From a7a09e6de5aefbebacc9b8a6ffaf3b6f2127e824 Mon Sep 17 00:00:00 2001 From: portdirect Date: Mon, 29 Jan 2018 23:20:06 -0500 Subject: [PATCH] Nova: Add ironic support This PS adds support for Ironic to the nova chart. Change-Id: I605a0331c049e8e4b3c8d8767f9b2774995d3b91 --- .../templates/bin/_nova-compute-ironic.sh.tpl | 23 +++++ nova/templates/configmap-bin.yaml | 2 + nova/templates/configmap-etc.yaml | 43 ++++++++ .../templates/statefulset-compute-ironic.yaml | 97 +++++++++++++++++++ nova/values.yaml | 63 ++++++++++++ 5 files changed, 228 insertions(+) create mode 100644 nova/templates/bin/_nova-compute-ironic.sh.tpl create mode 100644 nova/templates/statefulset-compute-ironic.yaml diff --git a/nova/templates/bin/_nova-compute-ironic.sh.tpl b/nova/templates/bin/_nova-compute-ironic.sh.tpl new file mode 100644 index 0000000000..8718cd4350 --- /dev/null +++ b/nova/templates/bin/_nova-compute-ironic.sh.tpl @@ -0,0 +1,23 @@ +#!/bin/bash + +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +set -ex + +exec nova-compute \ + --config-file /etc/nova/nova.conf \ + --config-file /etc/nova/nova-ironic.conf diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index cad5437bc9..4a9f4d564e 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -55,6 +55,8 @@ data: {{ tuple "bin/_nova-compute.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} nova-compute-init.sh: | {{ tuple "bin/_nova-compute-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + nova-compute-ironic.sh: | +{{ tuple "bin/_nova-compute-ironic.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} nova-conductor.sh: | {{ tuple "bin/_nova-conductor.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} nova-consoleauth.sh: | diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml index 5301187920..6beebb362f 100644 --- a/nova/templates/configmap-etc.yaml +++ b/nova/templates/configmap-etc.yaml @@ -159,6 +159,47 @@ limitations under the License. {{- end -}} {{- end -}} +{{- if empty .Values.conf.nova.ironic.api_endpoint -}} +{{- tuple "baremetal" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.ironic "api_endpoint" | quote | trunc 0 -}} +{{- end -}} + +{{- if empty .Values.conf.nova.ironic.auth_url -}} +{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.ironic "auth_url" | quote | trunc 0 -}} +{{- end -}} + +{{- if empty .Values.conf.nova.ironic.region_name -}} +{{- set .Values.conf.nova.ironic "region_name" .Values.endpoints.identity.auth.ironic.region_name | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.project_name -}} +{{- set .Values.conf.nova.ironic "project_name" .Values.endpoints.identity.auth.ironic.project_name | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.project_domain_name -}} +{{- set .Values.conf.nova.ironic "project_domain_name" .Values.endpoints.identity.auth.ironic.project_domain_name | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.user_domain_name -}} +{{- set .Values.conf.nova.ironic "user_domain_name" .Values.endpoints.identity.auth.ironic.user_domain_name | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.username -}} +{{- set .Values.conf.nova.ironic "username" .Values.endpoints.identity.auth.ironic.username | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.password -}} +{{- set .Values.conf.nova.ironic "password" .Values.endpoints.identity.auth.ironic.password | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.auth_type -}} +{{- set .Values.conf.nova.ironic "auth_type" .Values.endpoints.identity.auth.ironic.auth_type | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.ironic.auth_version -}} +{{- set .Values.conf.nova.ironic "auth_version" .Values.endpoints.identity.auth.ironic.auth_version | quote | trunc 0 -}} +{{- end -}} + +{{- if empty .Values.conf.nova.ironic.memcache_secret_key -}} +{{- randAlphaNum 64 | set .Values.conf.nova.ironic "memcache_secret_key" | quote | trunc 0 -}} +{{- end -}} + +{{- if empty .Values.conf.nova.ironic.memcache_servers -}} +{{- tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.nova.ironic "memcache_servers" | quote | trunc 0 -}} +{{- end -}} + --- apiVersion: v1 kind: ConfigMap @@ -183,6 +224,8 @@ data: {{- tuple .Values.conf.rootwrap_filters.network "etc/rootwrap.d/_network.filters.tpl" . | include "helm-toolkit.utils.configmap_templater" }} nova.conf: |+ {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova | indent 4 }} + nova-ironic.conf: |+ +{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_ironic | indent 4 }} wsgi-nova-placement.conf: |+ {{- tuple .Values.conf.wsgi_placement "etc/_wsgi-nova-placement.conf.tpl" . | include "helm-toolkit.utils.configmap_templater" }} ssh-config.sh: |+ diff --git a/nova/templates/statefulset-compute-ironic.yaml b/nova/templates/statefulset-compute-ironic.yaml new file mode 100644 index 0000000000..d6357702a8 --- /dev/null +++ b/nova/templates/statefulset-compute-ironic.yaml @@ -0,0 +1,97 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.statefulset_compute_ironic }} +{{- $envAll := . }} +{{- $dependencies := .Values.dependencies.compute_ironic }} +{{- $mounts_nova_compute_ironic := .Values.pod.mounts.nova_compute_ironic.nova_compute_ironic }} +{{- $mounts_nova_compute_ironic_init := .Values.pod.mounts.nova_compute_ironic.init_container }} + +{{- $serviceAccountName := "nova-compute-ironic" }} +{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: nova-compute-ironic +spec: + replicas: {{ .Values.pod.replicas.compute_ironic }} + serviceName: "{{ tuple "baremetal" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}-compute" + template: + metadata: + labels: +{{ tuple $envAll "nova" "compute-ironic" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: + serviceAccountName: {{ $serviceAccountName }} + affinity: +{{ tuple $envAll "nova" "compute-ironic" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} + nodeSelector: + {{ .Values.labels.agent.compute_ironic.node_selector_key }}: {{ .Values.labels.agent.compute_ironic.node_selector_value }} + securityContext: + runAsUser: 0 + hostNetwork: true + hostPID: true + dnsPolicy: ClusterFirstWithHostNet + initContainers: +{{ tuple $envAll $dependencies $mounts_nova_compute_ironic_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + containers: + - name: nova-compute-ironic + image: {{ .Values.images.tags.compute_ironic }} + imagePullPolicy: {{ .Values.images.tags.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.compute_ironic | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + command: + - /tmp/nova-compute-ironic.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/nova-compute-ironic.sh + subPath: nova-compute-ironic.sh + readOnly: true + - name: nova-etc + mountPath: /etc/nova/nova.conf + subPath: nova.conf + readOnly: true + - name: nova-etc + mountPath: /etc/nova/nova-ironic.conf + subPath: nova-ironic.conf + readOnly: true + - name: nova-etc + mountPath: /etc/nova/api-paste.ini + subPath: api-paste.ini + readOnly: true + - name: nova-etc + mountPath: /etc/nova/policy.yaml + subPath: policy.yaml + readOnly: true + - name: varlibironic + mountPath: /var/lib/ironic +{{- if $mounts_nova_compute_ironic.volumeMounts }}{{ toYaml $mounts_nova_compute_ironic.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: nova-bin + configMap: + name: nova-bin + defaultMode: 0555 + - name: nova-etc + configMap: + name: nova-etc + defaultMode: 0444 + - name: varlibironic + hostPath: + path: /var/lib/ironic +{{- if $mounts_nova_compute_ironic.volumes }}{{ toYaml $mounts_nova_compute_ironic.volumes | indent 8 }}{{ end }} +{{- end }} diff --git a/nova/values.yaml b/nova/values.yaml index 07792553b5..8cac1c777c 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -24,6 +24,9 @@ labels: compute: node_selector_key: openstack-compute-node node_selector_value: enabled + compute_ironic: + node_selector_key: openstack-compute-node + node_selector_value: enabled conductor: node_selector_key: openstack-control-plane node_selector_value: enabled @@ -71,6 +74,7 @@ images: consoleauth: docker.io/kolla/ubuntu-source-nova-consoleauth:3.0.3 compute: docker.io/kolla/ubuntu-source-nova-compute:3.0.3 compute_ssh: docker.io/kolla/ubuntu-source-nova-ssh:3.0.3 + compute_ironic: docker.io/kolla/ubuntu-source-nova-compute-ironic:3.0.3 placement: docker.io/kolla/ubuntu-source-nova-placement-api:3.0.3-beta.1 bootstrap: docker.io/kolla/ubuntu-source-heat-engine:3.0.3 dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1 @@ -237,6 +241,20 @@ dependencies: - libvirt # this should be set to corresponding neutron L2 agent - neutron-ovs-agent + compute_ironic: + jobs: + - nova-db-sync + services: + - service: oslo_messaging + endpoint: internal + - service: image + endpoint: internal + - service: compute + endpoint: internal + - service: network + endpoint: internal + - service: baremetal + endpoint: internal consoleauth: jobs: - nova-db-sync @@ -912,6 +930,10 @@ conf: network: override: append: + nova_ironic: + DEFAULT: + scheduler_host_manager: ironic_host_manager + compute_driver: ironic.IronicDriver nova: DEFAULT: default_ephemeral_format: ext4 @@ -956,6 +978,9 @@ conf: num_retries: 3 cinder: catalog_info: volumev2:cinder:internalURL + ironic: + api_endpoint: null + auth_url: null neutron: metadata_proxy_shared_secret: "password" service_metadata_proxy: True @@ -1115,6 +1140,17 @@ endpoints: user_domain_name: default username: neutron password: password + #NOTE(portdirect): the ironic user is not managed by the nova chart + # these values should match those set in the ironic chart. + ironic: + auth_type: password + auth_version: v3 + region_name: RegionOne + project_name: service + project_domain_name: default + user_domain_name: default + username: ironic + password: password placement: role: admin region_name: RegionOne @@ -1248,6 +1284,21 @@ endpoints: api: default: 9696 public: 80 + baremetal: + name: ironic + hosts: + default: ironic-api + public: ironic + host_fqdn_override: + default: null + path: + default: null + scheme: + default: http + port: + api: + default: 6385 + public: 80 pod: user: @@ -1263,6 +1314,9 @@ pod: nova_compute: init_container: null nova_compute: + nova_compute_ironic: + init_container: null + nova_compute_ironic: nova_api_metadata: init_container: null nova_api_metadata: @@ -1295,6 +1349,7 @@ pod: nova_spiceproxy: replicas: api_metadata: 1 + compute_ironic: 1 placement: 1 osapi: 1 conductor: 1 @@ -1339,6 +1394,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + compute_ironic: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" api_metadata: requests: memory: "128Mi" @@ -1510,3 +1572,4 @@ manifests: service_novncproxy: true service_spiceproxy: true service_osapi: true + statefulset_compute_ironic: false