Merge "Enable {priority,runtime}ClassName for Nova" into stable/2023.2diff --git a/charts/barbican/templates/deployment-api.yaml b/charts/barbican/templates/deployment-api.yaml
index 8ae9ea4..1e5cbba 100644
--- a/charts/barbican/templates/deployment-api.yaml
+++ b/charts/barbican/templates/deployment-api.yaml
@@ -47,6 +47,12 @@
{{ dict "envAll" $envAll "podName" "barbican-api" "containerNames" (list "init" "barbican-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "barbican" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.barbican_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.barbican_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "barbican" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/barbican/templates/pod-test.yaml b/charts/barbican/templates/pod-test.yaml
index f414356..783d328 100644
--- a/charts/barbican/templates/pod-test.yaml
+++ b/charts/barbican/templates/pod-test.yaml
@@ -33,6 +33,12 @@
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
{{ dict "envAll" $envAll "podName" "barbican-test" "containerNames" (list "init" "barbican-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
spec:
+{{ with .Values.pod.priorityClassName.barbican_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.barbican_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
nodeSelector:
diff --git a/charts/barbican/values.yaml b/charts/barbican/values.yaml
index e2e87bf..17aee72 100644
--- a/charts/barbican/values.yaml
+++ b/charts/barbican/values.yaml
@@ -55,6 +55,14 @@
- image_repo_sync
pod:
+ priorityClassName:
+ barbican_api: null
+ barbican_tests: null
+ db_sync: null
+ runtimeClassName:
+ barbican_api: null
+ barbican_tests: null
+ db_sync: null
security_context:
barbican:
pod:
diff --git a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
index 897b5b6..14c18f5 100644
--- a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+++ b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
@@ -50,6 +50,12 @@
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }}
spec:
{{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
+{{ with .Values.pod.priorityClassName.cinder_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
{{ if $envAll.Values.pod.tolerations.cinder.enabled }}
diff --git a/charts/cinder/templates/deployment-api.yaml b/charts/cinder/templates/deployment-api.yaml
index feab3ef..13087e7 100644
--- a/charts/cinder/templates/deployment-api.yaml
+++ b/charts/cinder/templates/deployment-api.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-backup.yaml b/charts/cinder/templates/deployment-backup.yaml
index 47fac40..6e69c8e 100644
--- a/charts/cinder/templates/deployment-backup.yaml
+++ b/charts/cinder/templates/deployment-backup.yaml
@@ -47,6 +47,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_backup }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_backup }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-scheduler.yaml b/charts/cinder/templates/deployment-scheduler.yaml
index cf69dd1..a19be9d 100644
--- a/charts/cinder/templates/deployment-scheduler.yaml
+++ b/charts/cinder/templates/deployment-scheduler.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_scheduler }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_scheduler }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-volume.yaml b/charts/cinder/templates/deployment-volume.yaml
index f029aff..b39cd2b 100644
--- a/charts/cinder/templates/deployment-volume.yaml
+++ b/charts/cinder/templates/deployment-volume.yaml
@@ -47,6 +47,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_volume }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_volume }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/pod-rally-test.yaml b/charts/cinder/templates/pod-rally-test.yaml
index 3ed52cd..e44bdcf 100644
--- a/charts/cinder/templates/pod-rally-test.yaml
+++ b/charts/cinder/templates/pod-rally-test.yaml
@@ -38,6 +38,12 @@
{{ end }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ with .Values.pod.priorityClassName.cinder_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
diff --git a/charts/cinder/values.yaml b/charts/cinder/values.yaml
index 12351a6..23bcc8f 100644
--- a/charts/cinder/values.yaml
+++ b/charts/cinder/values.yaml
@@ -76,6 +76,22 @@
failed: 1
pod:
+ priorityClassName:
+ cinder_api: null
+ cinder_backup: null
+ cinder_scheduler: null
+ cinder_tests: null
+ cinder_volume_usage_audit: null
+ cinder_volume: null
+ db_sync: null
+ runtimeClassName:
+ cinder_api: null
+ cinder_backup: null
+ cinder_scheduler: null
+ cinder_tests: null
+ cinder_volume_usage_audit: null
+ cinder_volume: null
+ db_sync: null
security_context:
volume_usage_audit:
pod:
diff --git a/charts/designate/templates/deployment-api.yaml b/charts/designate/templates/deployment-api.yaml
index e9df6b6..2f6ed7c 100644
--- a/charts/designate/templates/deployment-api.yaml
+++ b/charts/designate/templates/deployment-api.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "designate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/designate/templates/deployment-central.yaml b/charts/designate/templates/deployment-central.yaml
index 02d9f3c..c3e7dcd 100644
--- a/charts/designate/templates/deployment-central.yaml
+++ b/charts/designate/templates/deployment-central.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_central }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_central }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "designate" "central" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/designate/templates/deployment-mdns.yaml b/charts/designate/templates/deployment-mdns.yaml
index d58f630..9312bc7 100644
--- a/charts/designate/templates/deployment-mdns.yaml
+++ b/charts/designate/templates/deployment-mdns.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_mdns }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_mdns }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "designate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/designate/templates/deployment-producer.yaml b/charts/designate/templates/deployment-producer.yaml
index 491dbad..68e46fb 100644
--- a/charts/designate/templates/deployment-producer.yaml
+++ b/charts/designate/templates/deployment-producer.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_producer }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_producer }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "designate" "producer" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/designate/templates/deployment-sink.yaml b/charts/designate/templates/deployment-sink.yaml
index e577d9d..63222a1 100644
--- a/charts/designate/templates/deployment-sink.yaml
+++ b/charts/designate/templates/deployment-sink.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_sink }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_sink }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "designate" "sink" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/designate/templates/deployment-worker.yaml b/charts/designate/templates/deployment-worker.yaml
index 74f9c99..12d0b96 100644
--- a/charts/designate/templates/deployment-worker.yaml
+++ b/charts/designate/templates/deployment-worker.yaml
@@ -41,6 +41,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.designate_worker }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.designate_worker }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "designate" "worker" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/designate/values.yaml b/charts/designate/values.yaml
index 7169414..6e520ca 100644
--- a/charts/designate/values.yaml
+++ b/charts/designate/values.yaml
@@ -66,6 +66,22 @@
- image_repo_sync
pod:
+ priorityClassName:
+ designate_api: null
+ designate_central: null
+ designate_mdns: null
+ designate_producer: null
+ designate_sink: null
+ designate_worker: null
+ db_sync: null
+ runtimeClassName:
+ designate_api: null
+ designate_central: null
+ designate_mdns: null
+ designate_producer: null
+ designate_sink: null
+ designate_worker: null
+ db_sync: null
affinity:
anti:
type:
diff --git a/charts/glance/templates/deployment-api.yaml b/charts/glance/templates/deployment-api.yaml
index d88856f..9f14d1b 100644
--- a/charts/glance/templates/deployment-api.yaml
+++ b/charts/glance/templates/deployment-api.yaml
@@ -75,6 +75,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "glance-api" "containerNames" ( list "glance-perms" "glance-api" "init" "nginx" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.glance_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.glance_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "glance" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/glance/templates/pod-rally-test.yaml b/charts/glance/templates/pod-rally-test.yaml
index 0ca17eb..1148e8a 100644
--- a/charts/glance/templates/pod-rally-test.yaml
+++ b/charts/glance/templates/pod-rally-test.yaml
@@ -44,6 +44,12 @@
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
restartPolicy: Never
+{{ with .Values.pod.priorityClassName.glance_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.glance_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
diff --git a/charts/glance/values.yaml b/charts/glance/values.yaml
index 85ddf18..6eae655 100644
--- a/charts/glance/values.yaml
+++ b/charts/glance/values.yaml
@@ -795,6 +795,14 @@
default: 80
pod:
+ priorityClassName:
+ glance_api: null
+ glance_tests: null
+ db_sync: null
+ runtimeClassName:
+ glance_api: null
+ glance_tests: null
+ db_sync: null
security_context:
glance:
pod:
diff --git a/charts/heat/templates/cron-job-engine-cleaner.yaml b/charts/heat/templates/cron-job-engine-cleaner.yaml
index a7eded4..32674b6 100644
--- a/charts/heat/templates/cron-job-engine-cleaner.yaml
+++ b/charts/heat/templates/cron-job-engine-cleaner.yaml
@@ -52,6 +52,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "heat-engine-cleaner" "containerNames" (list "heat-engine-cleaner" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.heat_engine_cleaner }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_engine_cleaner }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "engine_cleaner" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
restartPolicy: OnFailure
diff --git a/charts/heat/templates/cron-job-purge-deleted.yaml b/charts/heat/templates/cron-job-purge-deleted.yaml
index 4d83c29..285c2d3 100644
--- a/charts/heat/templates/cron-job-purge-deleted.yaml
+++ b/charts/heat/templates/cron-job-purge-deleted.yaml
@@ -47,6 +47,12 @@
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 12 }}
{{ dict "envAll" $envAll "podName" "heat-purge-deleted" "containerNames" (list "init" "heat-purge-deleted" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.heat_purge_deleted }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_purge_deleted }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
{{ if $envAll.Values.pod.tolerations.heat.enabled }}
diff --git a/charts/heat/templates/deployment-api.yaml b/charts/heat/templates/deployment-api.yaml
index ca34656..f737c84 100644
--- a/charts/heat/templates/deployment-api.yaml
+++ b/charts/heat/templates/deployment-api.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "heat-api" "containerNames" (list "heat-api" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.heat_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/heat/templates/deployment-cfn.yaml b/charts/heat/templates/deployment-cfn.yaml
index 8401543..5f5584e 100644
--- a/charts/heat/templates/deployment-cfn.yaml
