fix: enable glance with cinder
diff --git a/roles/openstack_helm_glance/tasks/main.yml b/roles/openstack_helm_glance/tasks/main.yml
index 9d35a14..7493534 100644
--- a/roles/openstack_helm_glance/tasks/main.yml
+++ b/roles/openstack_helm_glance/tasks/main.yml
@@ -25,13 +25,28 @@
state: present
definition:
- apiVersion: source.toolkit.fluxcd.io/v1beta2
- kind: HelmRepository
+ kind: GitRepository
+ metadata:
+ name: openstack-helm-infra
+ namespace: openstack
+ spec:
+ interval: 60s
+ url: https://opendev.org/openstack/openstack-helm-infra
+
+ - apiVersion: source.toolkit.fluxcd.io/v1beta2
+ kind: GitRepository
metadata:
name: openstack-helm
namespace: openstack
spec:
interval: 60s
- url: https://tarballs.opendev.org/openstack/openstack-helm/
+ url: https://github.com/vexxhost/openstack-helm
+ ref:
+ commit: 8348cb0d995b2c52a5bd3d3d3e1d9b7ffb517ee9
+ include:
+ - repository:
+ name: openstack-helm-infra
+ toPath: ../openstack-helm-infra
- apiVersion: v1
kind: Secret
@@ -50,10 +65,9 @@
interval: 60s
chart:
spec:
- chart: glance
- version: 0.2.10
+ chart: ./glance
sourceRef:
- kind: HelmRepository
+ kind: GitRepository
name: openstack-helm
install:
disableWait: true
diff --git a/roles/openstack_helm_glance/vars/main.yml b/roles/openstack_helm_glance/vars/main.yml
index 40ee6d2..d0d586f 100644
--- a/roles/openstack_helm_glance/vars/main.yml
+++ b/roles/openstack_helm_glance/vars/main.yml
@@ -16,6 +16,7 @@
endpoints: "{{ openstack_helm_endpoints }}"
storage: rbd
images:
+ pull_policy: Always
tags:
bootstrap: "{{ openstack_helm_glance_image_repository }}/heat:{{ openstack_helm_glance_heat_image_tag }}"
db_drop: "{{ openstack_helm_glance_image_repository }}/heat:{{ openstack_helm_glance_heat_image_tag }}"
@@ -33,6 +34,17 @@
bootstrap:
enabled: false
pod:
+ security_context:
+ glance:
+ container:
+ glance_api:
+ allowPrivilegeEscalation: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+ readOnlyRootFilesystem: "{{ ('cinder' not in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+ privileged: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
+ capabilities:
+ add: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | ternary(['SYS_ADMIN'], []) }}"
+ useHostNetwork:
+ api: "{{ ('cinder' in openstack_helm_glance_values.get('conf', {}).get('glance', {}).get('glance_store', {}).get('stores', '')) | bool }}"
replicas:
api: 3
conf:
@@ -44,8 +56,6 @@
enable_import_methods: "[]"
cors:
allowed_origins: "*"
- glance_store:
- cinder_catalog_info: volumev3::internalURL
image_formats:
disk_formats: "qcow2,raw"
oslo_messaging_notifications: