Merge "Emulate external DNS for ingress"

This commit is contained in:
Zuul 2018-09-11 14:23:49 +00:00 committed by Gerrit Code Review
commit 75ff600a20
14 changed files with 162 additions and 13 deletions

View File

@ -239,7 +239,7 @@ data:
type: git
location: https://git.openstack.org/openstack/openstack-helm-infra
subpath: helm-toolkit
reference: b6fc24b9960bc6de29aa70c7d5b7725319046160
reference: 9f6194ff770d3776ae3572bcbe841a9289357244
mariadb:
type: git
location: https://git.openstack.org/openstack/openstack-helm
@ -507,7 +507,9 @@ data:
maas_region: quay.io/airshipit/maas-region-controller:dfb92ce07f87648f3423be11e51425923bc9f8b1
bootstrap: quay.io/airshipit/maas-region-controller:dfb92ce07f87648f3423be11e51425923bc9f8b1
export_api_key: quay.io/airshipit/maas-region-controller:dfb92ce07f87648f3423be11e51425923bc9f8b1
maas_cache: quay.io/attcomdev/sstream-cache@sha256:sha256:90d0dc73785534ef6a3035265275e197a66727beeb9c979f60d3bbf31a6a8864
maas_cache: quay.io/airshipit/sstream-cache:dfb92ce07f87648f3423be11e51425923bc9f8b1
ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
error_pages: gcr.io/google_containers/defaultbackend:1.0
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
keystone:
keystone_bootstrap: docker.io/openstackhelm/heat:ocata

View File

@ -24,4 +24,12 @@ data:
values:
manifests:
secret_ssh_key: true
conf:
cache:
enabled: true
dns:
dns_servers: 172.24.1.9
network:
maas_ingress:
addr: 172.24.1.5/32
...

View File

@ -13,8 +13,17 @@ metadata:
- method: merge
path: .
storagePolicy: cleartext
data: {}
# This document is merged with the globals, and is where you can override
# versions to match a patchset, for example. Anything specified in the global
# versions can be overridden, such as chart or image versions.
data:
charts:
ucp:
maas:
location: https://git.openstack.org/openstack/airship-maas
reference: refs/changes/53/600253/1
images:
ucp:
maas:
maas_region: docker.io/sthussey/maas-region-controller:dev
...

View File

@ -14,6 +14,7 @@ source "$LIB_DIR"/registry.sh
source "$LIB_DIR"/ssh.sh
source "$LIB_DIR"/virsh.sh
source "$LIB_DIR"/airship.sh
source "$LIB_DIR"/ingress.sh
if [[ -v GATE_DEBUG && ${GATE_DEBUG} = "1" ]]; then
set -x

View File

@ -9,6 +9,7 @@ export BASE_IMAGE_URL=${BASE_IMAGE_URL:-https://cloud-images.ubuntu.com/releases
export IMAGE_PROMENADE_CLI=${IMAGE_PROMENADE_CLI:-quay.io/airshipit/promenade:master}
export IMAGE_PEGLEG_CLI=${IMAGE_PEGLEG_CLI:-quay.io/airshipit/pegleg:master}
export IMAGE_SHIPYARD_CLI=${IMAGE_SHIPYARD_CLI:-quay.io/airshipit/shipyard:master}
export IMAGE_COREDNS=${IMAGE_COREDNS:-docker.io/coredns/coredns:1.2.2}
export PROMENADE_DEBUG=${PROMENADE_DEBUG:-0}
export SHIPYARD_PASSWORD=${SHIPYARD_OS_PASSWORD:-password18}
export REGISTRY_DATA_DIR=${REGISTRY_DATA_DIR:-/mnt/registry}
@ -50,6 +51,28 @@ config_vm_bootstrap() {
fi
}
config_vm_userdata() {
nodename=${1}
val=$(jq -cr ".vm.${nodename}.userdata" < "${GATE_MANIFEST}")
if [[ "${val}" != "null" ]]
then
echo "${val}"
fi
}
config_ingress_domain() {
jq -cr '.ingress.domain' < "${GATE_MANIFEST}"
}
config_ingress_ips() {
jq -cr '.ingress | keys | map(select(. != "domain")) | join(" ")' < "${GATE_MANIFEST}"
}
config_ingress_entries() {
IP=$1
jq -cr ".ingress[\"${IP}\"] | join(\" \")" < "${GATE_MANIFEST}"
}
config_pegleg_primary_repo() {
jq -cr ".configuration.primary_repo" < "${GATE_MANIFEST}"
}

