1751 100644 --- a/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl +++ b/helm-toolkit/templates/snippets/_kubernetes_entrypoint_init_container.tpl @@ -16,10 +16,28 @@ limitations under the License. {{- define "helm-toolkit.snippets.kubernetes_entrypoint_init_container" -}} {{- $envAll := index . 0 -}} -{{- $deps := index . 1 -}} +{{- $component := index . 1 -}} {{- $mounts := index . 2 -}} + +{{- $_ := set $envAll.Values "__kubernetes_entrypoint_init_container" dict -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" dict -}} +{{- if and ($envAll.Values.images.local_registry.active) (ne $component "image_repo_sync") -}} +{{- if eq $component "pod_dependency" -}} +{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.pod_dependency ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}} +{{- else -}} +{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.dependencies.static $component ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}} +{{- end -}} +{{- else -}} +{{- if eq $component "pod_dependency" -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.pod_dependency ) -}} +{{- else -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.dependencies.static $component ) -}} +{{- end -}} +{{- end -}} +{{- $deps := $envAll.Values.__kubernetes_entrypoint_init_container.deps }} + - name: init - image: {{ $envAll.Values.images.tags.dep_check }} +{{ tuple $envAll "dep_check" | include "helm-toolkit.snippets.image" | indent 2 }} imagePullPolicy: {{ $envAll.Values.images.pull_policy }} env: - name: POD_NAME diff --git a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl index b96f099b91..b4cf1a65b2 100644 --- a/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl +++ b/helm-toolkit/templates/snippets/_kubernetes_pod_rbac_serviceaccount.tpl @@ -16,11 +16,28 @@ limitations under the License. {{- define "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" -}} {{- $envAll := index . 0 -}} -{{- $deps := index . 1 -}} +{{- $component := index . 1 -}} {{- $saName := index . 2 -}} {{- $saNamespace := $envAll.Release.Namespace }} {{- $randomKey := randAlphaNum 32 }} {{- $allNamespace := dict $randomKey "" }} + +{{- $_ := set $envAll.Values "__kubernetes_entrypoint_init_container" dict -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" dict -}} +{{- if and ($envAll.Values.images.local_registry.active) (ne $component "image_repo_sync") -}} +{{- if eq $component "pod_dependency" -}} +{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.pod_dependency ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}} +{{- else -}} +{{- $_ := include "helm-toolkit.utils.merge" ( tuple $envAll.Values.__kubernetes_entrypoint_init_container.deps ( index $envAll.Values.dependencies.static $component ) $envAll.Values.dependencies.dynamic.common.local_image_registry ) -}} +{{- end -}} +{{- else -}} +{{- if eq $component "pod_dependency" -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.pod_dependency ) -}} +{{- else -}} +{{- $_ := set $envAll.Values.__kubernetes_entrypoint_init_container "deps" ( index $envAll.Values.dependencies.static $component ) -}} +{{- end -}} +{{- end -}} +{{- $deps := $envAll.Values.__kubernetes_entrypoint_init_container.deps }} --- apiVersion: v1 kind: ServiceAccount diff --git a/horizon/templates/configmap-bin.yaml b/horizon/templates/configmap-bin.yaml index dce86560ca..eef146d9e9 100644 --- a/horizon/templates/configmap-bin.yaml +++ b/horizon/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: horizon-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} db-init.py: | {{- include "helm-toolkit.scripts.db_init" . | indent 4 }} db-sync.sh: | diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml index 0b4adb71b3..608e1b8f82 100644 --- a/horizon/templates/deployment.yaml +++ b/horizon/templates/deployment.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.dashboard }} {{- $mounts_horizon := .Values.pod.mounts.horizon.horizon }} {{- $mounts_horizon_init := .Values.pod.mounts.horizon.init_container }} {{- $serviceAccountName := "horizon" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "dashboard" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.dashboard.node_selector_key }}: {{ .Values.labels.dashboard.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.horizon.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_horizon_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "dashboard" $mounts_horizon_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: horizon image: {{ .Values.images.tags.horizon }} diff --git a/horizon/templates/job-db-sync.yaml b/horizon/templates/job-db-sync.yaml index c417b72769..8f78996b2a 100644 --- a/horizon/templates/job-db-sync.yaml +++ b/horizon/templates/job-db-sync.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.job_db_sync }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.db_sync }} {{- $mounts_horizon_db_sync := .Values.pod.mounts.horizon_db_sync.horizon_db_sync }} {{- $mounts_horizon_db_sync_init := .Values.pod.mounts.horizon_db_sync.init_container }} {{- $serviceAccountName := "horizon-db-sync" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_horizon_db_sync_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db_sync" $mounts_horizon_db_sync_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: horizon-db-sync image: {{ .Values.images.tags.horizon_db_sync }} diff --git a/horizon/templates/job-image-repo-sync.yaml b/horizon/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..6b8efe17aa --- /dev/null +++ b/horizon/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "horizon" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/horizon/values.yaml b/horizon/values.yaml index d1efe6b351..3621928b91 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -24,7 +24,13 @@ images: db_drop: docker.io/openstackhelm/heat:newton horizon: docker.io/openstackhelm/horizon:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync release_group: null @@ -1856,6 +1862,14 @@ conf: 'os_compute_api:servers:update': 'rule:admin_or_owner' dependencies: + dynamic: + common: + local_image_registry: + jobs: + - horizon-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: dashboard: jobs: @@ -1879,6 +1893,10 @@ dependencies: services: - endpoint: internal service: oslo_db + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry pod: affinity: @@ -1944,6 +1962,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" # Names of secrets used by bootstrap and environmental checks secrets: @@ -1956,6 +1981,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone hosts: @@ -2020,6 +2057,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true pdb: true secret_db: true service_ingress: true diff --git a/ingress/templates/configmap-bin.yaml b/ingress/templates/configmap-bin.yaml index ad9cb1767f..6ff6b6ab4b 100644 --- a/ingress/templates/configmap-bin.yaml +++ b/ingress/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: ingress-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if and .Values.network.host_namespace .Values.network.vip.manage }} ingress-vip.sh: | {{ tuple "bin/_ingress-vip.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/ingress/templates/deployment-error.yaml b/ingress/templates/deployment-error.yaml index d6a467ee54..89de689f8b 100644 --- a/ingress/templates/deployment-error.yaml +++ b/ingress/templates/deployment-error.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.deployment_error }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.error_pages }} {{- $serviceAccountName := "ingress-error-pages"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "error_pages" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -40,7 +39,7 @@ spec: {{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "error_pages" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ingress-error-pages image: {{ .Values.images.tags.error_pages }} diff --git a/ingress/templates/deployment-ingress.yaml b/ingress/templates/deployment-ingress.yaml index b55f2e3b73..baa945ee9a 100644 --- a/ingress/templates/deployment-ingress.yaml +++ b/ingress/templates/deployment-ingress.yaml @@ -16,7 +16,6 @@ limitations under the License. {{- if .Values.manifests.deployment_ingress }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ingress }} {{- if empty .Values.conf.controller.INGRESS_CLASS -}} {{- if eq .Values.deployment.mode "cluster" }} @@ -27,7 +26,7 @@ limitations under the License. {{- end -}} {{- $serviceAccountName := printf "%s-%s" .Release.Name "ingress" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole @@ -180,7 +179,7 @@ spec: dnsPolicy: "ClusterFirstWithHostNet" terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.server.timeout | default "60" }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ingress" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if and .Values.network.host_namespace .Values.network.vip.manage }} - name: ingress-vip-kernel-modules image: {{ .Values.images.tags.ingress }} diff --git a/ingress/templates/job-image-repo-sync.yaml b/ingress/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..c332e8c7e2 --- /dev/null +++ b/ingress/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ingress" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ingress/values.yaml b/ingress/values.yaml index 302abd883a..67021ad928 100644 --- a/ingress/values.yaml +++ b/ingress/values.yaml @@ -30,7 +30,13 @@ images: ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0 error_pages: gcr.io/google_containers/defaultbackend:1.0 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync pod: affinity: @@ -71,6 +77,14 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" labels: server: @@ -95,11 +109,23 @@ network: external_policy_local: false dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ingress-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: error_pages: jobs: null ingress: jobs: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry monitoring: prometheus: @@ -109,6 +135,18 @@ monitoring: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 ingress: hosts: default: ingress @@ -163,6 +201,7 @@ manifests: ingress: true service_error: true service_ingress: true + job_image_repo_sync: true monitoring: prometheus: service_exporter: true diff --git a/ironic/templates/configmap-bin.yaml b/ironic/templates/configmap-bin.yaml index c74b4f8a08..32cc667edf 100644 --- a/ironic/templates/configmap-bin.yaml +++ b/ironic/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: ironic-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/ironic/templates/deployment-api.yaml b/ironic/templates/deployment-api.yaml index 2ee04c9471..402471aff1 100644 --- a/ironic/templates/deployment-api.yaml +++ b/ironic/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_ironic_api := .Values.pod.mounts.ironic_api.ironic_api }} {{- $mounts_ironic_api_init := .Values.pod.mounts.ironic_api.init_container }} {{- $serviceAccountName := "ironic-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_ironic_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_ironic_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ironic-retrive-cleaning-net image: {{ .Values.images.tags.ironic_retrive_cleaning_network }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ironic/templates/job-image-repo-sync.yaml b/ironic/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..c42db92066 --- /dev/null +++ b/ironic/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ironic" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ironic/templates/job-manage-cleaning-network.yaml b/ironic/templates/job-manage-cleaning-network.yaml index 5c13f8386c..28009ca480 100644 --- a/ironic/templates/job-manage-cleaning-network.yaml +++ b/ironic/templates/job-manage-cleaning-network.