openstack
/
openstack-helm
Code Issues Proposed changes

Add Manila chart 

Change-Id: I5098b1b57c3afed01e90f489de34415d69056e25
This commit is contained in:
okozachenko 2023-03-17 00:06:20 +11:00 committed by Vladimir Kozhukalov
parent 427f14909a
commit a81317569f
43 changed files with 2861 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
manila/.helmignore Normal file
View File

@ -0,0 +1 @@
values_overrides

24
manila/Chart.yaml Normal file
View File

@ -0,0 +1,24 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
appVersion: v1.0.0
description: OpenStack-Helm Manila
name: manila
version: 0.1.0
home: https://docs.openstack.org/manila/latest/
icon: https://www.openstack.org/themes/openstack/images/project-mascots/Manila/OpenStack_Project_Manila_vertical.png
sources:
- https://opendev.org/openstack/manila
- https://opendev.org/openstack/openstack-helm
maintainers:
- name: OpenStack-Helm Authors

16
manila/requirements.yaml Normal file
View File

@ -0,0 +1,16 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
dependencies:
- name: helm-toolkit
repository: file://../../openstack-helm-infra/helm-toolkit
version: ">= 0.1.0"

59
manila/templates/bin/_bootstrap.sh.tpl Normal file
View File

@ -0,0 +1,59 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
export HOME=/tmp
cd $HOME
{{ range .Values.bootstrap.structured.images }}
openstack image show {{ .name | quote }} || \
(curl --fail -sSL -O {{ .source_url }}{{ .image_file }}; \
openstack image create {{ .name | quote }} \
{{ if .id -}} --id {{ .id }} {{ end -}} \
--disk-format {{ .image_type }} \
--file {{ .image_file }} \
{{ if .properties -}} {{ range $key, $value := .properties }}--property {{$key}}={{$value}} {{ end }}{{ end -}} \
--container-format {{ .container_format | quote }} \
{{ if .private -}}
--private
{{- else -}}
--public
{{- end -}};)
{{ end }}
{{ range .Values.bootstrap.structured.flavors }}
openstack flavor show {{ .name | quote }} || \
openstack flavor create {{ .name | quote }} \
{{ if .id -}} --id {{ .id }} {{ end -}} \
--ram {{ .ram }} \
--vcpus {{ .vcpus }} \
--disk {{ .disk }} \
--ephemeral {{ .ephemeral }} \
{{ if .public -}}
--public
{{- else -}}
--private
{{- end -}};
{{ end }}
openstack share type show default || \
openstack share type create default true \
--public true --description "default generic share type"
openstack share group type show default || \
openstack share group type create default default --public true
{{ .Values.bootstrap.script | default "echo 'Not Enabled'" }}

19
manila/templates/bin/_db-sync.sh.tpl Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec manila-manage db sync

29
manila/templates/bin/_manila-api.sh.tpl Normal file
View File

@ -0,0 +1,29 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
COMMAND="${@:-start}"
function start () {
exec manila-api \
--config-file /etc/manila/manila.conf
}
function stop () {
kill -TERM 1
}
$COMMAND

19
manila/templates/bin/_manila-data.sh.tpl Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec manila-data \
--config-file /etc/manila/manila.conf

19
manila/templates/bin/_manila-scheduler.sh.tpl Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec manila-scheduler \
--config-file /etc/manila/manila.conf

19
manila/templates/bin/_manila-share.sh.tpl Normal file
View File

@ -0,0 +1,19 @@
#!/bin/bash
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
set -ex
exec manila-share \
--config-file /etc/manila/manila.conf

56
manila/templates/configmap-bin.yaml Normal file
View File

@ -0,0 +1,56 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_bin }}
{{- $envAll := . }}
{{- $rallyTests := .Values.conf.rally_tests }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: manila-bin
data:
rally-test.sh: |
{{ tuple $rallyTests | include "helm-toolkit.scripts.rally_test" | indent 4 }}
{{- if .Values.images.local_registry.active }}
image-repo-sync.sh: |
{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
{{- end }}
{{- if .Values.bootstrap.enabled }}
bootstrap.sh: |
{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
db-init.py: |
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-sync.sh: |
{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
db-drop.py: |
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
ks-service.sh: |
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
rabbit-init.sh: |
{{- include "helm-toolkit.scripts.rabbit_init" . | indent 4 }}
manila-api.sh: |
{{ tuple "bin/_manila-api.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
manila-data.sh: |
{{ tuple "bin/_manila-data.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
manila-scheduler.sh: |
{{ tuple "bin/_manila-scheduler.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
manila-share.sh: |
{{ tuple "bin/_manila-share.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}