+++ b/charts/heat/templates/deployment-cfn.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "heat-cfn" "containerNames" (list "heat-cfn" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.heat_cfn }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_cfn }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/heat/templates/deployment-cloudwatch.yaml b/charts/heat/templates/deployment-cloudwatch.yaml
index f1f7353..0c9dec5 100644
--- a/charts/heat/templates/deployment-cloudwatch.yaml
+++ b/charts/heat/templates/deployment-cloudwatch.yaml
@@ -44,6 +44,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.heat_cloudwatch }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_cloudwatch }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/heat/templates/deployment-engine.yaml b/charts/heat/templates/deployment-engine.yaml
index 7b7b8ad..d228a87 100644
--- a/charts/heat/templates/deployment-engine.yaml
+++ b/charts/heat/templates/deployment-engine.yaml
@@ -53,6 +53,12 @@
{{ dict "envAll" $envAll "podName" "heat-engine" "containerNames" (list "heat-engine" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
{{- end }}
spec:
+{{ with .Values.pod.priorityClassName.heat_engine }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_engine }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/heat/templates/pod-rally-test.yaml b/charts/heat/templates/pod-rally-test.yaml
index ac6c636..610048c 100644
--- a/charts/heat/templates/pod-rally-test.yaml
+++ b/charts/heat/templates/pod-rally-test.yaml
@@ -43,6 +43,12 @@
{{ tuple $envAll "heat" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
{{ end }}
restartPolicy: Never
+{{ with .Values.pod.priorityClassName.heat_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.heat_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
diff --git a/charts/heat/values.yaml b/charts/heat/values.yaml
index 1cf8bdc..af99c49 100644
--- a/charts/heat/values.yaml
+++ b/charts/heat/values.yaml
@@ -1015,6 +1015,24 @@
default: 80
pod:
+ priorityClassName:
+ heat_api: null
+ heat_cfn: null
+ heat_cloudwatch: null
+ heat_tests: null
+ heat_engine_cleaner: null
+ heat_purge_deleted: null
+ heat_engine: null
+ db_sync: null
+ runtimeClassName:
+ heat_api: null
+ heat_cfn: null
+ heat_cloudwatch: null
+ heat_tests: null
+ heat_engine_cleaner: null
+ heat_purge_deleted: null
+ heat_engine: null
+ db_sync: null
security_context:
heat:
pod:
diff --git a/charts/horizon/templates/deployment.yaml b/charts/horizon/templates/deployment.yaml
index 0037fef..666edd6 100644
--- a/charts/horizon/templates/deployment.yaml
+++ b/charts/horizon/templates/deployment.yaml
@@ -48,6 +48,12 @@
{{- end }}
{{ dict "envAll" $envAll "podName" "horizon" "containerNames" (list "horizon" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.horizon }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.horizon }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "horizon" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/horizon/templates/job-db-sync.yaml b/charts/horizon/templates/job-db-sync.yaml
index c2229cd..8ae8643 100644
--- a/charts/horizon/templates/job-db-sync.yaml
+++ b/charts/horizon/templates/job-db-sync.yaml
@@ -41,6 +41,12 @@
annotations:
{{ dict "envAll" $envAll "podName" "horizon-db-sync" "containerNames" (list "horizon-db-sync" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.db_sync }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.db_sync }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "db_sync" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
restartPolicy: OnFailure
diff --git a/charts/horizon/templates/pod-helm-tests.yaml b/charts/horizon/templates/pod-helm-tests.yaml
index 7d16303..4513053 100644
--- a/charts/horizon/templates/pod-helm-tests.yaml
+++ b/charts/horizon/templates/pod-helm-tests.yaml
@@ -34,6 +34,12 @@
spec:
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
restartPolicy: Never
+{{ with .Values.pod.priorityClassName.horizon_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.horizon_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ if $envAll.Values.pod.tolerations.horizon.enabled }}
{{ tuple $envAll "horizon" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
diff --git a/charts/horizon/values.yaml b/charts/horizon/values.yaml
index 4a06045..b3782c5 100644
--- a/charts/horizon/values.yaml
+++ b/charts/horizon/values.yaml
@@ -1103,6 +1103,14 @@
service: dashboard
pod:
+ priorityClassName:
+ horizon: null
+ horizon_tests: null
+ db_sync: null
+ runtimeClassName:
+ horizon: null
+ horizon_tests: null
+ db_sync: null
security_context:
horizon:
pod:
diff --git a/charts/ironic/templates/deployment-api.yaml b/charts/ironic/templates/deployment-api.yaml
index 7d4b838..99e25b6 100644
--- a/charts/ironic/templates/deployment-api.yaml
+++ b/charts/ironic/templates/deployment-api.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ tuple "ironic_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.ironic_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.ironic_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/ironic/values.yaml b/charts/ironic/values.yaml
index a94bc3f..d28463a 100644
--- a/charts/ironic/values.yaml
+++ b/charts/ironic/values.yaml
@@ -639,6 +639,12 @@
default: 24220
pod:
+ priorityClassName:
+ ironic_api: null
+ db_sync: null
+ runtimeClassName:
+ ironic_api: null
+ db_sync: null
affinity:
anti:
type:
diff --git a/charts/keystone/templates/cron-job-credential-rotate.yaml b/charts/keystone/templates/cron-job-credential-rotate.yaml
index 5906079..6fabd9d 100644
--- a/charts/keystone/templates/cron-job-credential-rotate.yaml
+++ b/charts/keystone/templates/cron-job-credential-rotate.yaml
@@ -70,6 +70,12 @@
labels:
{{ tuple $envAll "keystone" "credential-rotate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
spec:
+{{ with .Values.pod.priorityClassName.keystone_credential_rotate }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.keystone_credential_rotate }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "credential_rotate" $mounts_keystone_credential_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
diff --git a/charts/keystone/templates/cron-job-fernet-rotate.yaml b/charts/keystone/templates/cron-job-fernet-rotate.yaml
index a059f92..e911842 100644
--- a/charts/keystone/templates/cron-job-fernet-rotate.yaml
+++ b/charts/keystone/templates/cron-job-fernet-rotate.yaml
@@ -71,6 +71,12 @@
labels:
{{ tuple $envAll "keystone" "fernet-rotate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
spec:
+{{ with .Values.pod.priorityClassName.keystone_fernet_rotate }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.keystone_fernet_rotate }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "fernet_rotate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
initContainers:
diff --git a/charts/keystone/templates/deployment-api.yaml b/charts/keystone/templates/deployment-api.yaml
index ee4e13c..36050a5 100644
--- a/charts/keystone/templates/deployment-api.yaml
+++ b/charts/keystone/templates/deployment-api.yaml
@@ -54,6 +54,12 @@
{{ dict "envAll" $envAll "podName" "keystone-api" "containerNames" (list "keystone-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "keystone" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.keystone_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.keystone_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "keystone" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/keystone/templates/pod-rally-test.yaml b/charts/keystone/templates/pod-rally-test.yaml
index ad5b23a..155dbae 100644
--- a/charts/keystone/templates/pod-rally-test.yaml
+++ b/charts/keystone/templates/pod-rally-test.yaml
@@ -42,6 +42,12 @@
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ with .Values.pod.priorityClassName.keystone_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.keystone_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
diff --git a/charts/keystone/values.yaml b/charts/keystone/values.yaml
index 27e767c..c23a4ac 100644
--- a/charts/keystone/values.yaml
+++ b/charts/keystone/values.yaml
@@ -158,6 +158,18 @@
service: local_image_registry
pod:
+ priorityClassName:
+ keystone_api: null
+ keystone_tests: null
+ keystone_credential_rotate: null
+ keystone_fernet_rotate: null
+ db_sync: null
+ runtimeClassName:
+ keystone_api: null
+ keystone_tests: null
+ keystone_credential_rotate: null
+ keystone_fernet_rotate: null
+ db_sync: null
security_context:
keystone:
pod:
diff --git a/charts/magnum/templates/deployment-api.yaml b/charts/magnum/templates/deployment-api.yaml
index 9eb4967..720a4ba 100644
--- a/charts/magnum/templates/deployment-api.yaml
+++ b/charts/magnum/templates/deployment-api.yaml
@@ -44,6 +44,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.magnum_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.magnum_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "magnum" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/magnum/templates/statefulset-conductor.yaml b/charts/magnum/templates/statefulset-conductor.yaml
index 44d8b02..fe1cc84 100644
--- a/charts/magnum/templates/statefulset-conductor.yaml
+++ b/charts/magnum/templates/statefulset-conductor.yaml
@@ -45,6 +45,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.magnum_conductor }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.magnum_conductor }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "magnum" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/magnum/values.yaml b/charts/magnum/values.yaml
index 88b4203..341f1ec 100644
--- a/charts/magnum/values.yaml
+++ b/charts/magnum/values.yaml
@@ -482,6 +482,14 @@
default: 24220
pod:
+ priorityClassName:
+ magnum_api: null
+ magnum_conductor: null
+ db_sync: null
+ runtimeClassName:
+ magnum_api: null
+ magnum_conductor: null
+ db_sync: null
user:
magnum:
uid: 42424
diff --git a/charts/manila/templates/deployment-api.yaml b/charts/manila/templates/deployment-api.yaml
index bcc352f..0338ee1 100644
--- a/charts/manila/templates/deployment-api.yaml
+++ b/charts/manila/templates/deployment-api.yaml
@@ -46,6 +46,12 @@
{{ dict "envAll" $envAll "podName" "manila-api" "containerNames" (list "init" "manila-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/manila/templates/deployment-data.yaml b/charts/manila/templates/deployment-data.yaml
index 21db299..6c981a6 100644
--- a/charts/manila/templates/deployment-data.yaml
+++ b/charts/manila/templates/deployment-data.yaml
@@ -46,6 +46,12 @@
{{ dict "envAll" $envAll "podName" "manila-data" "containerNames" (list "init" "manila-data") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_data }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_data }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/manila/templates/deployment-scheduler.yaml b/charts/manila/templates/deployment-scheduler.yaml
index 4858dfc..c8749a2 100644
--- a/charts/manila/templates/deployment-scheduler.yaml
+++ b/charts/manila/templates/deployment-scheduler.yaml
@@ -46,6 +46,12 @@
{{ dict "envAll" $envAll "podName" "manila-scheduler" "containerNames" (list "init" "manila-scheduler") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_scheduler }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_scheduler }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/manila/templates/deployment-share.yaml b/charts/manila/templates/deployment-share.yaml
index 87bff3b..2d7a6c1 100644
--- a/charts/manila/templates/deployment-share.yaml
+++ b/charts/manila/templates/deployment-share.yaml
@@ -46,6 +46,12 @@
{{ dict "envAll" $envAll "podName" "manila-share" "containerNames" (list "init" "manila-share" "manila-share-init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_share }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_share }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/manila/templates/pod-rally-test.yaml b/charts/manila/templates/pod-rally-test.yaml