View File

@ -0,0 +1,34 @@
DNS_ZONE_FILE="${TEMP_DIR}/ingress.dns"
COREFILE="${TEMP_DIR}/ingress.corefile"
ingress_dns_config() {
ingress_domain=$(config_ingress_domain)
INGRESS_DOMAIN=${ingress_domain} envsubst '${INGRESS_DOMAIN}' < "${TEMPLATE_DIR}/ingress_header.sub" > "${DNS_ZONE_FILE}"
read -a ingress_ip_list <<< $(config_ingress_ips)
for ip in "${ingress_ip_list[@]}"
do
read -a ip_entries <<< $(config_ingress_entries $ip)
for entry in "${ip_entries[@]}"
do
HOSTNAME=${entry} HOSTIP=${ip} envsubst < "${TEMPLATE_DIR}/ingress_entry.sub" >> "${DNS_ZONE_FILE}"
done
done
DNS_DOMAIN=${ingress_domain} ZONE_FILE=$(basename $DNS_ZONE_FILE) envsubst < "${TEMPLATE_DIR}/ingress_corefile.sub" > "${COREFILE}"
}
ingress_dns_start() {
# nodename where DNS should run
nodename=$1
remote_work_dir="/var/tmp/coredns"
remote_zone_file="${remote_work_dir}/$(basename $DNS_ZONE_FILE)"
remote_corefile="${remote_work_dir}/$(basename $COREFILE)"
ssh_cmd "${nodename}" mkdir -p "${remote_work_dir}"
rsync_cmd "$DNS_ZONE_FILE" "${nodename}:${remote_zone_file}"
rsync_cmd "$COREFILE" "${nodename}:${remote_corefile}"
ssh_cmd "${nodename}" docker run -d -v /var/tmp/coredns:/data -w /data --network host -P $IMAGE_COREDNS -conf $(basename $remote_corefile)
}

View File

@ -1,6 +0,0 @@
IdentityFile ${SSH_CONFIG_DIR}/id_rsa
LogLevel QUIET
StrictHostKeyChecking no
User root
UserKnownHostsFile /dev/null

View File

@ -23,6 +23,7 @@ img_base_declare() {
iso_gen() {
NAME=${1}
ADDL_USERDATA="${2}"
if virsh vol-key --pool "${VIRSH_POOL}" --vol "cloud-init-${NAME}.iso" &> /dev/null; then
log Removing existing cloud-init ISO for "${NAME}"
@ -42,6 +43,13 @@ iso_gen() {
export NAME
export SSH_PUBLIC_KEY
envsubst < "${TEMPLATE_DIR}/user-data.sub" > user-data
if [[ ! -z "${ADDL_USERDATA}" ]]
then
echo >> user-data
echo -e "${ADDL_USERDATA}" >> user-data
fi
envsubst < "${TEMPLATE_DIR}/meta-data.sub" > meta-data
envsubst < "${TEMPLATE_DIR}/network-config.sub" > network-config
@ -126,7 +134,7 @@ vm_create() {
wait
if [[ "$(config_vm_bootstrap ${NAME})" == "true" ]]; then
iso_gen "${NAME}"
iso_gen "${NAME}" "$(config_vm_userdata ${NAME})"
wait
log Creating VM "${NAME}" and bootstrapping the boot drive
@ -260,7 +268,7 @@ make_virtmgr_account() {
sudo useradd -m -s /bin/sh -g "${libvirt_group}" virtmgr
else
sudo usermod -g "${libvirt_group}" virtmgr
fi
fi
done
}

View File

@ -31,6 +31,20 @@
"publish": {
"$ref": "#/definitions/publish"
},
"ingress": {
"type": "object",
"properties": {
"domain": {
"type": "string"
},
"additionalProperties": {
"type": "array",
"items": {
"type": "string"
}
},
"required": ["domain"]
},
"stages": {
"type": "array",
"items": {
@ -104,8 +118,7 @@
"required": [
"memory",
"names",
"vcpus",
"non_genesis"
"vcpus"
],
"additionalProperties": false
}

View File

@ -4,6 +4,13 @@
"primary_repo": "deployment_files",
"aux_repos": []
},
"ingress": {
"domain": "gate.local",
"172.24.1.5": [
"maas",
"drydock"
]
},
"stages": [
{
"name": "Gate Setup",
@ -29,6 +36,11 @@
"name": "Create VMs",
"script": "create-vms.sh"
},
{
"name": "Register Ingress",
"script": "ingress-dns.sh",
"arguments": ["build"]
},
{
"name": "Genesis",
"script": "genesis.sh",
@ -44,6 +56,14 @@
}
],
"vm": {
"build": {
"memory": 3072,
"vcpus": 2,
"mac": "52:54:00:00:be:31",
"ip": "172.24.1.9",
"bootstrap": true,
"userdata": "packages: [docker.io]"
},
"n0" : {
"memory": 32768,
"vcpus": 8,

View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
# Copyright 2018 AT&T Intellectual Property. All other rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
set -e
source "${GATE_UTILS}"
DNS_SERVER=$1
ingress_dns_config
ingress_dns_start ${DNS_SERVER}

View File

@ -0,0 +1,9 @@
${DNS_DOMAIN} {
file ${ZONE_FILE}
log
}
. {
forward . /etc/resolv.conf
log
}

View File

@ -0,0 +1 @@
${HOSTNAME} IN A ${HOSTIP}

View File

@ -0,0 +1,4 @@
$ORIGIN ${INGRESS_DOMAIN}.
${INGRESS_DOMAIN}. IN SOA localhost. root.localhost. ( 2007120710 1d 2h 4w 1h )