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_manage_cleaning_network }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.manage_cleaning_network }} {{- $serviceAccountName := "ironic-manage-cleaning-network" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "manage_cleaning_network" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "manage_cleaning_network" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ironic-manage-cleaning-network image: {{ .Values.images.tags.ironic_manage_cleaning_network }} diff --git a/ironic/templates/statefulset-conductor.yaml b/ironic/templates/statefulset-conductor.yaml index 75d28acd3c..347729b52e 100644 --- a/ironic/templates/statefulset-conductor.yaml +++ b/ironic/templates/statefulset-conductor.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.statefulset_conductor }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.conductor }} {{- $mounts_ironic_conductor := .Values.pod.mounts.ironic_conductor.ironic_conductor }} {{- $mounts_ironic_conductor_init := .Values.pod.mounts.ironic_conductor.init_container }} {{- $serviceAccountName := "ironic-conductor" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -47,7 +46,7 @@ spec: hostIPC: True dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_ironic_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "conductor" $mounts_ironic_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: ironic-conductor-pxe-init image: {{ .Values.images.tags.ironic_pxe_init }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/ironic/values.yaml b/ironic/values.yaml index ca89a8a32c..6cdb7dd21a 100644 --- a/ironic/values.yaml +++ b/ironic/values.yaml @@ -48,7 +48,13 @@ images: ironic_pxe_init: docker.io/openstackhelm/ironic:newton ironic_pxe_http: docker.io/nginx:1.13.3 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync conf: paste: @@ -184,6 +190,14 @@ bootstrap: ) dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ironic-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -256,6 +270,10 @@ dependencies: services: - endpoint: internal service: network + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -274,6 +292,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -529,6 +559,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -539,6 +576,7 @@ manifests: job_db_drop: false job_db_init: true job_db_sync: true + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/keystone/templates/configmap-bin.yaml b/keystone/templates/configmap-bin.yaml index 206c832ed3..1b5892b68f 100644 --- a/keystone/templates/configmap-bin.yaml +++ b/keystone/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: keystone-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/keystone/templates/cron-job-credential-rotate.yaml b/keystone/templates/cron-job-credential-rotate.yaml index 31fde89df9..ab06099244 100644 --- a/keystone/templates/cron-job-credential-rotate.yaml +++ b/keystone/templates/cron-job-credential-rotate.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.cron_credential_rotate }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.credential_rotate }} {{- $mounts_keystone_credential_rotate := .Values.pod.mounts.keystone_credential_rotate.keystone_credential_rotate }} {{- $mounts_keystone_credential_rotate_init := .Values.pod.mounts.keystone_credential_rotate.init_container }} {{- $serviceAccountName := "keystone-credential-rotate" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "credential_rotate" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -70,7 +69,7 @@ spec: spec: serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_credential_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "credential_rotate" $mounts_keystone_credential_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} restartPolicy: OnFailure nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} diff --git a/keystone/templates/cron-job-fernet-rotate.yaml b/keystone/templates/cron-job-fernet-rotate.yaml index e369afa16c..4c946cd890 100644 --- a/keystone/templates/cron-job-fernet-rotate.yaml +++ b/keystone/templates/cron-job-fernet-rotate.yaml @@ -17,13 +17,12 @@ limitations under the License. {{- if .Values.manifests.cron_fernet_rotate }} {{- if eq .Values.conf.keystone.token.provider "fernet" }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.fernet_rotate }} {{- $mounts_keystone_fernet_rotate := .Values.pod.mounts.keystone_fernet_rotate.keystone_fernet_rotate }} {{- $mounts_keystone_fernet_rotate_init := .Values.pod.mounts.keystone_fernet_rotate.init_container }} {{- $serviceAccountName := "keystone-fernet-rotate" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "fernet_rotate" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -71,7 +70,7 @@ spec: spec: serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_fernet_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "fernet_rotate" $mounts_keystone_fernet_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} restartPolicy: OnFailure nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} diff --git a/keystone/templates/deployment-api.yaml b/keystone/templates/deployment-api.yaml index 2828d39aa2..5e98f9f737 100644 --- a/keystone/templates/deployment-api.yaml +++ b/keystone/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_keystone_api := .Values.pod.mounts.keystone_api.keystone_api }} {{- $mounts_keystone_api_init := .Values.pod.mounts.keystone_api.init_container }} {{- $serviceAccountName := "keystone-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_keystone_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: keystone-api image: {{ .Values.images.tags.keystone_api }} diff --git a/keystone/templates/job-credential-setup.yaml b/keystone/templates/job-credential-setup.yaml index 8dcc7aa892..9d32b19ac2 100644 --- a/keystone/templates/job-credential-setup.yaml +++ b/keystone/templates/job-credential-setup.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.job_credential_setup }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.credential_setup }} {{- $mounts_keystone_credential_setup := .Values.pod.mounts.keystone_credential_setup.keystone_credential_setup }} {{- $mounts_keystone_credential_setup_init := .Values.pod.mounts.keystone_credential_setup.init_container }} {{- $serviceAccountName := "keystone-credential-setup" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "credential_setup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -64,7 +63,7 @@ spec: spec: serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_credential_setup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "credential_setup" $mounts_keystone_credential_setup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} restartPolicy: OnFailure nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} diff --git a/keystone/templates/job-domain-manage.yaml b/keystone/templates/job-domain-manage.yaml index d374c92d12..f3e3a2f85c 100644 --- a/keystone/templates/job-domain-manage.yaml +++ b/keystone/templates/job-domain-manage.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.job_domain_manage }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.domain_manage }} {{- $mounts_keystone_domain_manage := .Values.pod.mounts.keystone_domain_manage.keystone_domain_manage }} {{- $mounts_keystone_domain_manage_init := .Values.pod.mounts.keystone_domain_manage.init_container }} {{- $serviceAccountName := "keystone-domain-manage" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "domain_manage" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_domain_manage_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "domain_manage" $mounts_keystone_domain_manage_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: keystone-domain-manage-init image: {{ .Values.images.tags.bootstrap }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/keystone/templates/job-fernet-setup.yaml b/keystone/templates/job-fernet-setup.yaml index 004f2965b5..3269e62bad 100644 --- a/keystone/templates/job-fernet-setup.yaml +++ b/keystone/templates/job-fernet-setup.yaml @@ -17,13 +17,12 @@ limitations under the License. {{- if .Values.manifests.job_fernet_setup }} {{- if eq .Values.conf.keystone.token.provider "fernet" }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.fernet_setup }} {{- $mounts_keystone_fernet_setup := .Values.pod.mounts.keystone_fernet_setup.keystone_fernet_setup }} {{- $mounts_keystone_fernet_setup_init := .Values.pod.mounts.keystone_fernet_setup.init_container }} {{- $serviceAccountName := "keystone-fernet-setup" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "fernet_setup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -65,7 +64,7 @@ spec: spec: serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_keystone_fernet_setup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "fernet_setup" $mounts_keystone_fernet_setup_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} restartPolicy: OnFailure nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} diff --git a/keystone/templates/job-image-repo-sync.yaml b/keystone/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..a2db7ac6cf --- /dev/null +++ b/keystone/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "keystone" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/keystone/templates/pod-rally-test.yaml b/keystone/templates/pod-rally-test.yaml index efea96b764..9e3f387776 100644 --- a/keystone/templates/pod-rally-test.yaml +++ b/keystone/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.keystone_tests.keystone_tests }} {{- $mounts_tests_init := .Values.pod.mounts.keystone_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -34,7 +33,7 @@ spec: restartPolicy: Never serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/keystone/values.yaml b/keystone/values.yaml index ec5cbb3ae1..9e95e7b8ee 100644 --- a/keystone/values.yaml +++ b/keystone/values.yaml @@ -43,7 +43,13 @@ images: keystone_api: docker.io/openstackhelm/keystone:newton keystone_domain_manage: docker.io/openstackhelm/keystone:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync bootstrap: enabled: true @@ -85,6 +91,14 @@ network: port: 30357 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - keystone-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -138,6 +152,10 @@ dependencies: services: - endpoint: internal service: identity + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry pod: affinity: @@ -280,6 +298,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" jobs: fernet_setup: @@ -767,6 +792,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: namespace: null name: keystone @@ -875,6 +912,7 @@ manifests: job_db_drop: false job_domain_manage: true job_fernet_setup: true + job_image_repo_sync: true job_rabbit_init: true pdb_api: true pod_rally_test: true diff --git a/ldap/templates/configmap-bin.yaml b/ldap/templates/configmap-bin.yaml index e3c1b4af03..29b1648df1 100644 --- a/ldap/templates/configmap-bin.yaml +++ b/ldap/templates/configmap-bin.yaml @@ -20,6 +20,10 @@ kind: ConfigMap metadata: name: ldap-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/ldap/templates/job-image-repo-sync.yaml b/ldap/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..f6e9fcb980 --- /dev/null +++ b/ldap/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ldap" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/ldap/templates/statefulset.yaml b/ldap/templates/statefulset.yaml index 060e427921..bad93d7eb2 100644 --- a/ldap/templates/statefulset.yaml +++ b/ldap/templates/statefulset.