Implementes: ranger-agent helm charts

This is an effort to implement helm charts for ranger-agent component
Signed-off-by: Hari Om Singh<hosingh000@gmail.com>

Change-Id: If3ef41cf3850edb52af1ec4861073657becec7ed
This commit is contained in:
hosingh000 2018-03-29 13:01:21 -05:00
parent d2026c1326
commit fb5df6ce88
28 changed files with 1509 additions and 0 deletions

22
ranger-agent/Chart.yaml Executable file
View File

@ -0,0 +1,22 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
description: OpenStack-Helm Ranger Agent
name: ranger-agent
version: 0.1.0
sources:
- https://git.openstack.org/cgit/openstack/ranger-agent
- https://git.openstack.org/cgit/openstack/openstack-helm
maintainers:
- name: OpenStack-Helm Authors

18
ranger-agent/requirements.yaml Executable file
View File

@ -0,0 +1,18 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: http://localhost:8879/charts
version: 0.1.0

View File

@ -0,0 +1,22 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec ranger-agent-dbsync \
--config-file /etc/ranger-agent/ranger-agent.conf

View File

@ -0,0 +1,42 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
function apireadiness () {
IS_SERVICE_RUNNING=$(ps aux|awk '$12 == "/usr/local/bin/ranger-agent-api" {print $8}')
if [ ! -z "$IS_SERVICE_RUNNING" -a "$IS_SERVICE_RUNNING"!=" " ]; then
exit 0
else
exit 1
fi
}
function enginereadiness () {
IS_SERVICE_RUNNING=$(ps aux|awk '$12 == "/usr/local/bin/ranger-agent-engine" {print $8}')
if [ ! -z "$IS_SERVICE_RUNNING" -a "$IS_SERVICE_RUNNING"!=" " ]; then
exit 0
else
exit 1
fi
}
function engineliveness () {
enginereadiness
}

View File

@ -0,0 +1,31 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
COMMAND="${@:-start}"
function start () {
exec ranger-agent-api \
--config-file /etc/ranger-agent/ranger-agent.conf
}
function stop () {
kill -TERM 1
}
$COMMAND

View File

@ -0,0 +1,51 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
COMMAND="${@:-start}"
function start () {
if [ -n "${SSH_KEY}" ] && [ -n "${SSH_KEY_CONFIGURATION}" ];then
if [[ $(stat -c %F ${USER_HOME}/.ssh) = "directory" ]]; then
rm -fr ${USER_HOME}/.ssh
fi
mkdir -p ${USER_HOME}/.ssh
echo -e "${SSH_KEY}" >>${USER_HOME}/.ssh/${SSH_KEY_FILE}
echo -e "${SSH_KEY_CONFIGURATION}" >>${USER_HOME}/.ssh/config
chown ranger_agent: ${USER_HOME}/.ssh
chmod 0700 -R ${USER_HOME}/.ssh
chmod 0644 ${USER_HOME}/.ssh/config
chmod 0600 ${USER_HOME}/.ssh/${SSH_KEY_FILE}
fi
exec ranger-agent-engine \
--config-file /etc/ranger-agent/ranger-agent.conf
}
function stop() {
kill -TERM 1
}
$COMMAND