index 928c183..940989b 100644
--- a/charts/manila/templates/pod-rally-test.yaml
+++ b/charts/manila/templates/pod-rally-test.yaml
@@ -42,6 +42,12 @@
{{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ with .Values.pod.priorityClassName.manila_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
@@ -62,27 +68,27 @@
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
{{- end }}
env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
{{- end }}
- name: SERVICE_OS_SERVICE_NAME
value: "test"
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
{{- end }}
- name: SERVICE_OS_ROLE
- value: {{ .Values.endpoints.share.auth.test.role | quote }}
+ value: {{ .Values.endpoints.identity.auth.test.role | quote }}
containers:
- name: manila-test
{{ tuple $envAll "test" | include "helm-toolkit.snippets.image" | indent 6 }}
{{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
{{ dict "envAll" $envAll "application" "test" "container" "manila_test" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6}}
env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
{{- end }}
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
{{- end }}
- name: RALLY_ENV_NAME
value: {{.deployment_name}}
diff --git a/charts/manila/values.yaml b/charts/manila/values.yaml
index f820bc1..400d52d 100644
--- a/charts/manila/values.yaml
+++ b/charts/manila/values.yaml
@@ -66,6 +66,20 @@
- image_repo_sync
pod:
+ priorityClassName:
+ manila_api: null
+ manila_data: null
+ manila_scheduler: null
+ manila_tests: null
+ manila_share: null
+ db_sync: null
+ runtimeClassName:
+ manila_api: null
+ manila_data: null
+ manila_scheduler: null
+ manila_tests: null
+ manila_share: null
+ db_sync: null
security_context:
manila:
pod:
@@ -829,6 +843,7 @@
identity:
admin: manila-keystone-admin
manila: manila-keystone-user
+ test: manila-keystone-test
oslo_db:
admin: manila-db-admin
manila: manila-db-user
@@ -890,6 +905,14 @@
project_name: service
user_domain_name: service
project_domain_name: service
+ test:
+ role: admin
+ region_name: RegionOne
+ username: manila-test
+ password: password
+ project_name: test
+ user_domain_name: service
+ project_domain_name: service
hosts:
default: keystone
internal: keystone-api
@@ -1061,7 +1084,7 @@
job_ks_service: true
job_ks_user: true
pdb_api: true
- pod_test: true
+ pod_rally_test: true
secret_db: true
network_policy: false
secret_ingress_tls: true
diff --git a/charts/octavia/templates/daemonset-health-manager.yaml b/charts/octavia/templates/daemonset-health-manager.yaml
index a355e86..1fcda41 100644
--- a/charts/octavia/templates/daemonset-health-manager.yaml
+++ b/charts/octavia/templates/daemonset-health-manager.yaml
@@ -46,6 +46,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.octavia_health_manager }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.octavia_health_manager }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
diff --git a/charts/octavia/templates/deployment-api.yaml b/charts/octavia/templates/deployment-api.yaml
index da15972..e584f76 100644
--- a/charts/octavia/templates/deployment-api.yaml
+++ b/charts/octavia/templates/deployment-api.yaml
@@ -45,6 +45,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.octavia_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.octavia_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "octavia" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/octavia/templates/deployment-housekeeping.yaml b/charts/octavia/templates/deployment-housekeeping.yaml
index 39903b6..584ca18 100644
--- a/charts/octavia/templates/deployment-housekeeping.yaml
+++ b/charts/octavia/templates/deployment-housekeeping.yaml
@@ -45,6 +45,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.octavia_housekeeping }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.octavia_housekeeping }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
diff --git a/charts/octavia/templates/deployment-worker.yaml b/charts/octavia/templates/deployment-worker.yaml
index 54cf68d..561a604 100644
--- a/charts/octavia/templates/deployment-worker.yaml
+++ b/charts/octavia/templates/deployment-worker.yaml
@@ -45,6 +45,12 @@
configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
spec:
+{{ with .Values.pod.priorityClassName.octavia_worker }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.octavia_worker }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
dnsPolicy: ClusterFirstWithHostNet
hostNetwork: true
@@ -99,4 +105,4 @@
secretName: octavia-etc
defaultMode: 0444
{{ if $mounts_octavia_worker.volumes }}{{ toYaml $mounts_octavia_worker.volumes | indent 8 }}{{ end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
diff --git a/charts/octavia/values.yaml b/charts/octavia/values.yaml
index b15114a..448c781 100644
--- a/charts/octavia/values.yaml
+++ b/charts/octavia/values.yaml
@@ -526,6 +526,18 @@
public: 80
pod:
+ priorityClassName:
+ octavia_health_manager: null
+ octavia_api: null
+ octavia_housekeeping: null
+ octavia_worker: null
+ db_sync: null
+ runtimeClassName:
+ octavia_health_manager: null
+ octavia_api: null
+ octavia_housekeeping: null
+ octavia_worker: null
+ db_sync: null
user:
octavia:
uid: 42424
diff --git a/charts/patches/barbican/0003-Enable-priority-runtime-ClassName-for-Barbican.patch b/charts/patches/barbican/0003-Enable-priority-runtime-ClassName-for-Barbican.patch
new file mode 100644
index 0000000..a956746
--- /dev/null
+++ b/charts/patches/barbican/0003-Enable-priority-runtime-ClassName-for-Barbican.patch
@@ -0,0 +1,63 @@
+From e7640e5fc0179fabfa063e89f7e7a7612e1c807e Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 06:32:12 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Barbican
+
+---
+ barbican/templates/deployment-api.yaml | 6 +++
+ barbican/templates/pod-test.yaml | 6 +++
+ barbican/values.yaml | 8 ++++
+
+diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml
+index 8ae9ea42..1e5cbbac 100644
+--- a/barbican/templates/deployment-api.yaml
++++ b/barbican/templates/deployment-api.yaml
+@@ -47,6 +47,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "barbican-api" "containerNames" (list "init" "barbican-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "barbican" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.barbican_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.barbican_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "barbican" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/barbican/templates/pod-test.yaml b/barbican/templates/pod-test.yaml
+index f4143564..783d328b 100644
+--- a/barbican/templates/pod-test.yaml
++++ b/barbican/templates/pod-test.yaml
+@@ -33,6 +33,12 @@ metadata:
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+ {{ dict "envAll" $envAll "podName" "barbican-test" "containerNames" (list "init" "barbican-test") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 4 }}
+ spec:
++{{ with .Values.pod.priorityClassName.barbican_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.barbican_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+ nodeSelector:
+diff --git a/barbican/values.yaml b/barbican/values.yaml
+index e2e87bf7..17aee723 100644
+--- a/barbican/values.yaml
++++ b/barbican/values.yaml
+@@ -55,6 +55,14 @@ images:
+ - image_repo_sync
+
+ pod:
++ priorityClassName:
++ barbican_api: null
++ barbican_tests: null
++ db_sync: null
++ runtimeClassName:
++ barbican_api: null
++ barbican_tests: null
++ db_sync: null
+ security_context:
+ barbican:
+ pod:
diff --git a/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch
new file mode 100644
index 0000000..7397b0e
--- /dev/null
+++ b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch
@@ -0,0 +1,146 @@
+From 5fa9fbab45a5cd489007ca0286e7203accd1f398 Mon Sep 17 00:00:00 2001
+From: Mohammed Naser <mnaser@vexxhost.com>
+Date: Thu, 6 Feb 2025 09:33:47 -0500
+Subject: [PATCH] Enable {priority,runtime}ClassName for Cinder
+
+---
+ .../cron-job-cinder-volume-usage-audit.yaml | 6 ++++++
+ cinder/templates/deployment-api.yaml | 6 ++++++
+ cinder/templates/deployment-backup.yaml | 6 ++++++
+ cinder/templates/deployment-scheduler.yaml | 6 ++++++
+ cinder/templates/deployment-volume.yaml | 6 ++++++
+ cinder/templates/pod-rally-test.yaml | 6 ++++++
+ cinder/values.yaml | 16 ++++++++++++++++
+ 7 files changed, 52 insertions(+)
+
+diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+index 1d935f12..18d9e28e 100644
+--- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
++++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+@@ -50,6 +50,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
++{{ with .Values.pod.priorityClassName.cinder_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ {{ if $envAll.Values.pod.tolerations.cinder.enabled }}
+diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
+index f29d103f..3b1a30d6 100644
+--- a/cinder/templates/deployment-api.yaml
++++ b/cinder/templates/deployment-api.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ tuple "cinder_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml
+index ccd84fc0..617031a0 100644
+--- a/cinder/templates/deployment-backup.yaml
++++ b/cinder/templates/deployment-backup.yaml
+@@ -48,6 +48,12 @@ spec:
+ {{ tuple "cinder_backup" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_backup }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_backup }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml
+index 73e14e55..016ade95 100644
+--- a/cinder/templates/deployment-scheduler.yaml
++++ b/cinder/templates/deployment-scheduler.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ tuple "cinder_scheduler" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_scheduler }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_scheduler }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml
+index c28518da..83430c33 100644
+--- a/cinder/templates/deployment-volume.yaml
++++ b/cinder/templates/deployment-volume.yaml
+@@ -48,6 +48,12 @@ spec:
+ {{ tuple "cinder_volume" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_volume }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_volume }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml
+index 34316c65..a2852359 100644
+--- a/cinder/templates/pod-rally-test.yaml
++++ b/cinder/templates/pod-rally-test.yaml
+@@ -38,6 +38,12 @@ spec:
+ {{ end }}
+ nodeSelector:
+ {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
++{{ with .Values.pod.priorityClassName.cinder_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+diff --git a/cinder/values.yaml b/cinder/values.yaml
+index 6b335be1..1377e4cd 100644
+--- a/cinder/values.yaml
++++ b/cinder/values.yaml
+@@ -76,6 +76,22 @@ jobs:
+ failed: 1
+
+ pod:
++ priorityClassName:
++ cinder_api: null
++ cinder_backup: null
++ cinder_scheduler: null
++ cinder_tests: null
++ cinder_volume_usage_audit: null
++ cinder_volume: null
++ db_sync: null
++ runtimeClassName:
++ cinder_api: null
++ cinder_backup: null
++ cinder_scheduler: null
++ cinder_tests: null
++ cinder_volume_usage_audit: null
++ cinder_volume: null
++ db_sync: null
+ security_context:
+ volume_usage_audit:
+ pod:
+--
+2.43.0
diff --git a/charts/patches/designate/0002-Enable-priority-runtime-ClassName-for-Designate.patch b/charts/patches/designate/0002-Enable-priority-runtime-ClassName-for-Designate.patch
new file mode 100644
index 0000000..f8db3f7
--- /dev/null
+++ b/charts/patches/designate/0002-Enable-priority-runtime-ClassName-for-Designate.patch
@@ -0,0 +1,147 @@
+From 6d9700b99f7dc8462faed77ee404682c4c042c20 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 08:55:22 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Designate
+
+---