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.statefulset }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ldap }} {{- $serviceAccountName := "ldap" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ldap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ldap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ldap image: {{ .Values.images.tags.ldap }} diff --git a/ldap/values.yaml b/ldap/values.yaml index 19c9e5fd1b..c4b42df350 100644 --- a/ldap/values.yaml +++ b/ldap/values.yaml @@ -23,7 +23,13 @@ images: bootstrap: "docker.io/osixia/openldap:1.2.0" ldap: "docker.io/osixia/openldap:1.2.0" dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.0 - pull_policy: IfNotPresent + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: server: @@ -67,12 +73,27 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" mounts: ldap_data_load: init_container: null ldap_data_load: dependencies: + dynamic: + common: + local_image_registry: + jobs: + - ldap-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: ldap: jobs: null @@ -86,6 +107,10 @@ dependencies: services: - endpoint: internal service: ldap + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry volume: enabled: true @@ -100,6 +125,18 @@ bootstrap: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 ldap: hosts: default: ldap @@ -189,6 +226,7 @@ data: manifests: configmap_bin: true configmap_etc: true + job_image_repo_sync: true job_bootstrap: true statefulset: true service: true diff --git a/libvirt/templates/configmap-bin.yaml b/libvirt/templates/configmap-bin.yaml index 1c872dd9d5..ffe7a0d202 100644 --- a/libvirt/templates/configmap-bin.yaml +++ b/libvirt/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: libvirt-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} libvirt.sh: | {{ tuple "bin/_libvirt.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- if .Values.conf.ceph.enabled }} diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml index 4bdd0bcb71..1f4bade8a2 100644 --- a/libvirt/templates/daemonset-libvirt.yaml +++ b/libvirt/templates/daemonset-libvirt.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.daemonset_libvirt }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.libvirt }} {{- $mounts_libvirt := .Values.pod.mounts.libvirt.libvirt }} {{- $mounts_libvirt_init := .Values.pod.mounts.libvirt.init_container }} {{- $serviceAccountName := "libvirt" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "libvirt" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -45,7 +44,7 @@ spec: hostPID: true dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_libvirt_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "libvirt" $mounts_libvirt_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if .Values.conf.ceph.enabled }} {{- if empty .Values.conf.ceph.cinder.keyring }} - name: ceph-admin-keyring-placement diff --git a/libvirt/templates/job-image-repo-sync.yaml b/libvirt/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..c24dd75cc3 --- /dev/null +++ b/libvirt/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "libvirt" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/libvirt/values.yaml b/libvirt/values.yaml index ff04f28982..9212028109 100644 --- a/libvirt/values.yaml +++ b/libvirt/values.yaml @@ -29,8 +29,28 @@ images: tags: libvirt: docker.io/openstackhelm/libvirt:ubuntu-xenial-1.3.1 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync +endpoints: + cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 conf: ceph: @@ -80,12 +100,33 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" dependencies: + dynamic: + common: + local_image_registry: + jobs: + - libvirt-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: libvirt: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry manifests: configmap_bin: true configmap_etc: true daemonset_libvirt: true + job_image_repo_sync: true diff --git a/magnum/templates/configmap-bin.yaml b/magnum/templates/configmap-bin.yaml index fc48f0bd69..7af3ff7e7c 100644 --- a/magnum/templates/configmap-bin.yaml +++ b/magnum/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: magnum-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml index cf3a869c76..4760b76c75 100644 --- a/magnum/templates/deployment-api.yaml +++ b/magnum/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_magnum_api := .Values.pod.mounts.magnum_api.magnum_api }} {{- $mounts_magnum_api_init := .Values.pod.mounts.magnum_api.init_container }} {{- $serviceAccountName := "magnum-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_magnum_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_magnum_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: magnum-api image: {{ .Values.images.tags.magnum_api }} diff --git a/magnum/templates/job-image-repo-sync.yaml b/magnum/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..d46215c313 --- /dev/null +++ b/magnum/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "magnum" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/magnum/templates/job-ks-user-domain.yaml b/magnum/templates/job-ks-user-domain.yaml index 3d9259693b..85f7b0ded1 100644 --- a/magnum/templates/job-ks-user-domain.yaml +++ b/magnum/templates/job-ks-user-domain.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_user_domain }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_user }} {{- $serviceAccountName := "magnum-ks-user-domain" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: magnum-ks-domain-user image: {{ .Values.images.tags.ks_user }} diff --git a/magnum/templates/statefulset-conductor.yaml b/magnum/templates/statefulset-conductor.yaml index c17e9d7931..54240c0736 100644 --- a/magnum/templates/statefulset-conductor.yaml +++ b/magnum/templates/statefulset-conductor.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.statefulset_conductor }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.conductor }} {{- $mounts_magnum_conductor := .Values.pod.mounts.magnum_conductor.magnum_conductor }} {{- $mounts_magnum_conductor_init := .Values.pod.mounts.magnum_conductor.init_container }} {{- $serviceAccountName := "magnum-conductor" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -43,7 +42,7 @@ spec: nodeSelector: {{ .Values.labels.conductor.node_selector_key }}: {{ .Values.labels.conductor.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_magnum_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "conductor" $mounts_magnum_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: magnum-conductor-init image: {{ .Values.images.tags.magnum_conductor }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/magnum/values.yaml b/magnum/values.yaml index e8cd5e1e5e..21d3b74ac4 100644 --- a/magnum/values.yaml +++ b/magnum/values.yaml @@ -43,7 +43,13 @@ images: magnum_api: docker.io/openstackhelm/magnum:newton magnum_conductor: docker.io/openstackhelm/magnum:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync conf: paste: @@ -150,6 +156,14 @@ bootstrap: openstack token issue dependencies: + dynamic: + common: + local_image_registry: + jobs: + - magnum-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -219,6 +233,11 @@ dependencies: services: - endpoint: internal service: oslo_messaging + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry + # Names of secrets used by bootstrap and environmental checks secrets: identity: @@ -237,6 +256,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -489,6 +520,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -499,6 +537,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user_domain: true diff --git a/mariadb/templates/configmap-bin.yaml b/mariadb/templates/configmap-bin.yaml index 3e075fa75e..5e0b62cfc9 100644 --- a/mariadb/templates/configmap-bin.yaml +++ b/mariadb/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: mariadb-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} mariadb-ingress-controller.sh: | {{ tuple "bin/_mariadb-ingress-controller.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} mariadb-ingress-error-pages.sh: | diff --git a/mariadb/templates/deployment-error.yaml b/mariadb/templates/deployment-error.yaml index 56b495d5cc..b1d5ea4f3f 100644 --- a/mariadb/templates/deployment-error.yaml +++ b/mariadb/templates/deployment-error.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.deployment_error }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.error_pages }} {{- $serviceAccountName := "mariadb-ingress-error-pages"}} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "error_pages" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -43,7 +42,7 @@ spec: {{ .Values.labels.error_server.node_selector_key }}: {{ .Values.labels.error_server.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.error_pages.timeout | default "60" }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "error_pages" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ingress-error-pages image: {{ .Values.images.tags.error_pages }} diff --git a/mariadb/templates/deployment-ingress.yaml b/mariadb/templates/deployment-ingress.yaml index f0a655a1f8..2451eef01a 100644 --- a/mariadb/templates/deployment-ingress.yaml +++ b/mariadb/templates/deployment-ingress.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if .Values.manifests.deployment_ingress }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ingress }} {{- $ingressClass := printf "%s-%s" .Release.Name "mariadb-ingress" }} {{- $serviceAccountName := printf "%s-%s" .Release.Name "ingress" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ingress" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role @@ -138,7 +137,7 @@ spec: {{ .Values.labels.ingress.node_selector_key }}: {{ .Values.labels.ingress.node_selector_value }} terminationGracePeriodSeconds: 60 initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ingress" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: ingress image: {{ .Values.images.tags.ingress }} diff --git a/mariadb/templates/job-image-repo-sync.yaml b/mariadb/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..e099429a1d --- /dev/null +++ b/mariadb/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mariadb" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/mariadb/templates/statefulset.yaml b/mariadb/templates/statefulset.yaml index 93f059007a..f81b959906 100644 --- a/mariadb/templates/statefulset.yaml +++ b/mariadb/templates/statefulset.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.statefulset }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.mariadb }} {{- $serviceAccountName := "mariadb" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "mariadb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -41,7 +40,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "mariadb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if .Values.volume.chown_on_start }} - name: mariadb-perms image: {{ .Values.images.tags.mariadb }} diff --git a/mariadb/values.yaml b/mariadb/values.yaml index f881083bb6..74a263133e 100644 --- a/mariadb/values.yaml +++ b/mariadb/values.yaml @@ -26,7 +26,13 @@ images: prometheus_mysql_exporter: docker.io/prom/mysqld-exporter:v0.10.0 prometheus_mysql_exporter_helm_tests: docker.io/openstackhelm/heat:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - pull_policy: IfNotPresent + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: server: @@ -101,8 +107,23 @@ pod: requests: memory: "128Mi" cpu: "100m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" dependencies: + dynamic: + common: + local_image_registry: + jobs: + - mariadb-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: error_pages: jobs: null @@ -130,6 +151,10 @@ dependencies: service: prometheus_mysql_exporter - endpoint: internal service: monitoring + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry force_bootstrap: false @@ -166,6 +191,18 @@ network: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 monitoring: name: prometheus namespace: null @@ -229,6 +266,7 @@ manifests: configmap_services_tcp: true deployment_error: true deployment_ingress: true + job_image_repo_sync: true monitoring: prometheus: configmap_bin: true diff --git a/memcached/templates/configmap-bin.yaml b/memcached/templates/configmap-bin.yaml index 2d2b28f6e2..3821382f21 100644 --- a/memcached/templates/configmap-bin.yaml +++ b/memcached/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: {{ $configMapBinName }} data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} memcached.sh: | {{ tuple "bin/_memcached.