View File

@ -0,0 +1,80 @@
#!/bin/bash
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
# Come up with a ranger agent payload
url="${RANGER_SERVICE_URL}"
UUID=$(python -c 'import uuid; print uuid.uuid1()')
PAYLOAD="{\"ord-notifier\":{
\"request-id\":\"$UUID\",
\"resource-id\":\"$UUID\",
\"resource-type\":\"flavor\",
\"resource-template-version\":\"1\",
\"resource-template-name\":\"sanity-test.yaml\",
\"resource-template-type\":\"hot\",
\"operation\":\"create\",
\"region\":\"RegionOne\"
}
}"
function assertContains()
{
expected=$1
msg=$2
if echo "$msg" | grep -q "$expected"; then
echo "***TEST IS PASSED: EXPECTED=$expected is in Responce"
else
echo "***FAILED: EXPECTED=$expected in Responce"
exit 1
fi
}
request_submit_response="$(curl -i -X POST -d "${PAYLOAD}" $url --header "Content-type:application/json")"
expected_on_request="Submitted"
assertContains "${expected_on_request}" "${request_submit_response}"
# Ranger agent support pull or push both model.
# once request submitted openstack take some time to synchronize.
# we are pulling status for testing purpose by sleeping thread for 15 sec
sleep 15
expected_on_execution="Success"
resource_status_from_engine="$(curl -s "$url?Id=$UUID")"
assertContains "${expected_on_execution}" "$resource_status_from_engine"
# Delete Resource
DELETE_REQ_UUID=$(python -c 'import uuid; print uuid.uuid1()')
DELETE_PAYLOAD="{\"ord-notifier\":{
\"request-id\":\"$DELETE_REQ_UUID\",
\"resource-id\":\"$DELETE_REQ_UUID\",
\"resource-type\":\"flavor\",
\"resource-template-version\":\"1\",
\"resource-template-name\":\"sanity-test.yaml\",
\"resource-template-type\":\"hot\",
\"operation\":\"delete\",
\"region\":\"RegionOne\"
}
}"
curl -i -X POST -d "${DELETE_PAYLOAD}" $url --header "Content-type:application/json"

View File

@ -0,0 +1,47 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ranger-agent-bin
data:
db-init.py: |+
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-sync.sh: |+
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-drop.py: |+
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
ks-service.sh: |+
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |+
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |+
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
ranger-agent-api.sh: |
{{ tuple "bin/_ranger-agent-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ranger-agent-engine.sh: |
{{ tuple "bin/_ranger-agent-engine.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
health-check.sh: |+
{{ tuple "bin/_health-check.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ranger-agent-test.sh: |+
{{ tuple "bin/_ranger-agent-test.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
{{- end }}

View File

@ -0,0 +1,67 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- if empty .Values.conf.ranger_agent.database.connection -}}
{{- tuple "oslo_db" "internal" "ranger_agent" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ranger_agent.database "connection" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.DEFAULT.transport_url -}}
{{- tuple "oslo_messaging" "internal" "ranger-agent" "amqp" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.ranger_agent.DEFAULT "transport_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.orm.rds_listener_endpoint -}}
{{- tuple "ranger_rds" "public" "rds" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.ranger_agent.orm "rds_listener_endpoint" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.DEFAULT.ord_server_url -}}
{{- tuple "ranger_agent" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | trimSuffix .Values.endpoints.ranger_agent.path.default | set .Values.conf.ranger_agent.DEFAULT "ord_server_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.username -}}
{{- set .Values.conf.ranger_agent.keystone_authtoken "username" .Values.endpoints.identity.auth.ranger_agent.username | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.password -}}
{{- set .Values.conf.ranger_agent.keystone_authtoken "password" .Values.endpoints.identity.auth.ranger_agent.password | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.project_name -}}
{{- set .Values.conf.ranger_agent.keystone_authtoken "project_name" .Values.endpoints.identity.auth.ranger_agent.project_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.auth_url -}}
{{- tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.ranger_agent.keystone_authtoken "auth_url" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.DEFAULT.region -}}
{{- set .Values.conf.ranger_agent.DEFAULT "region" .Values.endpoints.identity.auth.ranger_agent.region_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.api.port -}}
{{- tuple "ranger-agent" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.ranger_agent.api "port" | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.project_domain_name -}}
{{- set .Values.conf.ranger_agent.keystone_authtoken "project_domain_name" .Values.endpoints.identity.auth.ranger_agent.project_domain_name | quote | trunc 0 -}}
{{- end -}}
{{- if empty .Values.conf.ranger_agent.keystone_authtoken.user_domain_name -}}
{{- set .Values.conf.ranger_agent.keystone_authtoken "user_domain_name" .Values.endpoints.identity.auth.ranger_agent.user_domain_name | quote | trunc 0 -}}
{{- end -}}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: ranger-agent-etc
data:
api-paste.ini: |
{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }}
ranger-agent.conf: |
{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ranger_agent | indent 4 }}
{{- end }}

View File

@ -0,0 +1,109 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_ranger_agent_api }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.api }}
{{- $mounts_ranger_agent_api := .Values.pod.mounts.ranger_agent_api.ranger_agent_api }}
{{- $mounts_ranger_agent_api_init := .Values.pod.mounts.ranger_agent_api.init_container }}
{{- $serviceAccountName := "ranger-agent-api" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: ranger-agent-api
spec:
replicas: {{ .Values.pod.replicas.api }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "ranger-agent" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
affinity:
{{ tuple $envAll "ranger-agent" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.ranger_agent_api.timeout | default "30" }}
initContainers:
{{ tuple $envAll $dependencies $mounts_ranger_agent_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ranger-agent-api
image: {{ .Values.images.tags.ranger_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.ranger_agent.uid }}
command:
- /tmp/ranger-agent-api.sh
- start
lifecycle:
preStop:
exec:
command:
- /tmp/ranger-agent-api.sh
- stop
ports:
- name: ranger-api
containerPort: {{ tuple "ranger-agent" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
livenessProbe:
tcpSocket:
port: {{ tuple "ranger-agent" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
exec:
command:
- /tmp/health-check.sh
- apireadiness
initialDelaySeconds: 30
timeoutSeconds: 5
volumeMounts:
- name: ranger-agent-bin
mountPath: /tmp/ranger-agent-api.sh
subPath: ranger-agent-api.sh
readOnly: true
- name: ranger-agent-bin
mountPath: /tmp/health-check.sh
subPath: health-check.sh
readOnly: true
- name: ranger-agent-etc
mountPath: /etc/ranger-agent/ranger-agent.conf
subPath: ranger-agent.conf
readOnly: true
- name: ranger-agent-etc
mountPath: /etc/ranger-agent/api-paste.ini
subPath: api-paste.ini
readOnly: true
{{ if $mounts_ranger_agent_api.volumeMounts }}{{ toYaml $mounts_ranger_agent_api.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: ranger-agent-bin
configMap:
name: ranger-agent-bin
defaultMode: 0555
- name: ranger-agent-etc
configMap:
name: ranger-agent-etc
defaultMode: 0444
{{ if $mounts_ranger_agent_api.volumes}}{{ toYaml $mounts_ranger_agent_api.volumes | indent 8 }}{{ end }}
{{- end }}

View File

@ -0,0 +1,135 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_ranger_agent_engine }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.engine }}
{{- $mounts_ranger_agent_engine := .Values.pod.mounts.ranger_agent_engine.ranger_agent_engine }}
{{- $mounts_ranger_agent_engine_init := .Values.pod.mounts.ranger_agent_engine.init_container }}
{{- $serviceAccountName := "ranger-agent-engine" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1beta1
kind: Deployment
metadata:
name: ranger-agent-engine
spec:
replicas: {{ .Values.pod.replicas.engine }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "ranger-agent" "engine" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
serviceAccountName: {{ $serviceAccountName }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
affinity:
{{ tuple $envAll "ranger-agent" "engine" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.engine.node_selector_key }}: {{ .Values.labels.engine.node_selector_value }}
terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.ranger_agent_engine.timeout | default "30" }}
initContainers:
{{ tuple $envAll $dependencies $mounts_ranger_agent_engine_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: ranger-agent-engine
image: {{ .Values.images.tags.ranger_agent }}
imagePullPolicy: {{ .Values.images.pull_policy }}
{{ tuple $envAll $envAll.Values.pod.resources.engine | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
securityContext:
runAsUser: {{ .Values.pod.user.ranger_agent.uid }}
env:
- name: USER
valueFrom:
secretKeyRef:
name: ranger-agent-ssh-secret
key: USER
- name: USER_HOME
valueFrom:
secretKeyRef:
name: ranger-agent-ssh-secret
key: USER_HOME
- name: SSH_KEY_FILE
valueFrom:
secretKeyRef:
name: ranger-agent-ssh-secret
key: SSH_KEY_FILE
- name: SSH_KEY
valueFrom:
secretKeyRef:
name: ranger-agent-ssh-secret
key: RANGER_AGENT_PRIVATE_KEY
- name: SSH_KEY_CONFIGURATION
valueFrom:
secretKeyRef:
name: ranger-agent-ssh-secret
key: RANGER_AGENT_SSH_CONFIG
command:
- /tmp/ranger-agent-engine.sh
- start
lifecycle:
preStop:
exec:
command:
- /tmp/ranger-agent-engine.sh
- stop
livenessProbe:
exec:
command:
- /tmp/health-check.sh
- engineliveness
initialDelaySeconds: 30
timeoutSeconds: 5
readinessProbe:
exec:
command:
- /tmp/health-check.sh
- enginereadiness
initialDelaySeconds: 30
timeoutSeconds: 5
volumeMounts:
- name: ranger-agent-bin
mountPath: /tmp/ranger-agent-engine.sh
subPath: ranger-agent-engine.sh
readOnly: true
- name: ranger-agent-bin
mountPath: /tmp/health-check.sh
subPath: health-check.sh
readOnly: true
- name: ranger-agent-etc
mountPath: /etc/ranger-agent/ranger-agent.conf
subPath: ranger-agent.conf
readOnly: true
- name: ranger-agent-etc
mountPath: /etc/ranger-agent/api-paste.ini
subPath: api-paste.ini
readOnly: true
{{ if $mounts_ranger_agent_engine.volumeMounts }}{{ toYaml $mounts_ranger_agent_engine.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: ranger-agent-bin
configMap:
name: ranger-agent-bin
defaultMode: 0555
- name: ranger-agent-etc
configMap:
name: ranger-agent-etc
defaultMode: 0444
{{ if $mounts_ranger_agent_engine.volumes}}{{ toYaml $mounts_ranger_agent_engine.volumes | indent 8 }}{{ end }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress_ranger_agent_api .Values.network.api.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendServiceType" "ranger-agent" "backendPort" "ranger-api" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_drop }}
{{- $dbInitJob := dict "envAll" . "serviceName" "ranger-agent" -}}
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_init }}
{{- $dbInitJob := dict "envAll" . "serviceName" "ranger-agent" -}}
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_sync }}
{{- $dbSyncJob := dict "envAll" . "serviceName" "ranger-agent" -}}
{{ $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "ranger-agent" "serviceTypes" ( tuple "ranger-agent" ) -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}