+ designate/templates/deployment-api.yaml | 6 ++++++
+ designate/templates/deployment-central.yaml | 6 ++++++
+ designate/templates/deployment-mdns.yaml | 6 ++++++
+ designate/templates/deployment-producer.yaml | 6 ++++++
+ designate/templates/deployment-sink.yaml | 6 ++++++
+ designate/templates/deployment-worker.yaml | 6 ++++++
+ designate/values.yaml | 16 ++++++++++++++++
+ 7 files changed, 52 insertions(+)
+
+diff --git a/designate/templates/deployment-api.yaml b/designate/templates/deployment-api.yaml
+index e9df6b6e..2f6ed7ca 100644
+--- a/designate/templates/deployment-api.yaml
++++ b/designate/templates/deployment-api.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "designate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/designate/templates/deployment-central.yaml b/designate/templates/deployment-central.yaml
+index 02d9f3ca..c3e7dcdb 100644
+--- a/designate/templates/deployment-central.yaml
++++ b/designate/templates/deployment-central.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_central }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_central }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "designate" "central" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/designate/templates/deployment-mdns.yaml b/designate/templates/deployment-mdns.yaml
+index d58f6304..9312bc7d 100644
+--- a/designate/templates/deployment-mdns.yaml
++++ b/designate/templates/deployment-mdns.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_mdns }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_mdns }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "designate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/designate/templates/deployment-producer.yaml b/designate/templates/deployment-producer.yaml
+index 491dbad8..68e46fb4 100644
+--- a/designate/templates/deployment-producer.yaml
++++ b/designate/templates/deployment-producer.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_producer }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_producer }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "designate" "producer" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/designate/templates/deployment-sink.yaml b/designate/templates/deployment-sink.yaml
+index e577d9d8..63222a1a 100644
+--- a/designate/templates/deployment-sink.yaml
++++ b/designate/templates/deployment-sink.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_sink }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_sink }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "designate" "sink" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/designate/templates/deployment-worker.yaml b/designate/templates/deployment-worker.yaml
+index 74f9c998..12d0b96a 100644
+--- a/designate/templates/deployment-worker.yaml
++++ b/designate/templates/deployment-worker.yaml
+@@ -41,6 +41,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.designate_worker }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.designate_worker }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "designate" "worker" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/designate/values.yaml b/designate/values.yaml
+index 71694146..6e520ca4 100644
+--- a/designate/values.yaml
++++ b/designate/values.yaml
+@@ -66,6 +66,22 @@ images:
+ - image_repo_sync
+
+ pod:
++ priorityClassName:
++ designate_api: null
++ designate_central: null
++ designate_mdns: null
++ designate_producer: null
++ designate_sink: null
++ designate_worker: null
++ db_sync: null
++ runtimeClassName:
++ designate_api: null
++ designate_central: null
++ designate_mdns: null
++ designate_producer: null
++ designate_sink: null
++ designate_worker: null
++ db_sync: null
+ affinity:
+ anti:
+ type:
+--
+2.34.1
+
diff --git a/charts/patches/glance/0002-Enable-priority-runtime-ClassName-for-Glance.patch b/charts/patches/glance/0002-Enable-priority-runtime-ClassName-for-Glance.patch
new file mode 100644
index 0000000..1f541ae
--- /dev/null
+++ b/charts/patches/glance/0002-Enable-priority-runtime-ClassName-for-Glance.patch
@@ -0,0 +1,67 @@
+From 20be35a44b530e59c93fd6cee36b6518308932bb Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 09:56:42 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Glance
+
+---
+ glance/templates/deployment-api.yaml | 6 ++++++
+ glance/templates/pod-rally-test.yaml | 6 ++++++
+ glance/values.yaml | 8 ++++++++
+ 3 files changed, 20 insertions(+)
+
+diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml
+index d88856ff..9f14d1b2 100644
+--- a/glance/templates/deployment-api.yaml
++++ b/glance/templates/deployment-api.yaml
+@@ -75,6 +75,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ dict "envAll" $envAll "podName" "glance-api" "containerNames" ( list "glance-perms" "glance-api" "init" "nginx" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.glance_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.glance_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "glance" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/glance/templates/pod-rally-test.yaml b/glance/templates/pod-rally-test.yaml
+index 0ca17eb2..1148e8a9 100644
+--- a/glance/templates/pod-rally-test.yaml
++++ b/glance/templates/pod-rally-test.yaml
+@@ -44,6 +44,12 @@ spec:
+ {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+ {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+ restartPolicy: Never
++{{ with .Values.pod.priorityClassName.glance_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.glance_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+diff --git a/glance/values.yaml b/glance/values.yaml
+index 85ddf18b..6eae655a 100644
+--- a/glance/values.yaml
++++ b/glance/values.yaml
+@@ -795,6 +795,14 @@ endpoints:
+ default: 80
+
+ pod:
++ priorityClassName:
++ glance_api: null
++ glance_tests: null
++ db_sync: null
++ runtimeClassName:
++ glance_api: null
++ glance_tests: null
++ db_sync: null
+ security_context:
+ glance:
+ pod:
+--
+2.34.1
+
diff --git a/charts/patches/heat/0002-Enable-priority-runtime-ClassName-for-Heat.patch b/charts/patches/heat/0002-Enable-priority-runtime-ClassName-for-Heat.patch
new file mode 100644
index 0000000..bbcf954
--- /dev/null
+++ b/charts/patches/heat/0002-Enable-priority-runtime-ClassName-for-Heat.patch
@@ -0,0 +1,167 @@
+From 42c3cd6735ecc24f89ae3a0d83cf272eccfb343c Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 11:24:08 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Heat
+
+---
+ heat/templates/cron-job-engine-cleaner.yaml | 6 ++++++
+ heat/templates/cron-job-purge-deleted.yaml | 6 ++++++
+ heat/templates/deployment-api.yaml | 6 ++++++
+ heat/templates/deployment-cfn.yaml | 6 ++++++
+ heat/templates/deployment-cloudwatch.yaml | 6 ++++++
+ heat/templates/deployment-engine.yaml | 6 ++++++
+ heat/templates/pod-rally-test.yaml | 6 ++++++
+ heat/values.yaml | 18 ++++++++++++++++++
+ 8 files changed, 60 insertions(+)
+
+diff --git a/heat/templates/cron-job-engine-cleaner.yaml b/heat/templates/cron-job-engine-cleaner.yaml
+index a7eded42..32674b6a 100644
+--- a/heat/templates/cron-job-engine-cleaner.yaml
++++ b/heat/templates/cron-job-engine-cleaner.yaml
+@@ -52,6 +52,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ dict "envAll" $envAll "podName" "heat-engine-cleaner" "containerNames" (list "heat-engine-cleaner" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_engine_cleaner }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_engine_cleaner }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "engine_cleaner" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
+ restartPolicy: OnFailure
+diff --git a/heat/templates/cron-job-purge-deleted.yaml b/heat/templates/cron-job-purge-deleted.yaml
+index 4d83c294..285c2d3e 100644
+--- a/heat/templates/cron-job-purge-deleted.yaml
++++ b/heat/templates/cron-job-purge-deleted.yaml
+@@ -47,6 +47,12 @@ spec:
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 12 }}
+ {{ dict "envAll" $envAll "podName" "heat-purge-deleted" "containerNames" (list "init" "heat-purge-deleted" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_purge_deleted }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_purge_deleted }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ {{ if $envAll.Values.pod.tolerations.heat.enabled }}
+diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml
+index ca346563..f737c84f 100644
+--- a/heat/templates/deployment-api.yaml
++++ b/heat/templates/deployment-api.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ dict "envAll" $envAll "podName" "heat-api" "containerNames" (list "heat-api" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml
+index 84015438..5f5584ef 100644
+--- a/heat/templates/deployment-cfn.yaml
++++ b/heat/templates/deployment-cfn.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ dict "envAll" $envAll "podName" "heat-cfn" "containerNames" (list "heat-cfn" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_cfn }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_cfn }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml
+index f1f73535..0c9dec54 100644
+--- a/heat/templates/deployment-cloudwatch.yaml
++++ b/heat/templates/deployment-cloudwatch.yaml
+@@ -44,6 +44,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_cloudwatch }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_cloudwatch }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/heat/templates/deployment-engine.yaml b/heat/templates/deployment-engine.yaml
+index 7b7b8adf..d228a876 100644
+--- a/heat/templates/deployment-engine.yaml
++++ b/heat/templates/deployment-engine.yaml
+@@ -53,6 +53,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "heat-engine" "containerNames" (list "heat-engine" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ {{- end }}
+ spec:
++{{ with .Values.pod.priorityClassName.heat_engine }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_engine }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/heat/templates/pod-rally-test.yaml b/heat/templates/pod-rally-test.yaml
+index ac6c636e..610048cf 100644
+--- a/heat/templates/pod-rally-test.yaml
++++ b/heat/templates/pod-rally-test.yaml
+@@ -43,6 +43,12 @@ spec:
+ {{ tuple $envAll "heat" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
+ {{ end }}
+ restartPolicy: Never
++{{ with .Values.pod.priorityClassName.heat_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.heat_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+diff --git a/heat/values.yaml b/heat/values.yaml
+index 1cf8bdc4..af99c49c 100644
+--- a/heat/values.yaml
++++ b/heat/values.yaml
+@@ -1015,6 +1015,24 @@ endpoints:
+ default: 80
+
+ pod:
++ priorityClassName:
++ heat_api: null
++ heat_cfn: null
++ heat_cloudwatch: null
++ heat_tests: null
++ heat_engine_cleaner: null
++ heat_purge_deleted: null
++ heat_engine: null
++ db_sync: null
++ runtimeClassName:
++ heat_api: null
++ heat_cfn: null
++ heat_cloudwatch: null
++ heat_tests: null
++ heat_engine_cleaner: null
++ heat_purge_deleted: null
++ heat_engine: null
++ db_sync: null
+ security_context:
+ heat:
+ pod:
+--
+2.34.1
+
diff --git a/charts/patches/horizon/0004-Enable-priority-runtime-ClassName-for-Horizon.patch b/charts/patches/horizon/0004-Enable-priority-runtime-ClassName-for-Horizon.patch
new file mode 100644
index 0000000..12f018f
--- /dev/null
+++ b/charts/patches/horizon/0004-Enable-priority-runtime-ClassName-for-Horizon.patch
@@ -0,0 +1,85 @@
+From 2db1eab6b5df7070e93d11cbbbcd492aa849ad9c Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 13:14:30 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Horizon
+
+---
+ horizon/templates/deployment.yaml | 6 ++++++
+ horizon/templates/job-db-sync.yaml | 6 ++++++