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} diff --git a/memcached/templates/deployment.yaml b/memcached/templates/deployment.yaml index 7a0d072d1e..8845e8d7e9 100644 --- a/memcached/templates/deployment.yaml +++ b/memcached/templates/deployment.yaml @@ -16,12 +16,11 @@ limitations under the License. {{- if .Values.manifests.deployment }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.memcached }} {{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "memcached" }} {{- $configMapBinName := printf "%s-%s" $envAll.Release.Name "memcached-bin" }} -{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "memcached" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -41,7 +40,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 9 }} +{{ tuple $envAll "memcached" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 9 }} containers: - name: memcached image: {{ .Values.images.tags.memcached }} diff --git a/memcached/templates/job-image-repo-sync.yaml b/memcached/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..8f61cf7e7c --- /dev/null +++ b/memcached/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "memcached" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/memcached/values.yaml b/memcached/values.yaml index 3772d7fe24..6cb281ece2 100644 --- a/memcached/values.yaml +++ b/memcached/values.yaml @@ -25,12 +25,36 @@ conf: memory: 1024 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - memcached-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: memcached: jobs: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 oslo_cache: host_fqdn_override: default: null @@ -46,6 +70,12 @@ images: tags: dep_check: 'quay.io/stackanetes/kubernetes-entrypoint:v0.3.1' memcached: 'docker.io/memcached:1.5.5' + image_repo_sync: docker.io/docker:17.07.0 + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: server: @@ -55,6 +85,7 @@ labels: manifests: configmap_bin: true deployment: true + job_image_repo_sync: true service: true pod: @@ -83,3 +114,11 @@ pod: requests: cpu: 500m memory: 128Mi + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" diff --git a/mistral/templates/configmap-bin.yaml b/mistral/templates/configmap-bin.yaml index 68ce510ef2..b79192396e 100644 --- a/mistral/templates/configmap-bin.yaml +++ b/mistral/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: mistral-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml index 2dd75296f7..e48ad0566d 100644 --- a/mistral/templates/deployment-api.yaml +++ b/mistral/templates/deployment-api.yaml @@ -16,12 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} + {{- $mounts_mistral_api := .Values.pod.mounts.mistral_api.mistral_api }} {{- $mounts_mistral_api_init := .Values.pod.mounts.mistral_api.init_container }} {{- $serviceAccountName := "mistral-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_mistral_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_mistral_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: mistral-api image: {{ .Values.images.tags.mistral_api }} diff --git a/mistral/templates/deployment-executor.yaml b/mistral/templates/deployment-executor.yaml index 0d8430e26f..161d4ecb41 100644 --- a/mistral/templates/deployment-executor.yaml +++ b/mistral/templates/deployment-executor.yaml @@ -16,12 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_executor }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.executor }} + {{- $mounts_mistral_executor := .Values.pod.mounts.mistral_executor.mistral_executor }} {{- $mounts_mistral_executor_init := .Values.pod.mounts.mistral_executor.init_container }} {{- $serviceAccountName := "mistral-executor" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "executor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -44,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.executor.node_selector_key }}: {{ .Values.labels.executor.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_mistral_executor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "executor" $mounts_mistral_executor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: mistral-executor image: {{ .Values.images.tags.mistral_executor }} diff --git a/mistral/templates/job-image-repo-sync.yaml b/mistral/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..9f326ff9d9 --- /dev/null +++ b/mistral/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mistral" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/mistral/templates/pod-rally-test.yaml b/mistral/templates/pod-rally-test.yaml index 7a0085cb44..15d48bd1e7 100644 --- a/mistral/templates/pod-rally-test.yaml +++ b/mistral/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.mistral_tests.mistral_tests }} {{- $mounts_tests_init := .Values.pod.mounts.mistral_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: restartPolicy: Never serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/mistral/templates/statefulset-engine.yaml b/mistral/templates/statefulset-engine.yaml index 038677eee4..1aee2dea5e 100644 --- a/mistral/templates/statefulset-engine.yaml +++ b/mistral/templates/statefulset-engine.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.statefulset_engine }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.engine }} {{- $mounts_mistral_engine := .Values.pod.mounts.mistral_engine.mistral_engine }} {{- $mounts_mistral_engine_init := .Values.pod.mounts.mistral_engine.init_container }} {{- $serviceAccountName := "mistral-engine" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -42,7 +41,7 @@ spec: nodeSelector: {{ .Values.labels.engine.node_selector_key }}: {{ .Values.labels.engine.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_mistral_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "engine" $mounts_mistral_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: mistral-engine image: {{ .Values.images.tags.mistral_engine }} diff --git a/mistral/templates/statefulset-event-engine.yaml b/mistral/templates/statefulset-event-engine.yaml index 5a677d27a3..b0d244bf65 100644 --- a/mistral/templates/statefulset-event-engine.yaml +++ b/mistral/templates/statefulset-event-engine.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.statefulset_event_engine }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.event_engine }} {{- $mounts_mistral_event_engine := .Values.pod.mounts.mistral_event_engine.mistral_event_engine }} {{- $mounts_mistral_event_engine_init := .Values.pod.mounts.mistral_event_engine.init_container }} {{- $serviceAccountName := "mistral-event-engine" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "event_engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -42,7 +41,7 @@ spec: nodeSelector: {{ .Values.labels.event_engine.node_selector_key }}: {{ .Values.labels.event_engine.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_mistral_event_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "event_engine" $mounts_mistral_event_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: mistral-event-engine image: {{ .Values.images.tags.mistral_event_engine }} diff --git a/mistral/values.yaml b/mistral/values.yaml index c48f312e67..2574019be6 100644 --- a/mistral/values.yaml +++ b/mistral/values.yaml @@ -55,7 +55,13 @@ images: mistral_engine: docker.io/kolla/ubuntu-source-mistral-engine:3.0.3 mistral_event_engine: docker.io/kolla/ubuntu-source-mistral-engine:3.0.3 mistral_executor: docker.io/kolla/ubuntu-source-mistral-executor:3.0.3 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync network: api: @@ -77,6 +83,14 @@ bootstrap: openstack token issue dependencies: + dynamic: + common: + local_image_registry: + jobs: + - mistral-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: api: jobs: @@ -156,6 +170,10 @@ dependencies: service: identity - endpoint: internal service: workflowv2 + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -175,6 +193,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -560,6 +590,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -571,6 +608,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/mongodb/templates/configmap-bin.yaml b/mongodb/templates/configmap-bin.yaml index 910719cb4e..27f6463dee 100644 --- a/mongodb/templates/configmap-bin.yaml +++ b/mongodb/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: mongodb-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} start.sh: | {{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} {{- end }} diff --git a/mongodb/templates/job-image-repo-sync.yaml b/mongodb/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..4645179d50 --- /dev/null +++ b/mongodb/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "mongodb" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/mongodb/templates/statefulset.yaml b/mongodb/templates/statefulset.yaml index 63adaad077..8828dbf739 100644 --- a/mongodb/templates/statefulset.yaml +++ b/mongodb/templates/statefulset.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.statefulset }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.mongodb }} {{- $serviceAccountName := "mongodb" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "mongodb" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "mongodb" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if $envAll.Values.volume.chown_on_start }} - name: mongodb-perms image: {{ $envAll.Values.images.tags.mongodb }} diff --git a/mongodb/values.yaml b/mongodb/values.yaml index 94ce150856..fc4dd35539 100644 --- a/mongodb/values.yaml +++ b/mongodb/values.yaml @@ -37,13 +37,27 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" # using dockerhub mongodb: https://hub.docker.com/r/library/mongo/tags/ images: tags: mongodb: docker.io/mongo:3.4.9-jessie dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - pull_policy: IfNotPresent + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync volume: chown_on_start: true @@ -61,6 +75,18 @@ labels: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 mongodb: auth: admin: @@ -77,12 +103,25 @@ endpoints: default: 27017 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - mongodb-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: mongodb: jobs: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry manifests: configmap_bin: true + job_image_repo_sync: true secret_db_root_creds: true service: true statefulset: true diff --git a/neutron/templates/configmap-bin.yaml b/neutron/templates/configmap-bin.yaml index 82fd655665..3cee123839 100644 --- a/neutron/templates/configmap-bin.yaml +++ b/neutron/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: neutron-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml index 468ec0b794..5f43a39fc4 100644 --- a/neutron/templates/daemonset-dhcp-agent.yaml +++ b/neutron/templates/daemonset-dhcp-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_dhcp_agent := .Values.pod.mounts.neutron_dhcp_agent.neutron_dhcp_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_dhcp_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_dhcp_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: neutron-dhcp-agent image: {{ .Values.images.tags.neutron_dhcp }} @@ -145,8 +144,8 @@ spec: {{- $serviceAccountName := "neutron-dhcp-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "dhcp" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.dhcp_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.dhcp_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml index 935735f46a..af08ad226d 100644 --- a/neutron/templates/daemonset-l3-agent.yaml +++ b/neutron/templates/daemonset-l3-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_l3_agent := .Values.pod.mounts.neutron_l3_agent.neutron_l3_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_l3_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_l3_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: neutron-l3-agent image: {{ .Values.images.tags.neutron_l3 }} @@ -147,8 +146,8 @@ spec: {{- $serviceAccountName := "neutron-l3-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "l3" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.l3_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.l3_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/daemonset-lb-agent.yaml b/neutron/templates/daemonset-lb-agent.yaml index 821f2bb7ce..ad337b9a23 100644 --- a/neutron/templates/daemonset-lb-agent.yaml +++ b/neutron/templates/daemonset-lb-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_lb_agent := .Values.pod.mounts.neutron_lb_agent.neutron_lb_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_lb_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_lb_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: neutron-lb-agent-kernel-modules image: {{ .Values.images.tags.neutron_linuxbridge_agent }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -204,8 +203,8 @@ spec: {{- $serviceAccountName := "neutron-lb-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "lb_agent" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.lb_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.lb_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml index c893448e6e..fe7d194e87 100644 --- a/neutron/templates/daemonset-metadata-agent.yaml +++ b/neutron/templates/daemonset-metadata-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_metadata_agent := .Values.pod.mounts.neutron_metadata_agent.neutron_metadata_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_metadata_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_metadata_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: neutron-metadata-agent-init image: {{ .Values.images.tags.neutron_metadata }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -159,8 +158,8 @@ spec: {{- $serviceAccountName := "neutron-metadata-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "metadata" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.metadata_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.metadata_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml index bde5b26f5f..b9d5497e4c 100644 --- a/neutron/templates/daemonset-ovs-agent.yaml +++ b/neutron/templates/daemonset-ovs-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_ovs_agent := .Values.pod.mounts.neutron_ovs_agent.neutron_ovs_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_ovs_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_ovs_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: neutron-openvswitch-agent-kernel-modules image: {{ .Values.images.tags.neutron_openvswitch_agent }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -208,8 +207,8 @@ spec: {{- $serviceAccountName := "neutron-ovs-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "ovs_agent" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.ovs_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.ovs_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml index 97459a882c..3170d21271 100644 --- a/neutron/templates/daemonset-sriov-agent.yaml +++ b/neutron/templates/daemonset-sriov-agent.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_neutron_sriov_agent := .Values.pod.mounts.neutron_sriov_agent.neutron_sriov_agent }} @@ -46,7 +45,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_sriov_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_sriov_agent_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: neutron-sriov-agent-init image: {{ .Values.images.tags.neutron_sriov_agent_init }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -180,8 +179,8 @@ spec: {{- $serviceAccountName := "neutron-sriov-agent" }} {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "sriov_agent" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "neutron.sriov_agent.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "neutron.sriov_agent.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "neutron.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml index bce159946a..8fdbf4a400 100644 --- a/neutron/templates/deployment-server.yaml +++ b/neutron/templates/deployment-server.yaml @@ -24,7 +24,7 @@ limitations under the License. {{- $mounts_neutron_server_init := .Values.pod.mounts.neutron_server.init_container }} {{- $serviceAccountName := "neutron-server" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -48,7 +48,7 @@ spec: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.server.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_neutron_server_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_neutron_server_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: neutron-server image: {{ .Values.images.tags.neutron_server }} diff --git a/neutron/templates/job-image-repo-sync.yaml b/neutron/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..1cbb3952da --- /dev/null +++ b/neutron/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "neutron" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/neutron/templates/pod-rally-test.yaml b/neutron/templates/pod-rally-test.yaml index 3900427a42..2412cb8b62 100644 --- a/neutron/templates/pod-rally-test.yaml +++ b/neutron/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.neutron_tests.neutron_tests }} {{- $mounts_tests_init := .Values.pod.mounts.neutron_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: restartPolicy: Never serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/neutron/values.yaml b/neutron/values.yaml index 48d536a5c1..7e32d51d5a 100644 --- a/neutron/values.yaml +++ b/neutron/values.yaml @@ -39,7 +39,13 @@ images: neutron_sriov_agent: docker.io/openstackhelm/neutron:newton-sriov-1804 neutron_sriov_agent_init: docker.io/openstackhelm/neutron:newton-sriov-1804 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: agent: @@ -131,6 +137,13 @@ bootstrap: dependencies: dynamic: + common: + local_image_registry: + jobs: + - neutron-image-repo-sync + services: + - endpoint: node + service: local_image_registry targeted: openvswitch: dhcp: @@ -312,6 +325,10 @@ dependencies: service: network - endpoint: internal service: compute + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry pod: user: @@ -509,6 +526,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" conf: rally_tests: @@ -1487,6 +1511,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 oslo_db: auth: admin: @@ -1648,6 +1684,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index 13e077ebfe..5cb0f215da 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: nova-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/nova/templates/cron-job-cell-setup.yaml b/nova/templates/cron-job-cell-setup.yaml index 02b2d99eeb..5f750c8511 100644 --- a/nova/templates/cron-job-cell-setup.yaml +++ b/nova/templates/cron-job-cell-setup.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.cron_job_cell_setup }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cell_setup }} {{- $serviceAccountName := "nova-cell-setup-cron" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cell_setup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1beta1 kind: CronJob @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "cell_setup" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} containers: - name: nova-cell-setup image: {{ .Values.images.tags.nova_cell_setup }} diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index e9cd7d7f79..c878093874 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -18,8 +18,7 @@ limitations under the License. {{- $daemonset := index . 0 }} {{- $configMapName := index . 1 }} {{- $serviceAccountName := index . 2 }} -{{- $dependencies := index . 3 }} -{{- $envAll := index . 4 }} +{{- $envAll := index . 3 }} {{- with $envAll }} {{- $mounts_nova_compute := .Values.pod.mounts.nova_compute.nova_compute }} @@ -46,7 +45,7 @@ spec: hostPID: true dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_nova_compute_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "pod_dependency" $mounts_nova_compute_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: nova-compute-init image: {{ .Values.images.tags.nova_compute }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -332,8 +331,8 @@ spec: {{- $dependencyOpts := dict "envAll" $envAll "dependencyMixinParam" $envAll.Values.network.backend "dependencyKey" "compute" -}} {{- $dependencies := include "helm-toolkit.utils.dependency_resolver" $dependencyOpts | toString | fromYaml }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} -{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName $dependencies . | include "nova.compute.daemonset" | toString | fromYaml }} +{{ tuple $envAll "pod_dependency" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{- $daemonset_yaml := list $daemonset $configMapName $serviceAccountName . | include "nova.compute.daemonset" | toString | fromYaml }} {{- $configmap_yaml := "nova.configmap.etc" }} {{- list $daemonset $daemonset_yaml $configmap_yaml $configMapName . | include "helm-toolkit.utils.daemonset_overrides" }} {{- end }} diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml index 1366b8d650..67ddecfd92 100644 --- a/nova/templates/deployment-api-metadata.yaml +++ b/nova/templates/deployment-api-metadata.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api_metadata }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_nova_api_metadata := .Values.pod.mounts.nova_api_metadata.nova_api_metadata }} {{- $mounts_nova_api_metadata_init := .Values.pod.mounts.nova_api_metadata.init_container }} {{- $serviceAccountName := "nova-api-metadata" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api_metadata.node_selector_key }}: {{ .Values.labels.api_metadata.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.metadata.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_api_metadata_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_nova_api_metadata_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: nova-api-metadata-init image: {{ .Values.images.tags.nova_api }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml index c818162371..67d39deac8 100644 --- a/nova/templates/deployment-api-osapi.yaml +++ b/nova/templates/deployment-api-osapi.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api_osapi }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_nova_api_osapi := .Values.pod.mounts.nova_api_osapi.nova_api_osapi }} {{- $mounts_nova_api_osapi_init := .Values.pod.mounts.nova_api_osapi.init_container }} {{- $serviceAccountName := "nova-api-osapi" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.osapi.node_selector_key }}: {{ .Values.labels.osapi.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.osapi.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_api_osapi_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_nova_api_osapi_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-osapi image: {{ .Values.images.tags.nova_api }} diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml index f4e6e228c8..6dffed1685 100644 --- a/nova/templates/deployment-conductor.yaml +++ b/nova/templates/deployment-conductor.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_conductor }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.conductor }} {{- $mounts_nova_conductor := .Values.pod.mounts.nova_conductor.nova_conductor }} {{- $mounts_nova_conductor_init := .Values.pod.mounts.nova_conductor.init_container }} {{- $serviceAccountName := "nova-conductor" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.conductor.node_selector_key }}: {{ .Values.labels.conductor.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "conductor" $mounts_nova_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-conductor image: {{ .Values.images.tags.nova_conductor }} diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml index 651ebcc407..9bbc31daca 100644 --- a/nova/templates/deployment-consoleauth.yaml +++ b/nova/templates/deployment-consoleauth.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_consoleauth }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.consoleauth }} {{- $mounts_nova_consoleauth := .Values.pod.mounts.nova_consoleauth.nova_conductor }} {{- $mounts_nova_consoleauth_init := .Values.pod.mounts.nova_consoleauth.init_container }} {{- $serviceAccountName := "nova-consoleauth" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "consoleauth" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.consoleauth.node_selector_key }}: {{ .Values.labels.consoleauth.