View File

@ -0,0 +1,21 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "ranger-agent" "serviceTypes" ( tuple "ranger-agent" ) -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_ks_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "ranger-agent" "serviceUser" "ranger_agent" -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "ranger-agent" -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

View File

@ -0,0 +1,29 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pdb_api }}
{{- $envAll := . }}
---
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: ranger-agent-api
spec:
minAvailable: {{ .Values.pod.lifecycle.disruption_budget.ranger_agent_api.min_available }}
selector:
matchLabels:
{{ tuple $envAll "ranger-agent" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{- end }}

View File

@ -0,0 +1,60 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pod_test }}
{{- $envAll := . }}
{{- $dependencies := .Values.dependencies.static.tests }}
{{- $mounts_tests := .Values.pod.mounts.ranger_agent_tests.ranger_agent_tests }}
{{- $mounts_tests_init := .Values.pod.mounts.ranger_agent_tests.init_container }}
{{- $serviceAccountName := print $envAll.Release.Name "-test" }}
{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: v1
kind: Pod
metadata:
name: "{{$envAll.Release.Name}}-test"
annotations:
"helm.sh/hook": test-success
spec:
serviceAccountName: {{ $serviceAccountName }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
restartPolicy: Never
initContainers:
{{ tuple $envAll $dependencies $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
containers:
- name: {{.Release.Name}}-test
image: {{ .Values.images.tags.scripted_test }}
env:
- name: RANGER_SERVICE_URL
value: {{ tuple "ranger_agent" "public" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
command:
- /tmp/ranger-agent-test.sh
volumeMounts:
- name: ranger-agent-bin
mountPath: /tmp/ranger-agent-test.sh
subPath: ranger-agent-test.sh
readOnly: true
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
- name: ranger-agent-bin
configMap:
name: ranger-agent-bin
defaultMode: 0555
{{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }}
{{- end }}

View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_db }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ranger_agent" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
DB_CONNECTION: {{ tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc -}}
{{- end }}
{{- end }}

View File

@ -0,0 +1,30 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ranger_agent" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

View File

@ -0,0 +1,31 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "ranger-agent" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