240
manila/templates/configmap-etc.yaml Normal file
View File

@ -0,0 +1,240 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.configmap_etc }}
{{- $envAll := . }}
{{- $manila_auth_url := tuple "identity" "internal" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" }}
{{- $manila_region_name := .Values.endpoints.identity.auth.manila.region_name }}
{{- $manila_project_name := .Values.endpoints.identity.auth.manila.project_name }}
{{- $manila_project_domain_name := .Values.endpoints.identity.auth.manila.project_domain_name }}
{{- $manila_user_domain_name := .Values.endpoints.identity.auth.manila.user_domain_name }}
{{- $manila_username := .Values.endpoints.identity.auth.manila.username }}
{{- $manila_password := .Values.endpoints.identity.auth.manila.password }}
{{- $memcached_servers := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }}
{{- $memcache_secret_key := default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key }}
{{- if empty .Values.conf.manila.keystone_authtoken.auth_uri -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "auth_uri" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.auth_url -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "auth_url" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.region_name -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "region_name" $manila_region_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.project_name -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "project_name" $manila_project_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.project_domain_name -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "project_domain_name" $manila_project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.user_domain_name -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "user_domain_name" $manila_user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.username -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "username" $manila_username -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.password -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "password" $manila_password -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.memcached_servers -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "memcached_servers" $memcached_servers -}}
{{- end -}}
{{- if empty .Values.conf.manila.keystone_authtoken.memcache_secret_key -}}
{{- $_ := set .Values.conf.manila.keystone_authtoken "memcache_secret_key" $memcache_secret_key -}}
{{- end -}}
{{- if empty .Values.conf.manila.database.connection -}}
{{- $_ := tuple "oslo_db" "internal" "manila" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.manila.database "connection" -}}
{{- end -}}
{{- if empty .Values.conf.manila.DEFAULT.transport_url -}}
{{- $_ := tuple "oslo_messaging" "internal" "manila" "amqp" . | include "helm-toolkit.endpoints.authenticated_transport_endpoint_uri_lookup" | set .Values.conf.manila.DEFAULT "transport_url" -}}
{{- end -}}
# neutron
{{- if empty .Values.conf.manila.neutron.auth_uri -}}
{{- $_ := set .Values.conf.manila.neutron "auth_uri" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.auth_url -}}
{{- $_ := set .Values.conf.manila.neutron "auth_url" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.region_name -}}
{{- $_ := set .Values.conf.manila.neutron "region_name" .Values.endpoints.identity.auth.manila.region_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.project_name -}}
{{- $_ := set .Values.conf.manila.neutron "project_name" $manila_project_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.project_domain_name -}}
{{- $_ := set .Values.conf.manila.neutron "project_domain_name" $manila_project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.user_domain_name -}}
{{- $_ := set .Values.conf.manila.neutron "user_domain_name" $manila_user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.username -}}
{{- $_ := set .Values.conf.manila.neutron "username" $manila_username -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.password -}}
{{- $_ := set .Values.conf.manila.neutron "password" $manila_password -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.memcached_servers -}}
{{- $_ := set .Values.conf.manila.neutron "memcached_servers" $memcached_servers -}}
{{- end -}}
{{- if empty .Values.conf.manila.neutron.memcache_secret_key -}}
{{- $_ := set .Values.conf.manila.neutron "memcache_secret_key" $memcache_secret_key -}}
{{- end -}}
# nova
{{- if empty .Values.conf.manila.nova.auth_uri -}}
{{- $_ := set .Values.conf.manila.nova "auth_uri" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.auth_url -}}
{{- $_ := set .Values.conf.manila.nova "auth_url" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.region_name -}}
{{- $_ := set .Values.conf.manila.nova "region_name" .Values.endpoints.identity.auth.manila.region_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.project_name -}}
{{- $_ := set .Values.conf.manila.nova "project_name" $manila_project_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.project_domain_name -}}
{{- $_ := set .Values.conf.manila.nova "project_domain_name" $manila_project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.user_domain_name -}}
{{- $_ := set .Values.conf.manila.nova "user_domain_name" $manila_user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.username -}}
{{- $_ := set .Values.conf.manila.nova "username" $manila_username -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.password -}}
{{- $_ := set .Values.conf.manila.nova "password" $manila_password -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.memcached_servers -}}
{{- $_ := set .Values.conf.manila.nova "memcached_servers" $memcached_servers -}}
{{- end -}}
{{- if empty .Values.conf.manila.nova.memcache_secret_key -}}
{{- $_ := set .Values.conf.manila.nova "memcache_secret_key" $memcache_secret_key -}}
{{- end -}}
# cinder
{{- if empty .Values.conf.manila.cinder.auth_uri -}}
{{- $_ := set .Values.conf.manila.cinder "auth_uri" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.auth_url -}}
{{- $_ := set .Values.conf.manila.cinder "auth_url" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.region_name -}}
{{- $_ := set .Values.conf.manila.cinder "region_name" .Values.endpoints.identity.auth.manila.region_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.project_name -}}
{{- $_ := set .Values.conf.manila.cinder "project_name" $manila_project_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.project_domain_name -}}
{{- $_ := set .Values.conf.manila.cinder "project_domain_name" $manila_project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.user_domain_name -}}
{{- $_ := set .Values.conf.manila.cinder "user_domain_name" $manila_user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.username -}}
{{- $_ := set .Values.conf.manila.cinder "username" $manila_username -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.password -}}
{{- $_ := set .Values.conf.manila.cinder "password" $manila_password -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.memcached_servers -}}
{{- $_ := set .Values.conf.manila.cinder "memcached_servers" $memcached_servers -}}
{{- end -}}
{{- if empty .Values.conf.manila.cinder.memcache_secret_key -}}
{{- $_ := set .Values.conf.manila.cinder "memcache_secret_key" $memcache_secret_key -}}
{{- end -}}
# glance
{{- if empty .Values.conf.manila.glance.auth_uri -}}
{{- $_ := set .Values.conf.manila.glance "auth_uri" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.auth_url -}}
{{- $_ := set .Values.conf.manila.glance "auth_url" $manila_auth_url -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.region_name -}}
{{- $_ := set .Values.conf.manila.glance "region_name" .Values.endpoints.identity.auth.manila.region_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.project_name -}}
{{- $_ := set .Values.conf.manila.glance "project_name" $manila_project_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.project_domain_name -}}
{{- $_ := set .Values.conf.manila.glance "project_domain_name" $manila_project_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.user_domain_name -}}
{{- $_ := set .Values.conf.manila.glance "user_domain_name" $manila_user_domain_name -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.username -}}
{{- $_ := set .Values.conf.manila.glance "username" $manila_username -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.password -}}
{{- $_ := set .Values.conf.manila.glance "password" $manila_password -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.memcached_servers -}}
{{- $_ := set .Values.conf.manila.glance "memcached_servers" $memcached_servers -}}
{{- end -}}
{{- if empty .Values.conf.manila.glance.memcache_secret_key -}}
{{- $_ := set .Values.conf.manila.glance "memcache_secret_key" $memcache_secret_key -}}
{{- end -}}
{{- if and (empty .Values.conf.logging.handler_fluent) (has "fluent" .Values.conf.logging.handlers.keys) -}}
{{- $fluentd_host := tuple "fluentd" "internal" $envAll | include "helm-toolkit.endpoints.hostname_namespaced_endpoint_lookup" }}
{{- $fluentd_port := tuple "fluentd" "internal" "service" $envAll | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{- $fluent_args := printf "('%s.%s', '%s', %s)" .Release.Namespace .Release.Name $fluentd_host $fluentd_port }}
{{- $handler_fluent := dict "class" "fluent.handler.FluentHandler" "formatter" "fluent" "args" $fluent_args -}}
{{- $_ := set .Values.conf.logging "handler_fluent" $handler_fluent -}}
{{- end -}}
{{- if and (empty .Values.conf.logging.formatter_fluent) (has "fluent" .Values.conf.logging.formatters.keys) -}}
{{- $formatter_fluent := dict "class" "oslo_log.formatters.FluentFormatter" -}}
{{- $_ := set .Values.conf.logging "formatter_fluent" $formatter_fluent -}}
{{- end -}}
---
apiVersion: v1
kind: Secret
metadata:
name: manila-etc
type: Opaque
data:
rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }}
manila.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.manila | b64enc }}
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
{{- $filePrefix := replace "_" "-" $key }}
{{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }}
{{- end }}
logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }}
api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }}
policy.yaml: {{ toYaml .Values.conf.policy | b64enc }}
manila_sudoers: {{ $envAll.Values.conf.manila_sudoers | b64enc }}
rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }}
{{- end }}