+ horizon/templates/pod-helm-tests.yaml | 6 ++++++
+ horizon/values.yaml | 8 ++++++++
+ 4 files changed, 26 insertions(+)
+
+diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml
+index 0037fef3..666edd65 100644
+--- a/horizon/templates/deployment.yaml
++++ b/horizon/templates/deployment.yaml
+@@ -48,6 +48,12 @@ spec:
+ {{- end }}
+ {{ dict "envAll" $envAll "podName" "horizon" "containerNames" (list "horizon" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.horizon }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.horizon }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "horizon" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/horizon/templates/job-db-sync.yaml b/horizon/templates/job-db-sync.yaml
+index c2229cdd..8ae8643f 100644
+--- a/horizon/templates/job-db-sync.yaml
++++ b/horizon/templates/job-db-sync.yaml
+@@ -41,6 +41,12 @@ spec:
+ annotations:
+ {{ dict "envAll" $envAll "podName" "horizon-db-sync" "containerNames" (list "horizon-db-sync" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.db_sync }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.db_sync }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "db_sync" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ restartPolicy: OnFailure
+diff --git a/horizon/templates/pod-helm-tests.yaml b/horizon/templates/pod-helm-tests.yaml
+index 7d163039..4513053b 100644
+--- a/horizon/templates/pod-helm-tests.yaml
++++ b/horizon/templates/pod-helm-tests.yaml
+@@ -34,6 +34,12 @@ metadata:
+ spec:
+ {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+ restartPolicy: Never
++{{ with .Values.pod.priorityClassName.horizon_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.horizon_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ if $envAll.Values.pod.tolerations.horizon.enabled }}
+ {{ tuple $envAll "horizon" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 2 }}
+diff --git a/horizon/values.yaml b/horizon/values.yaml
+index 4a060452..b3782c57 100644
+--- a/horizon/values.yaml
++++ b/horizon/values.yaml
+@@ -1103,6 +1103,14 @@ dependencies:
+ service: dashboard
+
+ pod:
++ priorityClassName:
++ horizon: null
++ horizon_tests: null
++ db_sync: null
++ runtimeClassName:
++ horizon: null
++ horizon_tests: null
++ db_sync: null
+ security_context:
+ horizon:
+ pod:
+--
+2.34.1
+
diff --git a/charts/patches/ironic/0001-Enable-priority-runtime-ClassName-for-Ironic.patch b/charts/patches/ironic/0001-Enable-priority-runtime-ClassName-for-Ironic.patch
new file mode 100644
index 0000000..71e821b
--- /dev/null
+++ b/charts/patches/ironic/0001-Enable-priority-runtime-ClassName-for-Ironic.patch
@@ -0,0 +1,47 @@
+From 0b672d9b62ce39a07969bb1910aba9c4c4cdadc1 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 13:28:41 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Ironic
+
+---
+ ironic/templates/deployment-api.yaml | 6 ++++++
+ ironic/values.yaml | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/ironic/templates/deployment-api.yaml b/ironic/templates/deployment-api.yaml
+index 7d4b8387..99e25b65 100644
+--- a/ironic/templates/deployment-api.yaml
++++ b/ironic/templates/deployment-api.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ tuple "ironic_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.ironic_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.ironic_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "ironic" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/ironic/values.yaml b/ironic/values.yaml
+index a94bc3f2..d28463aa 100644
+--- a/ironic/values.yaml
++++ b/ironic/values.yaml
+@@ -639,6 +639,12 @@ endpoints:
+ default: 24220
+
+ pod:
++ priorityClassName:
++ ironic_api: null
++ db_sync: null
++ runtimeClassName:
++ ironic_api: null
++ db_sync: null
+ affinity:
+ anti:
+ type:
+--
+2.34.1
+
diff --git a/charts/patches/keystone/0001-Enable-priority-runtime-ClassName-for-Keystone.patch b/charts/patches/keystone/0001-Enable-priority-runtime-ClassName-for-Keystone.patch
new file mode 100644
index 0000000..3212d71
--- /dev/null
+++ b/charts/patches/keystone/0001-Enable-priority-runtime-ClassName-for-Keystone.patch
@@ -0,0 +1,107 @@
+From 9f293fef1eed2e6ef7aa372ad5a7c9293b11a15f Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 14:58:50 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Keystone
+
+---
+ keystone/templates/cron-job-credential-rotate.yaml | 6 ++++++
+ keystone/templates/cron-job-fernet-rotate.yaml | 6 ++++++
+ keystone/templates/deployment-api.yaml | 6 ++++++
+ keystone/templates/pod-rally-test.yaml | 6 ++++++
+ keystone/values.yaml | 12 ++++++++++++
+ 5 files changed, 36 insertions(+)
+
+diff --git a/keystone/templates/cron-job-credential-rotate.yaml b/keystone/templates/cron-job-credential-rotate.yaml
+index 59060796..6fabd9dd 100644
+--- a/keystone/templates/cron-job-credential-rotate.yaml
++++ b/keystone/templates/cron-job-credential-rotate.yaml
+@@ -70,6 +70,12 @@ spec:
+ labels:
+ {{ tuple $envAll "keystone" "credential-rotate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
+ spec:
++{{ with .Values.pod.priorityClassName.keystone_credential_rotate }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.keystone_credential_rotate }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "credential_rotate" $mounts_keystone_credential_rotate_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 12 }}
+diff --git a/keystone/templates/cron-job-fernet-rotate.yaml b/keystone/templates/cron-job-fernet-rotate.yaml
+index a059f929..e9118423 100644
+--- a/keystone/templates/cron-job-fernet-rotate.yaml
++++ b/keystone/templates/cron-job-fernet-rotate.yaml
+@@ -71,6 +71,12 @@ spec:
+ labels:
+ {{ tuple $envAll "keystone" "fernet-rotate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 12 }}
+ spec:
++{{ with .Values.pod.priorityClassName.keystone_fernet_rotate }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.keystone_fernet_rotate }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "fernet_rotate" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
+ initContainers:
+diff --git a/keystone/templates/deployment-api.yaml b/keystone/templates/deployment-api.yaml
+index ee4e13c9..36050a5c 100644
+--- a/keystone/templates/deployment-api.yaml
++++ b/keystone/templates/deployment-api.yaml
+@@ -54,6 +54,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "keystone-api" "containerNames" (list "keystone-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "keystone" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.keystone_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.keystone_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "keystone" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/keystone/templates/pod-rally-test.yaml b/keystone/templates/pod-rally-test.yaml
+index ad5b23a0..155dbae3 100644
+--- a/keystone/templates/pod-rally-test.yaml
++++ b/keystone/templates/pod-rally-test.yaml
+@@ -42,6 +42,12 @@ spec:
+ {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+ nodeSelector:
+ {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
++{{ with .Values.pod.priorityClassName.keystone_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.keystone_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+diff --git a/keystone/values.yaml b/keystone/values.yaml
+index 27e767cf..c23a4ac0 100644
+--- a/keystone/values.yaml
++++ b/keystone/values.yaml
+@@ -158,6 +158,18 @@ dependencies:
+ service: local_image_registry
+
+ pod:
++ priorityClassName:
++ keystone_api: null
++ keystone_tests: null
++ keystone_credential_rotate: null
++ keystone_fernet_rotate: null
++ db_sync: null
++ runtimeClassName:
++ keystone_api: null
++ keystone_tests: null
++ keystone_credential_rotate: null
++ keystone_fernet_rotate: null
++ db_sync: null
+ security_context:
+ keystone:
+ pod:
+--
+2.34.1
+
diff --git a/charts/patches/magnum/0002-Enable-priority-runtime-ClassName-for-Magnum.patch b/charts/patches/magnum/0002-Enable-priority-runtime-ClassName-for-Magnum.patch
new file mode 100644
index 0000000..1cff876
--- /dev/null
+++ b/charts/patches/magnum/0002-Enable-priority-runtime-ClassName-for-Magnum.patch
@@ -0,0 +1,67 @@
+From 88432c586b587bdd7d44a8d529d62e88d811f281 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Mon, 10 Feb 2025 15:37:34 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Magnum
+
+---
+ magnum/templates/deployment-api.yaml | 6 ++++++
+ magnum/templates/statefulset-conductor.yaml | 6 ++++++
+ magnum/values.yaml | 8 ++++++++
+ 3 files changed, 20 insertions(+)
+
+diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml
+index 9eb4967f..720a4bac 100644
+--- a/magnum/templates/deployment-api.yaml
++++ b/magnum/templates/deployment-api.yaml
+@@ -44,6 +44,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.magnum_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.magnum_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "magnum" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/magnum/templates/statefulset-conductor.yaml b/magnum/templates/statefulset-conductor.yaml
+index 44d8b027..fe1cc84e 100644
+--- a/magnum/templates/statefulset-conductor.yaml
++++ b/magnum/templates/statefulset-conductor.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.magnum_conductor }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.magnum_conductor }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "magnum" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/magnum/values.yaml b/magnum/values.yaml
+index 88b4203e..341f1ecd 100644
+--- a/magnum/values.yaml
++++ b/magnum/values.yaml
+@@ -482,6 +482,14 @@ endpoints:
+ default: 24220
+
+ pod:
++ priorityClassName:
++ magnum_api: null
++ magnum_conductor: null
++ db_sync: null
++ runtimeClassName:
++ magnum_api: null
++ magnum_conductor: null
++ db_sync: null
+ user:
+ magnum:
+ uid: 42424
+--
+2.34.1
+
diff --git a/charts/patches/manila/0003-Enable-priority-runtime-ClassName-for-Manila.patch b/charts/patches/manila/0003-Enable-priority-runtime-ClassName-for-Manila.patch
new file mode 100644
index 0000000..50c5783
--- /dev/null
+++ b/charts/patches/manila/0003-Enable-priority-runtime-ClassName-for-Manila.patch
@@ -0,0 +1,198 @@
+From 01653c9c731dc2b66a79426f1021052186eebe40 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Tue, 11 Feb 2025 05:18:42 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Manila
+
+Also fix pod-rally-test.yaml template
+
+---
+ manila/templates/deployment-api.yaml | 6 +++++
+ manila/templates/deployment-data.yaml | 6 +++++
+ manila/templates/deployment-scheduler.yaml | 6 +++++
+ manila/templates/deployment-share.yaml | 6 +++++
+ manila/templates/pod-rally-test.yaml | 24 +++++++++++-------
+ manila/values.yaml | 25 ++++++++++++++++++-
+ 6 files changed, 63 insertions(+), 10 deletions(-)
+
+diff --git a/manila/templates/deployment-api.yaml b/manila/templates/deployment-api.yaml
+index bcc352f0..0338ee17 100644
+--- a/manila/templates/deployment-api.yaml
++++ b/manila/templates/deployment-api.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "manila-api" "containerNames" (list "init" "manila-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.manila_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.manila_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/manila/templates/deployment-data.yaml b/manila/templates/deployment-data.yaml
+index 21db299e..6c981a67 100644
+--- a/manila/templates/deployment-data.yaml
++++ b/manila/templates/deployment-data.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "manila-data" "containerNames" (list "init" "manila-data") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.manila_data }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.manila_data }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/manila/templates/deployment-scheduler.yaml b/manila/templates/deployment-scheduler.yaml