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_consoleauth_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "consoleauth" $mounts_nova_consoleauth_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-consoleauth image: {{ .Values.images.tags.nova_consoleauth }} diff --git a/nova/templates/deployment-novncproxy.yaml b/nova/templates/deployment-novncproxy.yaml index e66284fbd8..f11c2ae219 100644 --- a/nova/templates/deployment-novncproxy.yaml +++ b/nova/templates/deployment-novncproxy.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if and .Values.manifests.deployment_novncproxy ( eq .Values.console.console_kind "novnc" )}} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.novncproxy }} {{- $mounts_nova_novncproxy := .Values.pod.mounts.nova_novncproxy.nova_novncproxy }} {{- $mounts_nova_novncproxy_init := .Values.pod.mounts.nova_novncproxy.init_novncproxy }} {{- $serviceAccountName := "nova-novncproxy" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "novncproxy" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -47,7 +46,7 @@ spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_nova_novncproxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "novncproxy" $mounts_nova_novncproxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: nova-novncproxy-init image: {{ .Values.images.tags.nova_novncproxy }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/nova/templates/deployment-placement.yaml b/nova/templates/deployment-placement.yaml index b0ab03a731..3c2c9e7f80 100644 --- a/nova/templates/deployment-placement.yaml +++ b/nova/templates/deployment-placement.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_placement }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_nova_placement := .Values.pod.mounts.nova_placement.nova_placement }} {{- $mounts_nova_placement_init := .Values.pod.mounts.nova_placement.init_container }} {{- $serviceAccountName := "nova-placement-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.placement.node_selector_key }}: {{ .Values.labels.placement.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.placement.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_placement_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_nova_placement_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-placement-api image: {{ .Values.images.tags.nova_placement }} diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml index 01eaefa89c..deab124be8 100644 --- a/nova/templates/deployment-scheduler.yaml +++ b/nova/templates/deployment-scheduler.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_scheduler }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.scheduler }} {{- $mounts_nova_scheduler := .Values.pod.mounts.nova_scheduler.nova_conductor }} {{- $mounts_nova_scheduler_init := .Values.pod.mounts.nova_scheduler.init_container }} {{- $serviceAccountName := "nova-scheduler" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "scheduler" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -45,7 +44,7 @@ spec: nodeSelector: {{ .Values.labels.scheduler.node_selector_key }}: {{ .Values.labels.scheduler.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_nova_scheduler_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "scheduler" $mounts_nova_scheduler_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-scheduler image: {{ .Values.images.tags.nova_scheduler }} diff --git a/nova/templates/deployment-spiceproxy.yaml b/nova/templates/deployment-spiceproxy.yaml index cd29732761..027ccb2d84 100644 --- a/nova/templates/deployment-spiceproxy.yaml +++ b/nova/templates/deployment-spiceproxy.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if and .Values.manifests.deployment_spiceproxy ( eq .Values.console.console_kind "spice" )}} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.spiceproxy }} {{- $mounts_nova_spiceproxy := .Values.pod.mounts.nova_spiceproxy.nova_spiceproxy }} {{- $mounts_nova_spiceproxy_init := .Values.pod.mounts.nova_spiceproxy.init_spiceproxy }} {{- $serviceAccountName := "nova-spiceproxy" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "spiceproxy" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -47,7 +46,7 @@ spec: hostNetwork: true dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_nova_spiceproxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "spiceproxy" $mounts_nova_spiceproxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: nova-spiceproxy-init image: {{ .Values.images.tags.nova_spiceproxy }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/nova/templates/job-cell-setup.yaml b/nova/templates/job-cell-setup.yaml index 5222ea08ed..0fa9def355 100644 --- a/nova/templates/job-cell-setup.yaml +++ b/nova/templates/job-cell-setup.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_cell_setup }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.cell_setup }} {{- $serviceAccountName := "nova-cell-setup" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "cell_setup" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "cell_setup" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: nova-cell-setup-init image: {{ .Values.images.tags.nova_cell_setup_init }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/nova/templates/job-image-repo-sync.yaml b/nova/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..205e8353c9 --- /dev/null +++ b/nova/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "nova" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/nova/templates/job-ks-placement-endpoints.yaml b/nova/templates/job-ks-placement-endpoints.yaml index fbe2988457..99e51a4305 100644 --- a/nova/templates/job-ks-placement-endpoints.yaml +++ b/nova/templates/job-ks-placement-endpoints.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_placement_endpoints }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_endpoints }} {{- $serviceAccountName := "placement-ks-endpoints" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := tuple "placement" }} {{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }} diff --git a/nova/templates/job-ks-placement-service.yaml b/nova/templates/job-ks-placement-service.yaml index f3b8eed409..7f757d3f90 100644 --- a/nova/templates/job-ks-placement-service.yaml +++ b/nova/templates/job-ks-placement-service.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_placement_service }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_service }} {{- $serviceAccountName := "placement-ks-service" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_service" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := tuple "placement" }} - name: {{ $osServiceType }}-ks-service-registration diff --git a/nova/templates/job-ks-placement-user.yaml b/nova/templates/job-ks-placement-user.yaml index ac564d3b19..4aaccd34b1 100644 --- a/nova/templates/job-ks-placement-user.yaml +++ b/nova/templates/job-ks-placement-user.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_placement_user }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_user }} {{- $serviceAccountName := "placement-ks-user" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_user" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_user" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: placement-ks-user image: {{ .Values.images.tags.ks_user }} diff --git a/nova/templates/pod-rally-test.yaml b/nova/templates/pod-rally-test.yaml index e70b59dfef..a4844e9a94 100644 --- a/nova/templates/pod-rally-test.yaml +++ b/nova/templates/pod-rally-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_rally_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_tests := .Values.pod.mounts.nova_tests.nova_tests }} {{- $mounts_tests_init := .Values.pod.mounts.nova_tests.init_container }} {{- $serviceAccountName := print $envAll.Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: restartPolicy: Never serviceAccountName: {{ $serviceAccountName }} initContainers: -{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} +{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }} - name: {{ .Release.Name }}-test-ks-user image: {{ .Values.images.tags.ks_user }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/nova/templates/statefulset-compute-ironic.yaml b/nova/templates/statefulset-compute-ironic.yaml index cd92ad7ebb..721d89d338 100644 --- a/nova/templates/statefulset-compute-ironic.yaml +++ b/nova/templates/statefulset-compute-ironic.yaml @@ -16,12 +16,12 @@ limitations under the License. {{- if .Values.manifests.statefulset_compute_ironic }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.compute_ironic }} + {{- $mounts_nova_compute_ironic := .Values.pod.mounts.nova_compute_ironic.nova_compute_ironic }} {{- $mounts_nova_compute_ironic_init := .Values.pod.mounts.nova_compute_ironic.init_container }} {{- $serviceAccountName := "nova-compute-ironic" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "compute_ironic" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -49,7 +49,7 @@ spec: hostPID: true dnsPolicy: ClusterFirstWithHostNet initContainers: -{{ tuple $envAll $dependencies $mounts_nova_compute_ironic_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "compute_ironic" $mounts_nova_compute_ironic_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: nova-compute-ironic image: {{ .Values.images.tags.nova_compute_ironic }} diff --git a/nova/values.yaml b/nova/values.yaml index 1adc280caf..3fbfe17ff1 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -85,6 +85,12 @@ images: nova_spiceproxy: docker.io/openstackhelm/nova:newton nova_spiceproxy_assets: 'docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:3.0.3' test: 'docker.io/kolla/ubuntu-source-rally:4.0.0' + image_repo_sync: docker.io/docker:17.07.0 + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync jobs: # NOTE(portdirect): When using cells new nodes will be added to the cell on the hour by default. @@ -198,6 +204,13 @@ network: dependencies: dynamic: + common: + local_image_registry: + jobs: + - nova-image-repo-sync + services: + - endpoint: node + service: local_image_registry targeted: openvswitch: compute: @@ -378,6 +391,10 @@ dependencies: service: compute - endpoint: internal service: network + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry console: # serial | spice | novnc | none @@ -1112,6 +1129,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 oslo_db: auth: admin: @@ -1625,6 +1654,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -1648,6 +1684,7 @@ manifests: job_db_init_placement: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_rabbit_init: true job_ks_endpoints: true job_ks_service: true diff --git a/openvswitch/templates/configmap-bin.yaml b/openvswitch/templates/configmap-bin.yaml index 19bdfa8902..74eb59b222 100644 --- a/openvswitch/templates/configmap-bin.yaml +++ b/openvswitch/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: openvswitch-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} openvswitch-db-server.sh: | {{ tuple "bin/_openvswitch-db-server.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} openvswitch-vswitchd.sh: | diff --git a/openvswitch/templates/daemonset-ovs-db.yaml b/openvswitch/templates/daemonset-ovs-db.yaml index a9e33917ce..2d87363a00 100644 --- a/openvswitch/templates/daemonset-ovs-db.yaml +++ b/openvswitch/templates/daemonset-ovs-db.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.daemonset_ovs_db }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.db }} {{- $serviceAccountName := "openvswitch-db" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -40,7 +39,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: openvswitch-db image: {{ .Values.images.tags.openvswitch_db_server }} diff --git a/openvswitch/templates/daemonset-ovs-vswitchd.yaml b/openvswitch/templates/daemonset-ovs-vswitchd.yaml index 1654da40c0..e4030a2d21 100644 --- a/openvswitch/templates/daemonset-ovs-vswitchd.yaml +++ b/openvswitch/templates/daemonset-ovs-vswitchd.