View File

@ -0,0 +1,33 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ssh_key }}
{{- $envAll := . }}
{{- $key_location := .Values.conf.ssh.key_location }}
{{- $secretName := "ranger-agent-ssh-secret" }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
USER: {{ .Values.conf.ssh.user | b64enc }}
USER_HOME: {{ .Values.conf.ssh.user_home | b64enc }}
SSH_KEY_FILE: {{ .Values.conf.ssh.ssh_key_file | b64enc }}
RANGER_AGENT_PRIVATE_KEY: {{ .Files.Get .Values.conf.ssh.ssh_key_file_location | b64enc }}
RANGER_AGENT_SSH_CONFIG: {{ .Files.Get .Values.conf.ssh.ssh_config_file_location | b64enc }}
{{- end }}

View File

@ -0,0 +1,20 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress_ranger_agent_api .Values.network.api.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "ranger-agent" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

View File

@ -0,0 +1,39 @@
{{/*
Copyright 2017 The Openstack-Helm Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service_ranger_agent_api }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "ranger-agent" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: ranger-api
port: {{ tuple "ranger-agent" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "ranger-agent" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.api.node_port.enabled }}
type: NodePort
{{- if .Values.network.api.external_policy_local }}
externalTrafficPolicy: Local
{{ end }}
{{ end }}
{{- end }}