140
manila/templates/deployment-api.yaml Normal file
View File

@ -0,0 +1,140 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_api }}
{{- $envAll := . }}
{{- $mounts_manila_api := .Values.pod.mounts.manila_api.manila_api }}
{{- $mounts_manila_api_init := .Values.pod.mounts.manila_api.init_container }}
{{- $serviceAccountName := "manila-api" }}
{{ tuple $envAll "api" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: manila-api
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.api }}
selector:
matchLabels:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "manila-api" "containerNames" (list "init" "manila-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value }}
{{ if $envAll.Values.pod.tolerations.manila.enabled }}
{{ tuple $envAll "manila" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
{{ end }}
initContainers:
{{ tuple $envAll "api" $mounts_manila_api_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: manila-api
{{ tuple $envAll "manila_api" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "manila" "container" "manila_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/manila-api.sh
- start
env:
{{- if or .Values.manifests.certificates .Values.tls.identity }}
- name: REQUESTS_CA_BUNDLE
value: "/etc/manila/certs/ca.crt"
{{- end }}
lifecycle:
preStop:
exec:
command:
- /tmp/manila-api.sh
- stop
ports:
- name: m-api
containerPort: {{ tuple "share" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
httpGet:
scheme: HTTP
path: /
port: {{ tuple "share" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: state-tmp
mountPath: /var/lib/manila
- name: etcmanila
mountPath: /etc/manila
- name: manila-etc
mountPath: /etc/manila/manila.conf
subPath: manila.conf
readOnly: true
{{- if .Values.conf.manila.DEFAULT.log_config_append }}
- name: manila-etc
mountPath: {{ .Values.conf.manila.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.manila.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: manila-etc
mountPath: /etc/manila/api-paste.ini
subPath: api-paste.ini
readOnly: true
- name: manila-etc
mountPath: /etc/manila/policy.yaml
subPath: policy.yaml
readOnly: true
- name: manila-bin
mountPath: /tmp/manila-api.sh
subPath: manila-api.sh
readOnly: true
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal "path" "/etc/manila/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_manila_api.volumeMounts }}{{ toYaml $mounts_manila_api.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: state-tmp
emptyDir: {}
- name: etcmanila
emptyDir: {}
- name: manila-etc
secret:
secretName: manila-etc
defaultMode: 0444
- name: manila-bin
configMap:
name: manila-bin
defaultMode: 0555
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_manila_api.volumes }}{{ toYaml $mounts_manila_api.volumes | indent 8 }}{{ end }}
{{- end }}

