From 2edf1bcc99666e99656a0a84e2af0e2c88c106ef Mon Sep 17 00:00:00 2001
From: Alan Meadows <alan.meadows@gmail.com>
Date: Fri, 20 Jan 2017 09:30:08 -0600
Subject: [PATCH] Bugfixes for functional release tagging

* Allow glance to support using default secrets
  if none are provided

* Resolve configmap mounting issue with glance
  ceph secrets

* Ensure keystone wsgi workers/threads are set to
  reasonable numbers for a container implementation
---
 glance/templates/configmap-etc.yaml                       | 4 ++--
 glance/templates/deployment-api.yaml                      | 2 ++
 glance/templates/deployment-registry.yaml                 | 2 ++
 glance/templates/etc/_ceph.client.glance.keyring.tpl      | 6 ++++++
 glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl | 2 --
 keystone/templates/etc/_wsgi-keystone.conf.tpl            | 4 ++--
 6 files changed, 14 insertions(+), 6 deletions(-)
 create mode 100644 glance/templates/etc/_ceph.client.glance.keyring.tpl
 delete mode 100644 glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl

diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml
index ba8b86c42e..ae34308b9a 100644
--- a/glance/templates/configmap-etc.yaml
+++ b/glance/templates/configmap-etc.yaml
@@ -5,8 +5,8 @@ metadata:
 data:
   ceph.conf: |+
 {{ tuple "etc/_ceph.conf.tpl" . | include "template" | indent 4 }}
-  ceph.client.glance.keyring.yaml: |+
-{{ tuple "etc/_ceph.client.glance.keyring.yaml.tpl" . | include "template" | indent 4 }}
+  ceph.client.{{ .Values.ceph.glance_user }}.keyring: |+
+{{ tuple "etc/_ceph.client.glance.keyring.tpl" . | include "template" | indent 4 }}
   glance-api.conf: |+
 {{ tuple "etc/_glance-api.conf.tpl" . | include "template" | indent 4 }}
   glance-api-paste.ini: |+
diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml
index 46086de678..e4431c0460 100644
--- a/glance/templates/deployment-api.yaml
+++ b/glance/templates/deployment-api.yaml
@@ -23,6 +23,8 @@ spec:
       labels:
         app: glance-api
       annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }}
         pod.beta.kubernetes.io/init-containers: '[
 {{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }}
         ]'
diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml
index e6ab5cd79e..3df9090a0e 100644
--- a/glance/templates/deployment-registry.yaml
+++ b/glance/templates/deployment-registry.yaml
@@ -15,6 +15,8 @@ spec:
       labels:
         app: glance-registry
       annotations:
+        configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "hash" }}
+        configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "hash" }}
         pod.beta.kubernetes.io/init-containers: '[
 {{ tuple $envAll $dependencies | include "dep-check-init-cont" | indent 10 }}
         ]'
diff --git a/glance/templates/etc/_ceph.client.glance.keyring.tpl b/glance/templates/etc/_ceph.client.glance.keyring.tpl
new file mode 100644
index 0000000000..4f625b2ba6
--- /dev/null
+++ b/glance/templates/etc/_ceph.client.glance.keyring.tpl
@@ -0,0 +1,6 @@
+[client.{{ .Values.ceph.glance_user }}]
+{{- if .Values.ceph.glance_keyring }}
+    key = {{ .Values.ceph.glance_keyring }}
+{{- else }}
+    key = {{- include "secrets/ceph-client-key" . -}}
+{{- end }}
diff --git a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl b/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl
deleted file mode 100644
index f780dada8f..0000000000
--- a/glance/templates/etc/_ceph.client.glance.keyring.yaml.tpl
+++ /dev/null
@@ -1,2 +0,0 @@
-[client.{{ .Values.ceph.glance_user }}]
-     key = {{ .Values.ceph.glance_keyring }}
diff --git a/keystone/templates/etc/_wsgi-keystone.conf.tpl b/keystone/templates/etc/_wsgi-keystone.conf.tpl
index f04bc7e1b6..54e393a223 100644
--- a/keystone/templates/etc/_wsgi-keystone.conf.tpl
+++ b/keystone/templates/etc/_wsgi-keystone.conf.tpl
@@ -5,7 +5,7 @@ LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combine
 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
 
 <VirtualHost *:{{ .Values.network.port.public }}>
-    WSGIDaemonProcess keystone-public processes=16 threads=6 user=keystone group=keystone display-name=%{GROUP}
+    WSGIDaemonProcess keystone-public processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP}
     WSGIProcessGroup keystone-public
     WSGIScriptAlias / /var/www/cgi-bin/keystone/main
     WSGIApplicationGroup %{GLOBAL}
@@ -21,7 +21,7 @@ LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-A
 </VirtualHost>
 
 <VirtualHost *:{{ .Values.network.port.admin }}>
-    WSGIDaemonProcess keystone-admin processes=16 threads=5 user=keystone group=keystone display-name=%{GROUP}
+    WSGIDaemonProcess keystone-admin processes=1 threads=4 user=keystone group=keystone display-name=%{GROUP}
     WSGIProcessGroup keystone-admin
     WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
     WSGIApplicationGroup %{GLOBAL}