+index 4858dfce..c8749a25 100644
+--- a/manila/templates/deployment-scheduler.yaml
++++ b/manila/templates/deployment-scheduler.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "manila-scheduler" "containerNames" (list "init" "manila-scheduler") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.manila_scheduler }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.manila_scheduler }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/manila/templates/deployment-share.yaml b/manila/templates/deployment-share.yaml
+index 87bff3b1..2d7a6c19 100644
+--- a/manila/templates/deployment-share.yaml
++++ b/manila/templates/deployment-share.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "manila-share" "containerNames" (list "init" "manila-share" "manila-share-init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.manila_share }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.manila_share }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/manila/templates/pod-rally-test.yaml b/manila/templates/pod-rally-test.yaml
+index 928c1831..940989bb 100644
+--- a/manila/templates/pod-rally-test.yaml
++++ b/manila/templates/pod-rally-test.yaml
+@@ -42,6 +42,12 @@ spec:
+ {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
+ nodeSelector:
+ {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
++{{ with .Values.pod.priorityClassName.manila_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.manila_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+@@ -62,27 +68,27 @@ spec:
+ {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
+ {{- end }}
+ env:
+-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
++{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
++{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
+ {{- end }}
+ - name: SERVICE_OS_SERVICE_NAME
+ value: "test"
+-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
+-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
++{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
++{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
+ {{- end }}
+ - name: SERVICE_OS_ROLE
+- value: {{ .Values.endpoints.share.auth.test.role | quote }}
++ value: {{ .Values.endpoints.identity.auth.test.role | quote }}
+ containers:
+ - name: manila-test
+ {{ tuple $envAll "test" | include "helm-toolkit.snippets.image" | indent 6 }}
+ {{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
+ {{ dict "envAll" $envAll "application" "test" "container" "manila_test" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6}}
+ env:
+-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
++{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
++{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
+ {{- end }}
+-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
+-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
++{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
++{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
+ {{- end }}
+ - name: RALLY_ENV_NAME
+ value: {{.deployment_name}}
+diff --git a/manila/values.yaml b/manila/values.yaml
+index f820bc1f..400d52da 100644
+--- a/manila/values.yaml
++++ b/manila/values.yaml
+@@ -66,6 +66,20 @@ images:
+ - image_repo_sync
+
+ pod:
++ priorityClassName:
++ manila_api: null
++ manila_data: null
++ manila_scheduler: null
++ manila_tests: null
++ manila_share: null
++ db_sync: null
++ runtimeClassName:
++ manila_api: null
++ manila_data: null
++ manila_scheduler: null
++ manila_tests: null
++ manila_share: null
++ db_sync: null
+ security_context:
+ manila:
+ pod:
+@@ -829,6 +843,7 @@ secrets:
+ identity:
+ admin: manila-keystone-admin
+ manila: manila-keystone-user
++ test: manila-keystone-test
+ oslo_db:
+ admin: manila-db-admin
+ manila: manila-db-user
+@@ -890,6 +905,14 @@ endpoints:
+ project_name: service
+ user_domain_name: service
+ project_domain_name: service
++ test:
++ role: admin
++ region_name: RegionOne
++ username: manila-test
++ password: password
++ project_name: test
++ user_domain_name: service
++ project_domain_name: service
+ hosts:
+ default: keystone
+ internal: keystone-api
+@@ -1061,7 +1084,7 @@ manifests:
+ job_ks_service: true
+ job_ks_user: true
+ pdb_api: true
+- pod_test: true
++ pod_rally_test: true
+ secret_db: true
+ network_policy: false
+ secret_ingress_tls: true
+--
+2.34.1
+
diff --git a/charts/patches/octavia/0002-Enable-priority-runtime-ClassName-for-Octavia.patch b/charts/patches/octavia/0002-Enable-priority-runtime-ClassName-for-Octavia.patch
new file mode 100644
index 0000000..842edd6
--- /dev/null
+++ b/charts/patches/octavia/0002-Enable-priority-runtime-ClassName-for-Octavia.patch
@@ -0,0 +1,114 @@
+From 128338c29bab59691b7a3bb610dc9f7889587871 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Wed, 12 Feb 2025 02:49:32 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Octavia
+
+---
+ .../octavia/templates/daemonset-health-manager.yaml | 6 ++++++
+ .../octavia/templates/deployment-api.yaml | 6 ++++++
+ .../octavia/templates/deployment-housekeeping.yaml | 6 ++++++
+ .../octavia/templates/deployment-worker.yaml | 8 +++++++-
+ .../octavia/values.yaml | 12 ++++++++++++
+ 5 files changed, 37 insertions(+), 1 deletion(-)
+
+diff --git a/octavia/templates/daemonset-health-manager.yaml b/octavia/templates/daemonset-health-manager.yaml
+index a355e86e..1fcda415 100644
+--- a/octavia/templates/daemonset-health-manager.yaml
++++ b/octavia/templates/daemonset-health-manager.yaml
+@@ -46,6 +46,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.octavia_health_manager }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.octavia_health_manager }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ dnsPolicy: ClusterFirstWithHostNet
+ hostNetwork: true
+diff --git a/octavia/templates/deployment-api.yaml b/octavia/templates/deployment-api.yaml
+index da159724..e584f768 100644
+--- a/octavia/templates/deployment-api.yaml
++++ b/octavia/templates/deployment-api.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.octavia_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.octavia_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "octavia" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/octavia/templates/deployment-housekeeping.yaml b/octavia/templates/deployment-housekeeping.yaml
+index 39903b6b..584ca180 100644
+--- a/octavia/templates/deployment-housekeeping.yaml
++++ b/octavia/templates/deployment-housekeeping.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.octavia_housekeeping }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.octavia_housekeeping }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ dnsPolicy: ClusterFirstWithHostNet
+ hostNetwork: true
+diff --git a/octavia/templates/deployment-worker.yaml b/octavia/templates/deployment-worker.yaml
+index 54cf68d7..561a604c 100644
+--- a/octavia/templates/deployment-worker.yaml
++++ b/octavia/templates/deployment-worker.yaml
+@@ -45,6 +45,12 @@ spec:
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
++{{ with .Values.pod.priorityClassName.octavia_worker }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.octavia_worker }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ dnsPolicy: ClusterFirstWithHostNet
+ hostNetwork: true
+@@ -99,4 +105,4 @@ spec:
+ secretName: octavia-etc
+ defaultMode: 0444
+ {{ if $mounts_octavia_worker.volumes }}{{ toYaml $mounts_octavia_worker.volumes | indent 8 }}{{ end }}
+-{{- end }}
+\ No newline at end of file
++{{- end }}
+diff --git a/octavia/values.yaml b/octavia/values.yaml
+index b15114a5..448c781e 100644
+--- a/octavia/values.yaml
++++ b/octavia/values.yaml
+@@ -526,6 +526,18 @@ endpoints:
+ public: 80
+
+ pod:
++ priorityClassName:
++ octavia_health_manager: null
++ octavia_api: null
++ octavia_housekeeping: null
++ octavia_worker: null
++ db_sync: null
++ runtimeClassName:
++ octavia_health_manager: null
++ octavia_api: null
++ octavia_housekeeping: null
++ octavia_worker: null
++ db_sync: null
+ user:
+ octavia:
+ uid: 42424
+--
+2.34.1
+
diff --git a/charts/patches/placement/0002-Enable-priority-runtime-ClassName-for-Placement.patch b/charts/patches/placement/0002-Enable-priority-runtime-ClassName-for-Placement.patch
new file mode 100644
index 0000000..02041af
--- /dev/null
+++ b/charts/patches/placement/0002-Enable-priority-runtime-ClassName-for-Placement.patch
@@ -0,0 +1,47 @@
+From 9a7ec6f874f55d5c19068c54a1a2e0dc7f5f8235 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Wed, 12 Feb 2025 03:36:18 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Placement
+
+---
+ placement/templates/deployment.yaml | 6 ++++++
+ placement/values.yaml | 6 ++++++
+ 2 files changed, 12 insertions(+)
+
+diff --git a/placement/templates/deployment.yaml b/placement/templates/deployment.yaml
+index 3082216d..da02d33b 100644
+--- a/placement/templates/deployment.yaml
++++ b/placement/templates/deployment.yaml
+@@ -47,6 +47,12 @@ spec:
+ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
+ {{ dict "envAll" $envAll "podName" "placement-api" "containerNames" (list "placement-api" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.placement }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.placement }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "placement" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/placement/values.yaml b/placement/values.yaml
+index 0f27a247..20e46564 100644
+--- a/placement/values.yaml
++++ b/placement/values.yaml
+@@ -278,6 +278,12 @@ endpoints:
+ service: 8778
+
+ pod:
++ priorityClassName:
++ placement: null
++ db_sync: null
++ runtimeClassName:
++ placement: null
++ db_sync: null
+ security_context:
+ placement:
+ pod:
+--
+2.34.1
+
diff --git a/charts/patches/staffeln/0001-Enable-priority-runtime-ClassName-for-Staffeln.patch b/charts/patches/staffeln/0001-Enable-priority-runtime-ClassName-for-Staffeln.patch
new file mode 100644
index 0000000..5b09cc2
--- /dev/null
+++ b/charts/patches/staffeln/0001-Enable-priority-runtime-ClassName-for-Staffeln.patch
@@ -0,0 +1,85 @@
+From b8a903ea2dc9d7d19c65e41b8f8ee8f782428f28 Mon Sep 17 00:00:00 2001
+From: Dong Ma <dong.ma@vexxhost.com>
+Date: Wed, 12 Feb 2025 04:24:30 +0000
+Subject: [PATCH] Enable {priority,runtime}ClassName for Staffeln
+
+---
+ .../helm-toolkit/templates/manifests/_job-db-sync.tpl | 6 ++++++
+ .../staffeln/templates/deployment-api.yaml | 6 ++++++
+ .../staffeln/templates/deployment-conductor.yaml | 6 ++++++
+ .../staffeln/values.yaml | 8 ++++++++
+ 4 files changed, 26 insertions(+)
+
+diff --git a/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl b/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
+index 24d2496d..ae85b7ef 100644
+--- a/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
++++ b/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
+@@ -67,6 +67,12 @@ spec:
+ annotations:
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+ spec:
++{{- if and $envAll.Values.pod.priorityClassName $envAll.Values.pod.priorityClassName.db_sync }}
++ priorityClassName: {{ $envAll.Values.pod.priorityClassName.db_sync }}
++{{- end }}
++{{- if and $envAll.Values.pod.runtimeClassName $envAll.Values.pod.runtimeClassName.db_sync }}
++ runtimeClassName: {{ $envAll.Values.pod.runtimeClassName.db_sync }}
++{{- end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ {{ tuple $envAll "db_sync" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
+diff --git a/staffeln/templates/deployment-api.yaml b/staffeln/templates/deployment-api.yaml
+index 577a0620..e61236c9 100644
+--- a/staffeln/templates/deployment-api.yaml