121
manila/templates/deployment-data.yaml Normal file
View File

@ -0,0 +1,121 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_data }}
{{- $envAll := . }}
{{- $mounts_manila_data := .Values.pod.mounts.manila_data.manila_data }}
{{- $mounts_manila_data_init := .Values.pod.mounts.manila_data.init_container }}
{{- $serviceAccountName := "manila-data" }}
{{ tuple $envAll "data" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: manila-data
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.data }}
selector:
matchLabels:
{{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "manila-data" "containerNames" (list "init" "manila-data") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.data.node_selector_key }}: {{ .Values.labels.data.node_selector_value }}
{{ if $envAll.Values.pod.tolerations.manila.enabled }}
{{ tuple $envAll "manila" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
{{ end }}
initContainers:
{{ tuple $envAll "data" $mounts_manila_data_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: manila-data
{{ tuple $envAll "manila_data" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.data | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "manila" "container" "manila_data" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/manila-data.sh
env:
{{- if or .Values.manifests.certificates .Values.tls.identity }}
- name: REQUESTS_CA_BUNDLE
value: "/etc/manila/certs/ca.crt"
{{- end }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: etcmanila
mountPath: /etc/manila
- name: state-tmp
mountPath: /var/lib/manila
- name: manila-etc
mountPath: /etc/manila/manila.conf
subPath: manila.conf
readOnly: true
{{- if .Values.conf.manila.DEFAULT.log_config_append }}
- name: manila-etc
mountPath: {{ .Values.conf.manila.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.manila.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: manila-etc
mountPath: /etc/manila/policy.yaml
subPath: policy.yaml
readOnly: true
- name: manila-bin
mountPath: /tmp/manila-data.sh
subPath: manila-data.sh
readOnly: true
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal "path" "/etc/manila/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_manila_data.volumeMounts }}{{ toYaml $mounts_manila_data.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: state-tmp
emptyDir: {}
- name: etcmanila
emptyDir: {}
- name: manila-etc
secret:
secretName: manila-etc
defaultMode: 0444
- name: manila-bin
configMap:
name: manila-bin
defaultMode: 0555
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_manila_data.volumes }}{{ toYaml $mounts_manila_data.volumes | indent 8 }}{{ end }}
{{- end }}

121
manila/templates/deployment-scheduler.yaml Normal file
View File

@ -0,0 +1,121 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_scheduler }}
{{- $envAll := . }}
{{- $mounts_manila_scheduler := .Values.pod.mounts.manila_scheduler.manila_scheduler }}
{{- $mounts_manila_scheduler_init := .Values.pod.mounts.manila_scheduler.init_container }}
{{- $serviceAccountName := "manila-scheduler" }}
{{ tuple $envAll "scheduler" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: manila-scheduler
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.scheduler }}
selector:
matchLabels:
{{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "manila-scheduler" "containerNames" (list "init" "manila-scheduler") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.scheduler.node_selector_key }}: {{ .Values.labels.scheduler.node_selector_value }}
{{ if $envAll.Values.pod.tolerations.manila.enabled }}
{{ tuple $envAll "manila" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
{{ end }}
initContainers:
{{ tuple $envAll "scheduler" $mounts_manila_scheduler_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: manila-scheduler
{{ tuple $envAll "manila_scheduler" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.scheduler | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "manila" "container" "manila_scheduler" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/manila-scheduler.sh
env:
{{- if or .Values.manifests.certificates .Values.tls.identity }}
- name: REQUESTS_CA_BUNDLE
value: "/etc/manila/certs/ca.crt"
{{- end }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: etcmanila
mountPath: /etc/manila
- name: state-tmp
mountPath: /var/lib/manila
- name: manila-etc
mountPath: /etc/manila/manila.conf
subPath: manila.conf
readOnly: true
{{- if .Values.conf.manila.DEFAULT.log_config_append }}
- name: manila-etc
mountPath: {{ .Values.conf.manila.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.manila.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: manila-etc
mountPath: /etc/manila/policy.yaml
subPath: policy.yaml
readOnly: true
- name: manila-bin
mountPath: /tmp/manila-scheduler.sh
subPath: manila-scheduler.sh
readOnly: true
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal "path" "/etc/manila/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_manila_scheduler.volumeMounts }}{{ toYaml $mounts_manila_scheduler.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: state-tmp
emptyDir: {}
- name: etcmanila
emptyDir: {}
- name: manila-etc
secret:
secretName: manila-etc
defaultMode: 0444
- name: manila-bin
configMap:
name: manila-bin
defaultMode: 0555
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_manila_scheduler.volumes }}{{ toYaml $mounts_manila_scheduler.volumes | indent 8 }}{{ end }}
{{- end }}

151
manila/templates/deployment-share.yaml Normal file
View File

@ -0,0 +1,151 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.deployment_share }}
{{- $envAll := . }}
{{- $mounts_manila_share := .Values.pod.mounts.manila_share.manila_share }}
{{- $mounts_manila_share_init := .Values.pod.mounts.manila_share.init_container }}
{{- $serviceAccountName := "manila-share" }}
{{ tuple $envAll "share" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: manila-share
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
labels:
{{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
spec:
replicas: {{ .Values.pod.replicas.share }}
selector:
matchLabels:
{{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
template:
metadata:
labels:
{{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "manila-share" "containerNames" (list "init" "manila-share") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
nodeSelector:
{{ .Values.labels.share.node_selector_key }}: {{ .Values.labels.share.node_selector_value }}
{{ if $envAll.Values.pod.tolerations.manila.enabled }}
{{ tuple $envAll "manila" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
{{ end }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
initContainers:
{{ tuple $envAll "share" $mounts_manila_share_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
containers:
- name: manila-share
{{ tuple $envAll "manila_share" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.share | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "manila" "container" "manila_share" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
command:
- /tmp/manila-share.sh
env:
{{- if or .Values.manifests.certificates .Values.tls.identity }}
- name: REQUESTS_CA_BUNDLE
value: "/etc/manila/certs/ca.crt"
{{- end }}
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: etcmanila
mountPath: /etc/manila
- name: state-tmp
mountPath: /var/lib/manila
- name: manila-etc
mountPath: /etc/manila/manila.conf
subPath: manila.conf
readOnly: true
- name: manila-etc
mountPath: /etc/manila/rootwrap.conf
subPath: rootwrap.conf
- name: manila-etc
mountPath: /etc/sudoers.d/kolla_manila_sudoers
subPath: manila_sudoers
readOnly: true
- name: manila-etc
mountPath: /etc/sudoers.d/kolla_manila_volume_sudoers
subPath: manila_sudoers
readOnly: true
- mountPath: /run/openvswitch
name: run-openvswitch
readOnly: true
{{- range $key, $value := $envAll.Values.conf.rootwrap_filters }}
{{- if ( has "share" $value.pods ) }}
{{- $filePrefix := replace "_" "-" $key }}
{{- $rootwrapFile := printf "/etc/manila/rootwrap.d/%s.filters" $filePrefix }}
- name: manila-etc
mountPath: {{ $rootwrapFile }}
subPath: {{ base $rootwrapFile }}
readOnly: true
{{- end }}
{{- end }}
{{- if .Values.conf.manila.DEFAULT.log_config_append }}
- name: manila-etc
mountPath: {{ .Values.conf.manila.DEFAULT.log_config_append }}
subPath: {{ base .Values.conf.manila.DEFAULT.log_config_append }}
readOnly: true
{{- end }}
- name: manila-etc
mountPath: /etc/manila/policy.yaml
subPath: policy.yaml
readOnly: true
- name: manila-bin
mountPath: /tmp/manila-share.sh
subPath: manila-share.sh
readOnly: true
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal "path" "/etc/manila/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_manila_share.volumeMounts }}{{ toYaml $mounts_manila_share.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: state-tmp
emptyDir: {}
- name: etcmanila
emptyDir: {}
- name: run-openvswitch
hostPath:
path: /run/openvswitch
type: Directory
- name: manila-etc
secret:
secretName: manila-etc
defaultMode: 0444
- name: manila-bin
configMap:
name: manila-bin
defaultMode: 0555
{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_messaging.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_manila_share.volumes }}{{ toYaml $mounts_manila_share.volumes | indent 8 }}{{ end }}
{{- end }}

18
manila/templates/ingress-api.yaml Normal file
View File

@ -0,0 +1,18 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.ingress_api .Values.network.api.ingress.public }}
{{- $ingressOpts := dict "envAll" . "backendServiceType" "share" "backendPort" "m-api" -}}
{{ $ingressOpts | include "helm-toolkit.manifests.ingress" }}
{{- end }}

31
manila/templates/job-bootstrap.yaml Normal file
View File

@ -0,0 +1,31 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.bootstrap" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "5"
{{- end }}
{{- end }}
{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }}
{{- $bootstrapJob := dict "envAll" . "serviceName" "manila" "keystoneUser" .Values.bootstrap.ks_user "logConfigFile" .Values.conf.manila.DEFAULT.log_config_append "jobAnnotations" (include "metadata.annotations.job.bootstrap" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $bootstrapJob "tolerationsEnabled" true -}}
{{- end -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $bootstrapJob "tlsSecret" .Values.secrets.tls.share.api.internal -}}
{{- end -}}
{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }}
{{- end }}