452
ranger-agent/values.yaml Executable file
View File

@ -0,0 +1,452 @@
# Copyright 2017 The Openstack-Helm Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for ranger-agent.
# This is a YAML-formatted file.
# Declare name/value pairs to be passed into your templates.
# name: value
release_group: null
labels:
api:
node_selector_key: openstack-control-plane
node_selector_value: enabled
engine:
node_selector_key: openstack-control-plane
node_selector_value: enabled
job:
node_selector_key: openstack-control-plane
node_selector_value: enabled
test:
node_selector_key: openstack-control-plane
node_selector_value: enabled
images:
tags:
ranger_agent: quay.io/attcomdev/ranger-agent:5d29fd462bb85cf6c1b0acb25bfb898944e62b1a
ranger-agent_db_sync: quay.io/attcomdev/ranger-agent:5d29fd462bb85cf6c1b0acb25bfb898944e62b1a
db_drop: docker.io/openstackhelm/heat:newton
db_init: docker.io/openstackhelm/heat:newton
ks_user: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
rabbit_init: docker.io/rabbitmq:3.7-management
ks_endpoints: docker.io/openstackhelm/heat:newton
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.2.1
scripted_test: docker.io/openstackhelm/heat:newton
pull_policy: "IfNotPresent"
conf:
paste:
pipeline:main:
pipeline: request_id api-server
app:api-server:
paste.app_factory: ord.api.app:app_factory
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
filter:request_id:
paste.filter_factory: oslo_middleware:RequestId.factory
ranger_agent:
DEFAULT:
api_workers: 1
debug: False
verbose: True
pecan_debug: True
repo_connection_timeout: 120
resource_creation_timeout_min: 1200
resource_creation_timeout_max: 14400
log_dir: /var/log/ranger-agent
api_paste_config: /etc/ranger-agent/api-paste.ini
local_repo: ranger_repo
resource_status_check_wait: 15
api:
host: 0.0.0.0
database:
max_retries: -1
oslo_messaging_notifications:
driver: messagingv2
orm:
orm_template_repo_url: git@github.com:ranger-agent/templates.git
repo_pull_check_wait: 2
retry_limits: 5
keystone_authtoken:
auth_type: password
auth_version: v3
ssh:
user: ranger_agent
user_home: /home/ranger_agent
ssh_key_file: ranger_agent
ssh_key_file_location: cert/ranger_agent
ssh_config_file_location: cert/config
network:
api:
ingress:
public: true
classes:
namespace: "nginx"
cluster: "nginx-cluster"
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
external_policy_local: false
node_port:
enabled: false
port: 30010
dependencies:
static:
api:
jobs:
- ranger-agent-db-sync
- ranger-agent-ks-user
- ranger-agent-ks-endpoints
- ranger-agent-rabbit-init
services:
- service: oslo_db
endpoint: internal
engine:
jobs:
- ranger-agent-db-sync
- ranger-agent-ks-user
- ranger-agent-rabbit-init
services:
- service: oslo_db
endpoint: internal
- service: identity
endpoint: internal
- service: orchestration
endpoint: internal
- service: image
endpoint: internal
db_init:
services:
- service: oslo_db
endpoint: internal
db_sync:
jobs:
- ranger-agent-db-init
services:
- service: oslo_db
endpoint: internal
db_drop:
services:
- service: oslo_db
endpoint: internal
ks_user:
services:
- service: identity
endpoint: internal
ks_service:
services:
- service: identity
endpoint: internal
ks_endpoints:
jobs:
- ranger-agent-ks-service
services:
- service: identity
endpoint: internal
rabbit_init:
services:
- service: oslo_messaging
endpoint: internal
# Names of secrets used and environmental checks
secrets:
identity:
admin: admin
ranger_agent: ranger-agent-admin
oslo_db:
admin: ranger-agent-db-admin
ranger_agent: ranger-agent-db-user
oslo_messaging:
admin: ranger-agent-rabbitmq-admin
ranger-agent: ranger-agent-rabbitmq-user
# typically overriden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
cluster_domain_suffix: cluster.local
oslo_db:
auth:
admin:
username: root
password: password
ranger_agent:
username: ranger-agent
password: password
hosts:
default: mariadb
host_fqdn_override:
default: null
path: /ord
scheme: mysql+pymysql
port:
mysql:
default: 3306
oslo_cache:
hosts:
default: memcached
host_fqdn_override:
default: null
port:
memcache:
default: 11211
oslo_messaging:
auth:
admin:
username: rabbitmq
password: password
ranger-agent:
username: ranger-agent
password: password
hosts:
default: rabbitmq
host_fqdn_override:
default: null
path: /
scheme: rabbit
port:
amqp:
default: 5672
http:
default: 15672
ranger_rds:
name: rds-url
hosts:
default:
host_fqdn_override:
default: internal.ranger.com
path:
default: /v1/rds/status
scheme:
default: http
port:
rds:
default: 8777
identity:
name: keystone
auth:
admin:
region_name: RegionOne
username: admin
password: password
project_name: admin
user_domain_name: default
project_domain_name: default
ranger_agent:
role: admin
region_name: RegionOne
username: ranger-agent-admin
password: password
project_name: service
user_domain_name: default
project_domain_name: default
hosts:
default: keystone-api
public: keystone
host_fqdn_override:
default: null
path:
default: /v3
scheme:
default: http
port:
admin:
default: 35357
api:
default: 80
image:
name: glance
hosts:
default: glance-api
public: glance
host_fqdn_override:
default: null
path:
default: null
scheme:
default: http
port:
api:
default: 9292
public: 80
orchestration:
name: heat
hosts:
default: heat-api
public: heat
host_fqdn_override:
default: null
path:
default: '/v1/%(project_id)s'
scheme:
default: 'http'
port:
api:
default: 8004
public: 80
ranger_agent:
name: ranger-agent
hosts:
default: ranger-api
public: ranger-agent
host_fqdn_override:
default: null
path:
default: "/v1/ord/ord_notifier/"
scheme:
default: 'http'
port:
api:
default: 9010
public: 80
pod:
user:
ranger_agent:
uid: 1000
affinity:
anti:
type:
default: preferredDuringSchedulingIgnoredDuringExecution
topologyKey:
default: kubernetes.io/hostname
mounts:
ranger_agent_api:
init_container: null
ranger_agent_api:
ranger_agent_engine:
init_container: null
ranger_agent_engine:
ranger_agent_tests:
init_container: null
ranger_agent_tests:
replicas:
api: 1
engine: 1
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
disruption_budget:
ranger_agent_api:
min_available: 0
ranger_agent_engine:
min_available: 0
termination_grace_period:
ranger_agent_api:
timeout: 30
ranger_agent_engine:
timeout: 30
resources:
enabled: false
ranger_agent_api:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ranger_agent_engine:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
jobs:
db_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_sync:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
db_drop:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_service:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
ks_user:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
rabbit_init:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
tests:
requests:
memory: "128Mi"
cpu: "100m"
limits:
memory: "1024Mi"
cpu: "2000m"
manifests:
configmap_bin: true
configmap_etc: true
deployment_ranger_agent_api: true
deployment_ranger_agent_engine: true
ingress_ranger_agent_api: true
secret_db: true
secret_keystone: true
secret_ssh_key: true
secret_rabbitmq: true
job_db_init: true
job_db_sync: true
job_db_drop: false
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_rabbit_init: true
pdb_api: true
pod_test: true
service_ingress_ranger_agent_api: true
service_ranger_agent_api: true