++++ b/staffeln/templates/deployment-api.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "staffeln-api" "containerNames" (list "init" "staffeln-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "staffeln" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.staffeln_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.staffeln_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "staffeln" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/staffeln/templates/deployment-conductor.yaml b/staffeln/templates/deployment-conductor.yaml
+index cf0ad779..a88b97fb 100644
+--- a/staffeln/templates/deployment-conductor.yaml
++++ b/staffeln/templates/deployment-conductor.yaml
+@@ -79,6 +79,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" "staffeln-conductor" "containerNames" (list "init" "staffeln-conductor") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "staffeln" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
++{{ with .Values.pod.priorityClassName.staffeln_conductor }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.staffeln_conductor }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+ {{ tuple $envAll "staffeln" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+diff --git a/staffeln/values.yaml b/staffeln/values.yaml
+index d7051158..a1a3e292 100644
+--- a/staffeln/values.yaml
++++ b/staffeln/values.yaml
+@@ -54,6 +54,14 @@ images:
+ - image_repo_sync
+
+ pod:
++ priorityClassName:
++ staffeln_api: null
++ staffeln_conductor: null
++ db_sync: null
++ runtimeClassName:
++ staffeln_api: null
++ staffeln_conductor: null
++ db_sync: null
+ security_context:
+ staffeln:
+ pod:
+--
+2.34.1
+
diff --git a/charts/placement/templates/deployment.yaml b/charts/placement/templates/deployment.yaml
index 3082216..da02d33 100644
--- a/charts/placement/templates/deployment.yaml
+++ b/charts/placement/templates/deployment.yaml
@@ -47,6 +47,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "placement-api" "containerNames" (list "placement-api" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.placement }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.placement }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "placement" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/placement/values.yaml b/charts/placement/values.yaml
index 0f27a24..20e4656 100644
--- a/charts/placement/values.yaml
+++ b/charts/placement/values.yaml
@@ -278,6 +278,12 @@
service: 8778
pod:
+ priorityClassName:
+ placement: null
+ db_sync: null
+ runtimeClassName:
+ placement: null
+ db_sync: null
security_context:
placement:
pod:
diff --git a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
index 4696c88..5c35dd0 100644
--- a/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
+++ b/charts/staffeln/charts/helm-toolkit/templates/manifests/_job-db-sync.tpl
@@ -68,6 +68,12 @@
annotations:
{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
spec:
+{{- if and $envAll.Values.pod.priorityClassName $envAll.Values.pod.priorityClassName.db_sync }}
+ priorityClassName: {{ $envAll.Values.pod.priorityClassName.db_sync }}
+{{- end }}
+{{- if and $envAll.Values.pod.runtimeClassName $envAll.Values.pod.runtimeClassName.db_sync }}
+ runtimeClassName: {{ $envAll.Values.pod.runtimeClassName.db_sync }}
+{{- end }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
{{ tuple $envAll "db_sync" | include "helm-toolkit.snippets.kubernetes_image_pull_secrets" | indent 6 }}
diff --git a/charts/staffeln/templates/deployment-api.yaml b/charts/staffeln/templates/deployment-api.yaml
index 577a062..e61236c 100644
--- a/charts/staffeln/templates/deployment-api.yaml
+++ b/charts/staffeln/templates/deployment-api.yaml
@@ -46,6 +46,12 @@
{{ dict "envAll" $envAll "podName" "staffeln-api" "containerNames" (list "init" "staffeln-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "staffeln" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.staffeln_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.staffeln_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "staffeln" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/staffeln/templates/deployment-conductor.yaml b/charts/staffeln/templates/deployment-conductor.yaml
index cf0ad77..a88b97f 100644
--- a/charts/staffeln/templates/deployment-conductor.yaml
+++ b/charts/staffeln/templates/deployment-conductor.yaml
@@ -79,6 +79,12 @@
{{ dict "envAll" $envAll "podName" "staffeln-conductor" "containerNames" (list "init" "staffeln-conductor") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
{{ dict "envAll" $envAll "application" "staffeln" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.staffeln_conductor }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.staffeln_conductor }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
affinity:
{{ tuple $envAll "staffeln" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/charts/staffeln/values.yaml b/charts/staffeln/values.yaml
index d705115..a1a3e29 100644
--- a/charts/staffeln/values.yaml
+++ b/charts/staffeln/values.yaml
@@ -54,6 +54,14 @@
- image_repo_sync
pod:
+ priorityClassName:
+ staffeln_api: null
+ staffeln_conductor: null
+ db_sync: null
+ runtimeClassName:
+ staffeln_api: null
+ staffeln_conductor: null
+ db_sync: null
security_context:
staffeln:
pod:
diff --git a/releasenotes/notes/add-mfa-config-options-6f2d6811bca1a789.yaml b/releasenotes/notes/add-mfa-config-options-6f2d6811bca1a789.yaml
new file mode 100644
index 0000000..cb2d445
--- /dev/null
+++ b/releasenotes/notes/add-mfa-config-options-6f2d6811bca1a789.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Keystone role now supports configuring multi-factor authentication for
+ the users within the Atmosphere realm.
diff --git a/releasenotes/notes/barbican-priority-runtime-class-b84c8515f03e18c5.yaml b/releasenotes/notes/barbican-priority-runtime-class-b84c8515f03e18c5.yaml
new file mode 100644
index 0000000..4414c45
--- /dev/null
+++ b/releasenotes/notes/barbican-priority-runtime-class-b84c8515f03e18c5.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Barbican role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml
new file mode 100644
index 0000000..6852e16
--- /dev/null
+++ b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Cinder role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/designate-priority-runtime-class-63f9e7efe1b3e494.yaml b/releasenotes/notes/designate-priority-runtime-class-63f9e7efe1b3e494.yaml
new file mode 100644
index 0000000..a42e7c2
--- /dev/null
+++ b/releasenotes/notes/designate-priority-runtime-class-63f9e7efe1b3e494.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Designate role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/glance-priority-runtime-class-8902ce859fba65f6.yaml b/releasenotes/notes/glance-priority-runtime-class-8902ce859fba65f6.yaml
new file mode 100644
index 0000000..0f7dd5b
--- /dev/null
+++ b/releasenotes/notes/glance-priority-runtime-class-8902ce859fba65f6.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Glance role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/heat-priority-runtime-class-493ffeb8be07ac6a.yaml b/releasenotes/notes/heat-priority-runtime-class-493ffeb8be07ac6a.yaml
new file mode 100644
index 0000000..7bf3b8f
--- /dev/null
+++ b/releasenotes/notes/heat-priority-runtime-class-493ffeb8be07ac6a.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Heat role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/horizon-priority-runtime-class-0004e6be3fdeab2b.yaml b/releasenotes/notes/horizon-priority-runtime-class-0004e6be3fdeab2b.yaml
new file mode 100644
index 0000000..a6a4437
--- /dev/null
+++ b/releasenotes/notes/horizon-priority-runtime-class-0004e6be3fdeab2b.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Horizon role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/ironic-priority-runtime-class-260a89c958179e92.yaml b/releasenotes/notes/ironic-priority-runtime-class-260a89c958179e92.yaml
new file mode 100644
index 0000000..ed17275
--- /dev/null
+++ b/releasenotes/notes/ironic-priority-runtime-class-260a89c958179e92.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Ironic role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/keystone-priority-runtime-class-3d41226e8815f369.yaml b/releasenotes/notes/keystone-priority-runtime-class-3d41226e8815f369.yaml
new file mode 100644
index 0000000..81ffbc2
--- /dev/null
+++ b/releasenotes/notes/keystone-priority-runtime-class-3d41226e8815f369.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Keystone role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/magnum-priority-runtime-class-1fa01f838854cb94.yaml b/releasenotes/notes/magnum-priority-runtime-class-1fa01f838854cb94.yaml
new file mode 100644
index 0000000..246b3d2
--- /dev/null
+++ b/releasenotes/notes/magnum-priority-runtime-class-1fa01f838854cb94.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Magnum role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/manila-priority-runtime-class-2b73aa2ad577d258.yaml b/releasenotes/notes/manila-priority-runtime-class-2b73aa2ad577d258.yaml
new file mode 100644
index 0000000..90ff058
--- /dev/null
+++ b/releasenotes/notes/manila-priority-runtime-class-2b73aa2ad577d258.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Manila role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/octavia-priority-runtime-class-3803f91e26a627a4.yaml b/releasenotes/notes/octavia-priority-runtime-class-3803f91e26a627a4.yaml
new file mode 100644
index 0000000..eb2bcce
--- /dev/null
+++ b/releasenotes/notes/octavia-priority-runtime-class-3803f91e26a627a4.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Octavia role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/placement-priority-runtime-class-3d5598c95c26dc32.yaml b/releasenotes/notes/placement-priority-runtime-class-3d5598c95c26dc32.yaml
new file mode 100644
index 0000000..6a60037
--- /dev/null
+++ b/releasenotes/notes/placement-priority-runtime-class-3d5598c95c26dc32.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Placement role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/releasenotes/notes/staffeln-priority-runtime-class-d7a4ae951ddcc214.yaml b/releasenotes/notes/staffeln-priority-runtime-class-d7a4ae951ddcc214.yaml
new file mode 100644
index 0000000..4a00dc6
--- /dev/null
+++ b/releasenotes/notes/staffeln-priority-runtime-class-d7a4ae951ddcc214.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Staffeln role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/roles/barbican/tests/priorityclass_test.yaml b/roles/barbican/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..cebccc4
--- /dev/null
+++ b/roles/barbican/tests/priorityclass_test.yaml
@@ -0,0 +1,48 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-test.yaml
+ documentIndex: 1
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ barbican_api: platform
+ barbican_tests: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-test.yaml
+ documentIndex: 1
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/barbican/tests/runtimeclass_test.yaml b/roles/barbican/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..2ee6b08
--- /dev/null
+++ b/roles/barbican/tests/runtimeclass_test.yaml
@@ -0,0 +1,48 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-test.yaml
+ documentIndex: 1
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ barbican_api: kata-clh
+ barbican_tests: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-test.yaml
+ documentIndex: 1
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/cinder/tests/priorityclass_test.yaml b/roles/cinder/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..4ca4967
--- /dev/null
+++ b/roles/cinder/tests/priorityclass_test.yaml