26
manila/templates/job-db-drop.yaml Normal file
View File

@ -0,0 +1,26 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.job_db_drop }}
{{- $serviceName := "manila" -}}
{{- $dbToDrop := dict "adminSecret" .Values.secrets.oslo_db.admin "configFile" (printf "/etc/%s/%s.conf" $serviceName $serviceName ) "logConfigFile" (printf "/etc/%s/logging.conf" $serviceName ) "configDbSection" "DEFAULT" "configDbKey" "sql_connection" -}}
{{- $dbDropJob := dict "envAll" . "serviceName" $serviceName "dbToDrop" $dbToDrop -}}
{{- if .Values.manifests.certificates -}}
{{- $_ := set $dbToDrop "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
{{- end -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $dbDropJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $dbDropJob | include "helm-toolkit.manifests.job_db_drop_mysql" }}
{{- end }}

32
manila/templates/job-db-init.yaml Normal file
View File

@ -0,0 +1,32 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.db_init" }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-5"
{{- end }}
{{- if .Values.manifests.job_db_init }}
{{- $dbInitJob := dict "envAll" . "serviceName" "manila" -}}
{{- if .Values.manifests.certificates -}}
{{- $_ := set $dbInitJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
{{- end -}}
{{- if .Values.helm3_hook }}
{{- $_ := set $dbInitJob "jobAnnotations" (include "metadata.annotations.job.db_init" . | fromYaml) }}
{{- end }}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $dbInitJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
{{- end }}

32
manila/templates/job-db-sync.yaml Normal file
View File

@ -0,0 +1,32 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.db_sync" }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-4"
{{- end }}
{{- if .Values.manifests.job_db_sync }}
{{- $dbSyncJob := dict "envAll" . "serviceName" "manila" "podVolMounts" .Values.pod.mounts.manila_db_sync.manila_db_sync.volumeMounts "podVols" .Values.pod.mounts.manila_db_sync.manila_db_sync.volumes -}}
{{- if .Values.manifests.certificates -}}
{{- $_ := set $dbSyncJob "dbAdminTlsSecret" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal -}}
{{- end -}}
{{- if .Values.helm3_hook }}
{{- $_ := set $dbSyncJob "jobAnnotations" (include "metadata.annotations.job.db_sync" . | fromYaml) }}
{{- end }}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $dbSyncJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $dbSyncJob | include "helm-toolkit.manifests.job_db_sync" }}
{{- end }}

27
manila/templates/job-image-repo-sync.yaml Normal file
View File

@ -0,0 +1,27 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.repo_sync" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
{{- end }}
{{- end }}
{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "manila" "jobAnnotations" (include "metadata.annotations.job.repo_sync" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $imageRepoSyncJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
{{- end }}

31
manila/templates/job-ks-endpoints.yaml Normal file
View File

@ -0,0 +1,31 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.ks_endpoints" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-2"
{{- end }}
{{- end }}
{{- if .Values.manifests.job_ks_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "manila" "serviceTypes" ( tuple "share" "sharev2" ) "jobAnnotations" (include "metadata.annotations.job.ks_endpoints" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
{{- end -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.share.api.internal -}}
{{- end -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_endpoints" }}
{{- end }}

31
manila/templates/job-ks-service.yaml Normal file
View File

@ -0,0 +1,31 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.ks_service" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-3"
{{- end }}
{{- end }}
{{- if .Values.manifests.job_ks_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "manila" "serviceTypes" ( tuple "share" "sharev2" ) "jobAnnotations" (include "metadata.annotations.job.ks_service" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $ksServiceJob "tolerationsEnabled" true -}}
{{- end -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.share.api.internal -}}
{{- end -}}
{{ $ksServiceJob | include "helm-toolkit.manifests.job_ks_service" }}
{{- end }}

31
manila/templates/job-ks-user.yaml Normal file
View File

@ -0,0 +1,31 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.ks_user" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-1"
{{- end }}
{{- end }}
{{- if .Values.manifests.job_ks_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "manila" "jobAnnotations" (include "metadata.annotations.job.ks_user" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $ksUserJob "tolerationsEnabled" true -}}
{{- end -}}
{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.share.api.internal -}}
{{- end -}}
{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
{{- end }}

28
manila/templates/job-rabbit-init.yaml Normal file
View File

@ -0,0 +1,28 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- define "metadata.annotations.job.rabbit_init" }}
{{- if .Values.helm3_hook }}
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "-4"
{{- end }}
{{- end }}
{{- if .Values.manifests.job_rabbit_init }}
{{- $rmqUserJob := dict "envAll" . "serviceName" "manila" "jobAnnotations" (include "metadata.annotations.job.rabbit_init" . | fromYaml) -}}
{{- if .Values.pod.tolerations.manila.enabled -}}
{{- $_ := set $rmqUserJob "tolerationsEnabled" true -}}
{{- end -}}
{{ $rmqUserJob | include "helm-toolkit.manifests.job_rabbit_init" }}
{{- end }}

16
manila/templates/network_policy.yaml Normal file
View File

@ -0,0 +1,16 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
{{- if .Values.manifests.network_policy -}}
{{- $netpol_opts := dict "envAll" . "name" "application" "label" "manila" -}}
{{ $netpol_opts | include "helm-toolkit.manifests.kubernetes_network_policy" }}
{{- end -}}

27
manila/templates/pdb-api.yaml Normal file
View File

@ -0,0 +1,27 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.pdb_api }}
{{- $envAll := . }}
---
apiVersion: policy/v1
kind: PodDisruptionBudget
metadata:
name: manila-api
spec:
minAvailable: {{ .Values.pod.lifecycle.disruption_budget.api.min_available }}
selector:
matchLabels:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
{{- end }}