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.daemonset_ovs_vswitchd }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.vswitchd }} {{- $serviceAccountName := "openvswitch-vswitchd" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "vswitchd" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: DaemonSet @@ -40,7 +39,7 @@ spec: dnsPolicy: ClusterFirstWithHostNet hostNetwork: true initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "vswitchd" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: openvswitch-vswitchd-modules image: {{ .Values.images.tags.openvswitch_vswitchd }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/openvswitch/templates/job-image-repo-sync.yaml b/openvswitch/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..737c48d89d --- /dev/null +++ b/openvswitch/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "openvswitch" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/openvswitch/values.yaml b/openvswitch/values.yaml index edab109147..111f5f1005 100644 --- a/openvswitch/values.yaml +++ b/openvswitch/values.yaml @@ -24,7 +24,13 @@ images: openvswitch_db_server: docker.io/openstackhelm/openvswitch:v2.8.1 openvswitch_vswitchd: docker.io/openstackhelm/openvswitch:v2.8.1 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync labels: ovs: @@ -79,13 +85,49 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" + +endpoints: + cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 dependencies: + dynamic: + common: + local_image_registry: + jobs: + - openvswitch-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: db: null vswitchd: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry manifests: configmap_bin: true daemonset_ovs_db: true daemonset_ovs_vswitchd: true + job_image_repo_sync: true diff --git a/postgresql/templates/configmap-bin.yaml b/postgresql/templates/configmap-bin.yaml index 2501678a7b..76fcc74a10 100644 --- a/postgresql/templates/configmap-bin.yaml +++ b/postgresql/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: postgresql-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} start.sh: | {{ tuple "bin/_start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} readiness.sh: | diff --git a/postgresql/templates/job-image-repo-sync.yaml b/postgresql/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..2a4780b8f6 --- /dev/null +++ b/postgresql/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "postgresql" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/postgresql/templates/statefulset.yaml b/postgresql/templates/statefulset.yaml index e29f6822d1..ebc43ddbb1 100644 --- a/postgresql/templates/statefulset.yaml +++ b/postgresql/templates/statefulset.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.statefulset }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.postgresql }} {{- $serviceAccountName := "postgresql" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "postgresql" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: StatefulSet @@ -39,7 +38,7 @@ spec: nodeSelector: {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "postgresql" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: postgresql image: {{ .Values.images.tags.postgresql }} diff --git a/postgresql/values.yaml b/postgresql/values.yaml index 0551111723..d7b8c85edb 100644 --- a/postgresql/values.yaml +++ b/postgresql/values.yaml @@ -37,13 +37,27 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + jobs: + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" # using dockerhub postgresql: https://hub.docker.com/r/library/postgres/tags/ images: tags: postgresql: "docker.io/postgres:9.5" dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - pull_policy: IfNotPresent + image_repo_sync: docker.io/docker:17.07.0 + pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync storage: pvc: @@ -63,9 +77,21 @@ labels: node_selector_value: enabled dependencies: + dynamic: + common: + local_image_registry: + jobs: + - postgresql-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: postgresql: jobs: null + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry secrets: postgresql: @@ -73,6 +99,18 @@ secrets: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 postgresql: auth: admin: @@ -90,6 +128,7 @@ endpoints: manifests: configmap_bin: true + job_image_repo_sync: true secret_admin: true service: true statefulset: true diff --git a/rabbitmq/templates/configmap-bin.yaml b/rabbitmq/templates/configmap-bin.yaml index 743e3077ce..d2cd023d1f 100644 --- a/rabbitmq/templates/configmap-bin.yaml +++ b/rabbitmq/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }} data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} rabbitmq-test.sh: | {{ tuple "bin/_rabbitmq-test.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} rabbitmq-liveness.sh: | diff --git a/rabbitmq/templates/job-image-repo-sync.yaml b/rabbitmq/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..5fb10bcb92 --- /dev/null +++ b/rabbitmq/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "rabbitmq" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml b/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml index 6cb2e27ba9..6de9b5a4fc 100644 --- a/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml +++ b/rabbitmq/templates/monitoring/prometheus/exporter-deployment.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if and .Values.manifests.monitoring.prometheus.deployment_exporter .Values.monitoring.prometheus.enabled }} {{- $envAll := . }} -{{- $dependencies := $envAll.Values.dependencies.static.prometheus_rabbitmq_exporter }} {{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "rabbitmq-exporter" }} -{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "prometheus_rabbitmq_exporter" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: extensions/v1beta1 kind: Deployment @@ -39,7 +38,7 @@ spec: {{ $envAll.Values.labels.prometheus_rabbitmq_exporter.node_selector_key }}: {{ $envAll.Values.labels.prometheus_rabbitmq_exporter.node_selector_value }} terminationGracePeriodSeconds: {{ $envAll.Values.pod.lifecycle.termination_grace_period.prometheus_rabbitmq_exporter.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "prometheus_rabbitmq_exporter" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: rabbitmq-exporter image: {{ $envAll.Values.images.tags.prometheus_rabbitmq_exporter }} diff --git a/rabbitmq/templates/pod-test.yaml b/rabbitmq/templates/pod-test.yaml index b47678ba85..0b5166e689 100644 --- a/rabbitmq/templates/pod-test.yaml +++ b/rabbitmq/templates/pod-test.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.pod_test }} {{- $envAll := . }} -{{- $dependencies := $envAll.Values.dependencies.static.tests }} {{- $serviceAccountName := print .Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -33,7 +32,7 @@ spec: {{ $envAll.Values.labels.test.node_selector_key }}: {{ $envAll.Values.labels.test.node_selector_value }} restartPolicy: Never initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: {{.Release.Name}}-rabbitmq-test image: {{ $envAll.Values.images.tags.scripted_test }} diff --git a/rabbitmq/templates/statefulset.yaml b/rabbitmq/templates/statefulset.yaml index e2935e9a70..fba7f1aaad 100644 --- a/rabbitmq/templates/statefulset.yaml +++ b/rabbitmq/templates/statefulset.yaml @@ -21,10 +21,8 @@ limitations under the License. {{- $_ := set $envAll.Values.endpoints.oslo_messaging.hosts "discovery" ( printf "%s-%s-%s" $service_discovery_name "dsv" ( $service_discovery_name | sha256sum | trunc 6 )) }} {{- end }} -{{- $dependencies := $envAll.Values.dependencies.static.rabbitmq }} - {{- $rcControllerName := printf "%s-%s" $envAll.Release.Name "rabbitmq" }} -{{ tuple $envAll $dependencies $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "rabbitmq" $rcControllerName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding @@ -79,7 +77,7 @@ spec: nodeSelector: {{ $envAll.Values.labels.server.node_selector_key }}: {{ $envAll.Values.labels.server.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "rabbitmq" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- if $envAll.Values.volume.chown_on_start }} - name: rabbitmq-perms image: {{ $envAll.Values.images.tags.rabbitmq }} diff --git a/rabbitmq/values.yaml b/rabbitmq/values.yaml index 50c2183ce3..a8b03ecc81 100644 --- a/rabbitmq/values.yaml +++ b/rabbitmq/values.yaml @@ -35,7 +35,13 @@ images: rabbitmq: docker.io/rabbitmq:3.7.4 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 scripted_test: docker.io/rabbitmq:3.7.4-management + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync pod: affinity: @@ -85,6 +91,13 @@ pod: requests: memory: "128Mi" cpu: "100m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" conf: enabled_plugins: @@ -112,6 +125,14 @@ conf: loopback_users.guest: "false" dependencies: + dynamic: + common: + local_image_registry: + jobs: + - rabbitmq-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: prometheus_rabbitmq_exporter: services: @@ -129,6 +150,10 @@ dependencies: services: - endpoint: internal service: oslo_messaging + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry monitoring: prometheus: @@ -153,6 +178,18 @@ network: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 monitoring: name: prometheus namespace: null @@ -223,6 +260,7 @@ manifests: configmap_bin: true configmap_etc: true ingress_management: true + job_image_repo_sync: true pod_test: true monitoring: prometheus: diff --git a/rally/templates/configmap-bin.yaml b/rally/templates/configmap-bin.yaml index 9b1ed363ad..ec769ecfad 100644 --- a/rally/templates/configmap-bin.yaml +++ b/rally/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: rally-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/rally/templates/job-bootstrap.yaml b/rally/templates/job-bootstrap.yaml index 0310eb388d..4de40bb52c 100644 --- a/rally/templates/job-bootstrap.yaml +++ b/rally/templates/job-bootstrap.yaml @@ -17,13 +17,12 @@ limitations under the License. {{- if .Values.manifests.job_bootstrap }} {{- $envAll := . }} {{- if .Values.bootstrap.enabled }} -{{- $dependencies := .Values.dependencies.static.bootstrap }} {{- $mounts_rally_bootstrap := .Values.pod.mounts.rally_bootstrap.rally_bootstrap }} {{- $mounts_rally_bootstrap_init := .Values.pod.mounts.rally_bootstrap.init_container }} {{- $serviceAccountName := "rally-bootstrap" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "bootstrap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -40,7 +39,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_rally_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "bootstrap" $mounts_rally_bootstrap_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: rally-bootstrap image: {{ .Values.images.tags.bootstrap }} diff --git a/rally/templates/job-image-repo-sync.yaml b/rally/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..bad499e4ac --- /dev/null +++ b/rally/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "rally" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/rally/templates/job-ks-endpoints.yaml b/rally/templates/job-ks-endpoints.yaml index 9f6fe84522..2fdc64b757 100644 --- a/rally/templates/job-ks-endpoints.yaml +++ b/rally/templates/job-ks-endpoints.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_endpoints }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_endpoints }} {{- $serviceAccountName := "rally-ks-endpoints" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_endpoints" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_endpoints" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := tuple "benchmark" }} {{- range $key2, $osServiceEndPoint := tuple "admin" "internal" "public" }} diff --git a/rally/templates/job-ks-service.yaml b/rally/templates/job-ks-service.yaml index b9f6fc9ecc..0116174060 100644 --- a/rally/templates/job-ks-service.yaml +++ b/rally/templates/job-ks-service.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_ks_service }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.ks_service }} {{- $serviceAccountName := "rally-ks-service" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "ks_service" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "ks_service" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: {{- range $key1, $osServiceType := tuple "benchmark" }} - name: {{ $osServiceType }}-ks-service-registration diff --git a/rally/templates/job-manage-db.yaml b/rally/templates/job-manage-db.yaml index 2df177e448..5c3e3ec156 100644 --- a/rally/templates/job-manage-db.yaml +++ b/rally/templates/job-manage-db.