(fix) Fix static ports in MAAS ingress

- Some residual static configuration was left in the MAAS ingress
  deployment template. Update it to render the ingress ports from
  endpoints and also to remove the TCP forwarder for the MAAS
  region API and instead use a standard Ingress resource.

Change-Id: I7764d48ea919147503e9bf2521c52cb6f0028538
This commit is contained in:
Scott Hussey 2018-11-21 09:47:18 -06:00 committed by Dan Crank
parent 2aaca3f60b
commit 617607e426
9 changed files with 41 additions and 22 deletions

View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/bin/sh
{{/*
Copyright 2018 The Openstack-Helm Authors.
@ -18,20 +18,20 @@ limitations under the License.*/}}
set -ex
COMMAND="${@:-start}"
COMMAND="${*:-start}"
function kernel_modules () {
kernel_modules () {
chroot /mnt/host-rootfs modprobe dummy
}
function test_vip () {
test_vip () {
ip addr show ${interface} | \
awk "/inet / && /${interface}/{print \$2 }" | \
awk -F '/' '{ print $1 }' | \
grep -q "${addr%/*}"
}
function start () {
start () {
kernel_modules
ip link show ${interface} > /dev/null || ip link add ${interface} type dummy
if ! test_vip; then
@ -40,11 +40,11 @@ function start () {
ip link set ${interface} up
}
function sleep () {
exec /usr/bin/dumb-init bash -c "while :; do sleep 2073600; done"
sleep () {
exec /bin/sh -c "while :; do sleep 2073600; done"
}
function stop () {
stop () {
ip link show ${interface} > /dev/null || exit 0
if test_vip; then
ip addr del ${addr} dev ${interface}

View File

@ -44,3 +44,5 @@ data:
drivers.yaml: |
{{ tuple "etc/_drivers.yaml.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
sleep-inittab: |
::sysinit:/tmp/maas-vip-configure.sh sleep

View File

@ -22,7 +22,6 @@ kind: ConfigMap
metadata:
name: maas-ingress-services-tcp
data:
{{ tuple "maas_region" "public" "region_api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-api"
{{ tuple "maas_region" "public" "region_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}: "{{- .Release.Namespace -}}/{{- tuple "maas_region" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" -}}:region-proxy"
...
---

View File

@ -168,7 +168,7 @@ spec:
initContainers:
{{ tuple $envAll "maas_ingress" $mounts_maas_ingress_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- name: maas-ingress-vip-init
image: {{ .Values.images.tags.ingress }}
image: {{ .Values.images.tags.ingress_vip }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
@ -192,7 +192,7 @@ spec:
readOnly: true
containers:
- name: maas-ingress-vip
image: {{ .Values.images.tags.ingress }}
image: {{ .Values.images.tags.ingress_vip }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.maas_ingress_vip | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
@ -201,8 +201,7 @@ spec:
- 'NET_ADMIN'
runAsUser: 0
command:
- /tmp/maas-vip-configure.sh
- sleep
- /bin/init
env:
{{ include "helm-toolkit.utils.to_k8s_env_vars" .Values.network.maas_ingress | indent 12 }}
volumeMounts:
@ -210,6 +209,10 @@ spec:
name: maas-bin
subPath: maas-vip-configure
readOnly: true
- mountPath: /etc/inittab
name: maas-etc
subPath: sleep-inittab
readOnly: true
lifecycle:
preStop:
exec:
@ -240,9 +243,9 @@ spec:
- name: RELEASE_NAME
value: {{ .Release.Name | quote }}
- name: HTTP_PORT
value: "8808"
value: {{ tuple "maas_ingress" "podport" "http" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- name: HTTPS_PORT
value: "8543"
value: {{ tuple "maas_ingress" "podport" "https" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- name: HEALTHZ_PORT
value: {{ tuple "maas_ingress" "podport" "healthz" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | quote }}
- name: STATUS_PORT
@ -260,6 +263,10 @@ spec:
configMap:
name: maas-bin
defaultMode: 0555
- name: maas-etc
configMap:
name: maas-etc
defaultMode: 0444
- name: host-rootfs
hostPath:
path: /

View File

@ -39,8 +39,8 @@ def find_ba_key(n):
{{ "{{" }}py: ba_files_url = ''.join([{{ quote $drydock_url }},'/bootactions/nodes/',node.hostname,'/files']){{ "}}" }}
{{ "{{" }}if ba_key{{ "}}" }}
drydock_00: ["sh", "-c", "echo Installing Drydock Boot Actions."]
drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"]
drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"]
drydock_01: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_units_url{{ "}}" }}", "-O", "/tmp/bootaction-units.tar.gz"]
drydock_02: ["curtin", "in-target", "--", "wget", "--no-proxy", "--no-check-certificate", "--header=X-Bootaction-Key: {{ "{{" }}ba_key{{ "}}" }}", "{{ "{{" }}ba_files_url{{ "}}" }}", "-O", "/tmp/bootaction-files.tar.gz"]
drydock_03: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-units.tar.gz > /tmp/bootaction-unit-names.txt"]
drydock_04: ["curtin", "in-target", "--", "sh", "-c", "tar --owner=root -xPzvf /tmp/bootaction-files.tar.gz > /tmp/bootaction-file-names.txt"]
drydock_05: ["curtin", "in-target", "--", "sh", "-c", "xargs -a /tmp/bootaction-unit-names.txt -n 1 basename > /tmp/bootaction-unit-basenames.txt || echo 'Did not run basenames on units'"]

View File

@ -103,10 +103,6 @@ spec:
mountPath: /usr/local/bin/register-rack-controller.sh
subPath: register-rack-controller.sh
readOnly: true
- name: maas-etc
mountPath: /lib/systemd/system/register-rack-controller.service
subPath: register-rack-controller.service
readOnly: true
- name: rackd-state
mountPath: /etc/maas
subPath: etc

View File

@ -79,7 +79,8 @@ images:
export_api_key: quay.io/airshipit/maas-region-controller:latest
maas_cache: quay.io/airshipit/sstream-cache:latest
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.9.0
ingress: quay.io/kubernetes-ingress-controller/nginx-ingress-controller:0.20.0
ingress_vip: docker.io/busybox:latest
error_pages: gcr.io/google_containers/defaultbackend:1.0
pull_policy: IfNotPresent
local_registry:

View File

@ -0,0 +1,10 @@
1047c1047
< if family in {AF_INET, AF_INET6}:
---
> if family in {AF_INET6}:
1051a1052,1054
> info_url = info_url_base._replace(netloc=netloc)
> elif family in {AF_INET}:
> info_url = info_url_base
1054d1056
< info_url = info_url_base._replace(netloc=netloc)

View File

@ -52,8 +52,12 @@ RUN systemctl enable register-rack-controller.service
COPY 2.3_nic_filter.patch /tmp/2.3_nic_filter.patch
# sh8121att: patch so that interfaces with MAC 00:00:00:00:00:00 omit the MAC address
COPY 2.3_mac_address.patch /tmp/2.3_mac_address.patch
# sh8121att: patch so query for RPC info contains proper Host header
copy 2.3_hostheader.patch /tmp/2.3_hostheader.patch
RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch network.py < /tmp/2.3_nic_filter.patch
RUN cd /usr/lib/python3/dist-packages/provisioningserver/utils && patch ipaddr.py < /tmp/2.3_mac_address.patch
RUN cd /usr/lib/python3/dist-packages/provisioningserver/rpc && patch clusterservice.py < /tmp/2.3_hostheader.patch
# echo journalctl logs to the container's stdout
COPY scripts/journalctl-to-tty.service /etc/systemd/system/journalctl-to-tty.service