129
manila/templates/pod-rally-test.yaml Normal file
View File

@ -0,0 +1,129 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if (.Values.global).subchart_release_name }}
{{- $_ := set . "deployment_name" .Chart.Name }}
{{- else }}
{{- $_ := set . "deployment_name" .Release.Name }}
{{- end }}
{{- if .Values.manifests.pod_rally_test }}
{{- $envAll := . }}
{{- $mounts_tests := .Values.pod.mounts.manila_tests.manila_tests }}
{{- $mounts_tests_init := .Values.pod.mounts.manila_tests.init_container }}
{{- $serviceAccountName := print $envAll.deployment_name "-test" }}
{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: v1
kind: Pod
metadata:
name: {{ print $envAll.deployment_name "-test" }}
labels:
{{ tuple $envAll "manila" "test" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
annotations:
"helm.sh/hook": test-success
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
{{ dict "envAll" $envAll "podName" "manila-test" "containerNames" (list "init" "manila-test" "manila-test-ks-user") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
spec:
restartPolicy: Never
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
- name: manila-test-ks-user
{{ tuple $envAll "ks_user" | include "helm-toolkit.snippets.image" | indent 6 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_user | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
{{ dict "envAll" $envAll "application" "test" "container" "manila_test_ks_user" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6 }}
command:
- /tmp/ks-user.sh
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: manila-bin
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
readOnly: true
{{- if and .Values.manifests.certificates .Values.secrets.tls.share.api.internal }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
{{- end }}
env:
{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
{{- end }}
- name: SERVICE_OS_SERVICE_NAME
value: "test"
{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
{{- end }}
- name: SERVICE_OS_ROLE
value: {{ .Values.endpoints.share.auth.test.role | quote }}
containers:
- name: manila-test
{{ tuple $envAll "test" | include "helm-toolkit.snippets.image" | indent 6 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
{{ dict "envAll" $envAll "application" "test" "container" "manila_test" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6}}
env:
{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
{{- end }}
{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
{{- end }}
- name: RALLY_ENV_NAME
value: {{.deployment_name}}
command:
- /tmp/rally-test.sh
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: manila-etc
mountPath: /etc/rally/rally_tests.yaml
subPath: rally_tests.yaml
readOnly: true
- name: manila-bin
mountPath: /tmp/rally-test.sh
subPath: rally-test.sh
readOnly: true
- name: rally-db
mountPath: /var/lib/rally
- name: rally-work
mountPath: /home/rally/.rally
{{- if and .Values.manifests.certificates .Values.secrets.tls.share.api.internal }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
{{- end }}
{{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }}
volumes:
- name: pod-tmp
emptyDir: {}
- name: manila-etc
secret:
secretName: manila-etc
defaultMode: 0444
- name: manila-bin
configMap:
name: manila-bin
defaultMode: 0555
- name: rally-db
emptyDir: {}
- name: rally-work
emptyDir: {}
{{- if and .Values.manifests.certificates .Values.secrets.tls.share.api.internal }}
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
{{- end }}
{{ if $mounts_tests.volumes }}{{ toYaml $mounts_tests.volumes | indent 4 }}{{ end }}
{{- end }}

33
manila/templates/secret-db.yaml Normal file
View File

@ -0,0 +1,33 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_db }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "manila" }}
{{- $secretName := index $envAll.Values.secrets.oslo_db $userClass }}
{{- $connection := tuple "oslo_db" "internal" $userClass "mysql" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- if $envAll.Values.manifests.certificates }}
DB_CONNECTION: {{ (printf "%s?charset=utf8&ssl_ca=/etc/mysql/certs/ca.crt&ssl_key=/etc/mysql/certs/tls.key&ssl_cert=/etc/mysql/certs/tls.crt&ssl_verify_cert" $connection ) | b64enc -}}
{{- else }}
DB_CONNECTION: {{ $connection | b64enc -}}
{{- end }}
{{- end }}
{{- end }}

17
manila/templates/secret-ingress-tls.yaml Normal file
View File

@ -0,0 +1,17 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_ingress_tls }}
{{- include "helm-toolkit.manifests.secret_ingress_tls" ( dict "envAll" . "backendServiceType" "share" ) }}
{{- end }}

28
manila/templates/secret-keystone.yaml Normal file
View File

@ -0,0 +1,28 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_keystone }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "manila" }}
{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
{{- end }}
{{- end }}

28
manila/templates/secret-rabbitmq.yaml Normal file
View File

@ -0,0 +1,28 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.secret_rabbitmq }}
{{- $envAll := . }}
{{- range $key1, $userClass := tuple "admin" "manila" }}
{{- $secretName := index $envAll.Values.secrets.oslo_messaging $userClass }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ $secretName }}
type: Opaque
data:
RABBITMQ_CONNECTION: {{ tuple "oslo_messaging" "internal" $userClass "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | b64enc }}
{{- end }}
{{- end }}