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_manage_db }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.manage_db }} {{- $serviceAccountName := "rally-manage-db" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "manage_db" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "manage_db" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: rally-manage-db image: {{ .Values.images.tags.manage_db }} diff --git a/rally/templates/job-run-task.yaml b/rally/templates/job-run-task.yaml index 6394ab973a..dc6cf0ed03 100644 --- a/rally/templates/job-run-task.yaml +++ b/rally/templates/job-run-task.yaml @@ -16,10 +16,9 @@ limitations under the License. {{- if .Values.manifests.job_run_task }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.run_task }} {{- $serviceAccountName := "rally-run-task" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "run_task" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -36,7 +35,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "run_task" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: rally-run-task-init image: {{ .Values.images.tags.run_task }} imagePullPolicy: {{ .Values.images.pull_policy }} diff --git a/rally/values.yaml b/rally/values.yaml index 2cb50ac734..5520423b4e 100644 --- a/rally/values.yaml +++ b/rally/values.yaml @@ -30,7 +30,13 @@ images: ks_service: docker.io/openstackhelm/heat:newton ks_endpoints: docker.io/openstackhelm/heat:newton api: docker.io/kolla/ubuntu-source-rally:3.0.3 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync enabled_tasks: # - ceilometer -NOTE(alraddarla): not enabled @@ -123,6 +129,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" network: rally: @@ -139,6 +152,14 @@ bootstrap: openstack token issue dependencies: + dynamic: + common: + local_image_registry: + jobs: + - rally-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: db_init: services: @@ -176,6 +197,10 @@ dependencies: service: oslo_db - endpoint: internal service: identity + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks secrets: @@ -188,6 +213,18 @@ secrets: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -12864,6 +12901,7 @@ manifests: ingress_api: true job_bootstrap: true job_db_init: true + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/senlin/templates/configmap-bin.yaml b/senlin/templates/configmap-bin.yaml index 6a75f40276..4b54a962e9 100644 --- a/senlin/templates/configmap-bin.yaml +++ b/senlin/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: senlin-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} {{- if .Values.bootstrap.enabled }} bootstrap.sh: | {{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} diff --git a/senlin/templates/cron-job-engine-cleaner.yaml b/senlin/templates/cron-job-engine-cleaner.yaml index 3cb7c58d24..15b560d39f 100644 --- a/senlin/templates/cron-job-engine-cleaner.yaml +++ b/senlin/templates/cron-job-engine-cleaner.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.cron_job_engine_cleaner }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.engine_cleaner }} {{- $mounts_senlin_engine_cleaner := .Values.pod.mounts.senlin_engine_cleaner.senlin_engine_cleaner }} {{- $mounts_senlin_engine_cleaner_init := .Values.pod.mounts.senlin_engine_cleaner.init_container }} {{- $serviceAccountName := "senlin-engine-cleaner" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "engine_cleaner" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1beta1 kind: CronJob @@ -48,7 +47,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_senlin_engine_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} +{{ tuple $envAll "engine_cleaner" $mounts_senlin_engine_cleaner_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }} containers: - name: senlin-engine-cleaner image: {{ .Values.images.tags.senlin_engine_cleaner }} diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml index 021e4f9970..bcb8d07e15 100644 --- a/senlin/templates/deployment-api.yaml +++ b/senlin/templates/deployment-api.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_api }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.api }} {{- $mounts_senlin_api := .Values.pod.mounts.senlin_api.senlin_api }} {{- $mounts_senlin_api_init := .Values.pod.mounts.senlin_api.init_container }} {{- $serviceAccountName := "senlin-api" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -46,7 +45,7 @@ spec: {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }} terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.api.timeout | default "30" }} initContainers: -{{ tuple $envAll $dependencies $mounts_senlin_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "api" $mounts_senlin_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: senlin-api image: {{ .Values.images.tags.senlin_api }} diff --git a/senlin/templates/deployment-engine.yaml b/senlin/templates/deployment-engine.yaml index fd968b1eba..c4f3674bc6 100644 --- a/senlin/templates/deployment-engine.yaml +++ b/senlin/templates/deployment-engine.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.deployment_engine }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.engine }} {{- $mounts_senlin_engine := .Values.pod.mounts.senlin_engine.senlin_engine }} {{- $mounts_senlin_engine_init := .Values.pod.mounts.senlin_engine.init_container }} {{- $serviceAccountName := "senlin-engine" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "engine" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: apps/v1beta1 kind: Deployment @@ -44,7 +43,7 @@ spec: nodeSelector: {{ .Values.labels.engine.node_selector_key }}: {{ .Values.labels.engine.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies $mounts_senlin_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "engine" $mounts_senlin_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: senlin-engine image: {{ .Values.images.tags.senlin_engine }} diff --git a/senlin/templates/job-image-repo-sync.yaml b/senlin/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..d7a28c713f --- /dev/null +++ b/senlin/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "senlin" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/senlin/templates/pod-test.yaml b/senlin/templates/pod-test.yaml index ac6779ef95..73a5e63d8c 100644 --- a/senlin/templates/pod-test.yaml +++ b/senlin/templates/pod-test.yaml @@ -16,13 +16,12 @@ limitations under the License. {{- if .Values.manifests.pod_test }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.tests }} {{- $mounts_senlin_tests := .Values.pod.mounts.senlin_tests.senlin_tests }} {{- $mounts_senlin_tests_init := .Values.pod.mounts.senlin_tests.init_container }} {{- $serviceAccountName := print .Release.Name "-test" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: v1 kind: Pod @@ -36,7 +35,7 @@ spec: {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }} restartPolicy: Never initContainers: -{{ tuple $envAll $dependencies $mounts_senlin_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "tests" $mounts_senlin_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} containers: - name: {{.Release.Name}}-senlin-test image: {{ .Values.images.tags.scripted_test }} diff --git a/senlin/values.yaml b/senlin/values.yaml index 8956beed33..a91d5427ef 100644 --- a/senlin/values.yaml +++ b/senlin/values.yaml @@ -48,7 +48,13 @@ images: senlin_engine: docker.io/openstackhelm/senlin:newton senlin_engine_cleaner: docker.io/openstackhelm/senlin:newton dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync jobs: engine_cleaner: @@ -194,6 +200,14 @@ bootstrap: openstack token issue dependencies: + dynamic: + common: + local_image_registry: + jobs: + - senlin-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: engine_cleaner: jobs: @@ -267,6 +281,10 @@ dependencies: service: identity - endpoint: internal service: clustering + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry # Names of secrets used by bootstrap and environmental checks @@ -286,6 +304,18 @@ secrets: # required by this chart endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -523,6 +553,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" manifests: configmap_bin: true @@ -535,6 +572,7 @@ manifests: job_db_init: true job_db_sync: true job_db_drop: false + job_image_repo_sync: true job_ks_endpoints: true job_ks_service: true job_ks_user: true diff --git a/tempest/templates/configmap-bin.yaml b/tempest/templates/configmap-bin.yaml index bb40516840..5139db3bf9 100644 --- a/tempest/templates/configmap-bin.yaml +++ b/tempest/templates/configmap-bin.yaml @@ -22,6 +22,10 @@ kind: ConfigMap metadata: name: tempest-bin data: +{{- if .Values.images.local_registry.active }} + image-repo-sync.sh: | +{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} +{{- end }} ks-user.sh: | {{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }} run-tests.sh: | diff --git a/tempest/templates/job-image-repo-sync.yaml b/tempest/templates/job-image-repo-sync.yaml new file mode 100644 index 0000000000..4787594b0b --- /dev/null +++ b/tempest/templates/job-image-repo-sync.yaml @@ -0,0 +1,20 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} +{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "tempest" -}} +{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} +{{- end }} diff --git a/tempest/templates/job-run-tests.yaml b/tempest/templates/job-run-tests.yaml index c6e94c3814..4d1d8929d4 100644 --- a/tempest/templates/job-run-tests.yaml +++ b/tempest/templates/job-run-tests.yaml @@ -17,10 +17,9 @@ limitations under the License. {{- if .Values.manifests.job_run_tests }} {{- $envAll := . }} -{{- $dependencies := .Values.dependencies.static.run_tests }} {{- $serviceAccountName := "tempest-run-tests" }} -{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +{{ tuple $envAll "run_tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} --- apiVersion: batch/v1 kind: Job @@ -37,7 +36,7 @@ spec: nodeSelector: {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }} initContainers: -{{ tuple $envAll $dependencies list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} +{{ tuple $envAll "run_tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - name: tempest-run-tests-init image: {{ .Values.images.tags.tempest_run_tests }} imagePullPolicy: {{ .Values.images.tags.pull_policy }} diff --git a/tempest/values.yaml b/tempest/values.yaml index 3845ced63f..1d682944e6 100644 --- a/tempest/values.yaml +++ b/tempest/values.yaml @@ -22,7 +22,13 @@ images: dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 tempest_run_tests: docker.io/kolla/ubuntu-source-tempest:3.0.3 ks_user: docker.io/openstackhelm/heat:newton + image_repo_sync: docker.io/docker:17.07.0 pull_policy: "IfNotPresent" + local_registry: + active: false + exclude: + - dep_check + - image_repo_sync pod: user: @@ -45,8 +51,23 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + image_repo_sync: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" dependencies: + dynamic: + common: + local_image_registry: + jobs: + - tempest-image-repo-sync + services: + - endpoint: node + service: local_image_registry static: ks_user: services: @@ -58,6 +79,10 @@ dependencies: services: - service: identity endpoint: internal + image_repo_sync: + services: + - endpoint: internal + service: local_image_registry conf: script: | @@ -183,6 +208,18 @@ secrets: endpoints: cluster_domain_suffix: cluster.local + local_image_registry: + name: docker-registry + namespace: docker-registry + hosts: + default: localhost + internal: docker-registry + node: localhost + host_fqdn_override: + default: null + port: + registry: + node: 5000 identity: name: keystone auth: @@ -219,6 +256,7 @@ endpoints: manifests: configmap_bin: true configmap_etc: true + job_image_repo_sync: true job_ks_user: true job_run_tests: true secret_keystone: true