17
manila/templates/secret-registry.yaml Normal file
View File

@ -0,0 +1,17 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.secret_registry .Values.endpoints.oci_image_registry.auth.enabled }}
{{ include "helm-toolkit.manifests.secret_registry" ( dict "envAll" . "registryUser" .Chart.Name ) }}
{{- end }}

37
manila/templates/service-api.yaml Normal file
View File

@ -0,0 +1,37 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if .Values.manifests.service_api }}
{{- $envAll := . }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ tuple "share" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }}
spec:
ports:
- name: b-api
port: {{ tuple "share" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
selector:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
{{ if .Values.network.api.node_port.enabled }}
type: NodePort
{{ if .Values.network.api.external_policy_local }}
externalTrafficPolicy: Local
{{ end }}
{{ end }}
{{- end }}

18
manila/templates/service-ingress-api.yaml Normal file
View File

@ -0,0 +1,18 @@
{{/*
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/}}
{{- if and .Values.manifests.service_ingress_api .Values.network.api.ingress.public }}
{{- $serviceIngressOpts := dict "envAll" . "backendServiceType" "share" -}}
{{ $serviceIngressOpts | include "helm-toolkit.manifests.service_ingress" }}
{{- end }}

1092
manila/values.yaml Normal file
View File

File diff suppressed because it is too large Load Diff

11
manila/values_overrides/apparmor.yaml Normal file
View File

@ -0,0 +1,11 @@
---
pod:
mandatory_access_control:
type: apparmor
manila-api:
manila-api: runtime/default
init: runtime/default
manila-test:
init: runtime/default
manila-test: runtime/default
...

12
manila/values_overrides/tls-offloading.yaml Normal file
View File

@ -0,0 +1,12 @@
---
endpoints:
identity:
auth:
admin:
cacert: /etc/ssl/certs/openstack-helm.crt
manila:
cacert: /etc/ssl/certs/openstack-helm.crt
tls:
identity: true
...

4
manila/values_overrides/tls.yaml Normal file
View File

@ -0,0 +1,4 @@
---
manifests:
certificates: true
...

18
manila/values_overrides/xena-ubuntu_focal.yaml Normal file
View File

@ -0,0 +1,18 @@
---
images:
tags:
bootstrap: docker.io/openstackhelm/heat:xena-ubuntu_focal
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
db_init: docker.io/openstackhelm/heat:xena-ubuntu_focal
manila_db_sync: docker.io/openstackhelm/manila:xena-ubuntu_focal
db_drop: docker.io/openstackhelm/heat:xena-ubuntu_focal
ks_user: docker.io/openstackhelm/heat:xena-ubuntu_focal
ks_service: docker.io/openstackhelm/heat:xena-ubuntu_focal
ks_endpoints: docker.io/openstackhelm/heat:xena-ubuntu_focal
manila_api: docker.io/openstackhelm/manila:xena-ubuntu_focal
manila_data: docker.io/openstackhelm/manila:xena-ubuntu_focal
manila_scheduler: docker.io/openstackhelm/manila:xena-ubuntu_focal
manila_share: docker.io/openstackhelm/manila:xena-ubuntu_focal
rabbit_init: docker.io/rabbitmq:3.7-management
image_repo_sync: docker.io/docker:17.07.0
...

18
manila/values_overrides/yoga-ubuntu_focal.yaml Normal file
View File

@ -0,0 +1,18 @@
---
images:
tags:
bootstrap: docker.io/openstackhelm/heat:yoga-ubuntu_focal
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
db_init: docker.io/openstackhelm/heat:yoga-ubuntu_focal
manila_db_sync: docker.io/openstackhelm/manila:yoga-ubuntu_focal
db_drop: docker.io/openstackhelm/heat:yoga-ubuntu_focal
ks_user: docker.io/openstackhelm/heat:yoga-ubuntu_focal
ks_service: docker.io/openstackhelm/heat:yoga-ubuntu_focal
ks_endpoints: docker.io/openstackhelm/heat:yoga-ubuntu_focal
manila_api: docker.io/openstackhelm/manila:yoga-ubuntu_focal
manila_data: docker.io/openstackhelm/manila:yoga-ubuntu_focal
manila_scheduler: docker.io/openstackhelm/manila:yoga-ubuntu_focal
manila_share: docker.io/openstackhelm/manila:yoga-ubuntu_focal
rabbit_init: docker.io/rabbitmq:3.7-management
image_repo_sync: docker.io/docker:17.07.0
...

4
releasenotes/notes/manila.yaml Normal file
View File

@ -0,0 +1,4 @@
---
manila:
- 0.1.0 Initial Chart
...

31
tools/deployment/component/manila/manila.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
set -xe
#NOTE: Get the over-rides to use
: ${OSH_EXTRA_HELM_ARGS_MANILA:="$(./tools/deployment/common/get-values-overrides.sh manila)"}
: ${RUN_HELM_TESTS:="no"}
#NOTE: Lint and package chart
make manila
#NOTE: Deploy command
helm upgrade --install --debug manila ./manila \
--namespace=openstack \
${OSH_EXTRA_HELM_ARGS:=} \
${OSH_EXTRA_HELM_ARGS_MANILA:=}
#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack 1800