@@ -0,0 +1,96 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ cinder_api: platform
+ cinder_backup: platform
+ cinder_scheduler: platform
+ cinder_tests: platform
+ cinder_volume_usage_audit: platform
+ cinder_volume: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/cinder/tests/runtimeclass_test.yaml b/roles/cinder/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..151958a
--- /dev/null
+++ b/roles/cinder/tests/runtimeclass_test.yaml
@@ -0,0 +1,96 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ cinder_api: kata-clh
+ cinder_backup: kata-clh
+ cinder_scheduler: kata-clh
+ cinder_tests: kata-clh
+ cinder_volume_usage_audit: kata-clh
+ cinder_volume: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/designate/tests/priorityclass_test.yaml b/roles/designate/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..c8de434
--- /dev/null
+++ b/roles/designate/tests/priorityclass_test.yaml
@@ -0,0 +1,96 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-central.yaml
+ - templates/deployment-mdns.yaml
+ - templates/deployment-producer.yaml
+ - templates/deployment-sink.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-central.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-mdns.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-producer.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ # - template: templates/deployment-sink.yaml
+ # documentIndex: 3
+ # notExists:
+ # path: spec.template.spec.priorityClassName
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-central.yaml
+ - templates/deployment-mdns.yaml
+ - templates/deployment-producer.yaml
+ - templates/deployment-sink.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ designate_api: platform
+ designate_central: platform
+ designate_mdns: platform
+ designate_producer: platform
+ designate_sink: platform
+ designate_worker: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-central.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-mdns.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-producer.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ # - template: templates/deployment-sink.yaml
+ # documentIndex: 3
+ # equal:
+ # path: spec.template.spec.priorityClassName
+ # value: platform
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/designate/tests/runtimeclass_test.yaml b/roles/designate/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..ac10d05
--- /dev/null
+++ b/roles/designate/tests/runtimeclass_test.yaml
@@ -0,0 +1,96 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-central.yaml
+ - templates/deployment-mdns.yaml
+ - templates/deployment-producer.yaml
+ - templates/deployment-sink.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-central.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-mdns.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-producer.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ # - template: templates/deployment-sink.yaml
+ # documentIndex: 3
+ # notExists:
+ # path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-central.yaml
+ - templates/deployment-mdns.yaml
+ - templates/deployment-producer.yaml
+ - templates/deployment-sink.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ designate_api: kata-clh
+ designate_central: kata-clh
+ designate_mdns: kata-clh
+ designate_producer: kata-clh
+ designate_sink: kata-clh
+ designate_worker: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-central.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-mdns.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-producer.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ # - template: templates/deployment-sink.yaml
+ # documentIndex: 3
+ # equal:
+ # path: spec.template.spec.runtimeClassName
+ # value: kata-clh
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/glance/tests/priorityclass_test.yaml b/roles/glance/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..deeed31
--- /dev/null
+++ b/roles/glance/tests/priorityclass_test.yaml
@@ -0,0 +1,48 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ glance_api: platform
+ glance_tests: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/glance/tests/runtimeclass_test.yaml b/roles/glance/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..282a1c8
--- /dev/null
+++ b/roles/glance/tests/runtimeclass_test.yaml
@@ -0,0 +1,48 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ glance_api: kata-clh
+ glance_tests: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/heat/tests/priorityclass_test.yaml b/roles/heat/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..64795d6
--- /dev/null
+++ b/roles/heat/tests/priorityclass_test.yaml
@@ -0,0 +1,99 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-cfn.yaml
+ - templates/deployment-cloudwatch.yaml
+ - templates/cron-job-engine-cleaner.yaml
+ - templates/cron-job-purge-deleted.yaml
+ - templates/deployment-engine.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-cfn.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/cron-job-engine-cleaner.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/cron-job-purge-deleted.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/deployment-engine.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-cfn.yaml
+ - templates/deployment-cloudwatch.yaml
+ - templates/cron-job-engine-cleaner.yaml
+ - templates/cron-job-purge-deleted.yaml
+ - templates/deployment-engine.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ heat_api: platform
+ heat_cfn: platform
+ heat_cloudwatch: platform
+ heat_tests: platform
+ heat_engine_cleaner: platform
+ heat_purge_deleted: platform
+ heat_engine: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-cfn.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-engine-cleaner.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-purge-deleted.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-engine.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/heat/tests/runtimeclass_test.yaml b/roles/heat/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..b85b2d0
--- /dev/null
+++ b/roles/heat/tests/runtimeclass_test.yaml
@@ -0,0 +1,99 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-cfn.yaml
+ - templates/deployment-cloudwatch.yaml
+ - templates/cron-job-engine-cleaner.yaml
+ - templates/cron-job-purge-deleted.yaml
+ - templates/deployment-engine.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-cfn.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/cron-job-engine-cleaner.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/cron-job-purge-deleted.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/deployment-engine.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-cfn.yaml
+ - templates/deployment-cloudwatch.yaml
+ - templates/cron-job-engine-cleaner.yaml
+ - templates/cron-job-purge-deleted.yaml
+ - templates/deployment-engine.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ heat_api: kata-clh
+ heat_cfn: kata-clh
+ heat_cloudwatch: kata-clh
+ heat_tests: kata-clh
+ heat_engine_cleaner: kata-clh
+ heat_purge_deleted: kata-clh
+ heat_engine: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-cfn.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-engine-cleaner.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-purge-deleted.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-engine.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/horizon/tests/priorityclass_test.yaml b/roles/horizon/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..a0fda2b
--- /dev/null
+++ b/roles/horizon/tests/priorityclass_test.yaml
@@ -0,0 +1,48 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment.yaml
+ - templates/pod-helm-tests.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-helm-tests.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment.yaml
+ - templates/pod-helm-tests.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ horizon: platform
+ horizon_tests: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-helm-tests.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/horizon/tests/runtimeclass_test.yaml b/roles/horizon/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..ebeb976
--- /dev/null
+++ b/roles/horizon/tests/runtimeclass_test.yaml
@@ -0,0 +1,48 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment.yaml
+ - templates/pod-helm-tests.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-helm-tests.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment.yaml
+ - templates/pod-helm-tests.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ horizon: kata-clh
+ horizon_tests: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-helm-tests.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/ironic/tests/priorityclass_test.yaml b/roles/ironic/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..7bd89b3
--- /dev/null
+++ b/roles/ironic/tests/priorityclass_test.yaml
@@ -0,0 +1,36 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ ironic_api: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/ironic/tests/runtimeclass_test.yaml b/roles/ironic/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..d93e9df
--- /dev/null
+++ b/roles/ironic/tests/runtimeclass_test.yaml
@@ -0,0 +1,36 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ ironic_api: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/keystone/defaults/main.yml b/roles/keystone/defaults/main.yml
index 92465c6..0e7144e 100644
--- a/roles/keystone/defaults/main.yml
+++ b/roles/keystone/defaults/main.yml
@@ -44,6 +44,7 @@
# keystone_keycloak_realm_default_brute_force_max_delta_time_seconds:
# keystone_keycloak_realm_default_minimum_quick_login_wait_seconds:
# keystone_keycloak_realm_default_quick_login_check_milli_seconds:
+# keystone_keycloak_realm_default_totp_default_action:
keystone_keycloak_client_id: keystone
# keystone_keycloak_client_secret:
diff --git a/roles/keystone/tasks/main.yml b/roles/keystone/tasks/main.yml
index 84dc047..d900ed7 100644
--- a/roles/keystone/tasks/main.yml
+++ b/roles/keystone/tasks/main.yml
@@ -41,6 +41,28 @@
loop_control:
label: "{{ item.name }}"
+- name: Setup Keycloak Authentication Required Actions (MFA)
+ community.general.keycloak_authentication_required_actions:
+ # Keycloak settings
+ auth_keycloak_url: "{{ item.keycloak_server_url }}"
+ auth_realm: "{{ item.keycloak_user_realm_name }}"
+ auth_client_id: "{{ item.keycloak_admin_client_id }}"
+ auth_username: "{{ item.keycloak_admin_user }}"
+ auth_password: "{{ item.keycloak_admin_password }}"
+ validate_certs: "{{ cluster_issuer_type != 'self-signed' }}"
+ # Realm settings
+ realm: "{{ item.name }}"
+ required_actions:
+ - alias: "CONFIGURE_TOTP"
+ name: "Configure OTP"
+ providerId: "CONFIGURE_TOTP"
+ defaultAction: "{{ item.keycloak_totp_default_action | default(keystone_keycloak_realm_default_totp_default_action | default(omit)) }}"
+ enabled: true
+ state: present
+ loop: "{{ keystone_domains }}"
+ loop_control:
+ label: "{{ item.name }}"
+
- name: Create ConfigMap with all OpenID connect configurations
run_once: true
kubernetes.core.k8s:
diff --git a/roles/keystone/tests/priorityclass_test.yaml b/roles/keystone/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..2af620a
--- /dev/null
+++ b/roles/keystone/tests/priorityclass_test.yaml
@@ -0,0 +1,72 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/cron-job-credential-rotate.yaml
+ - templates/cron-job-fernet-rotate.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/cron-job-credential-rotate.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/cron-job-fernet-rotate.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/cron-job-credential-rotate.yaml
+ - templates/cron-job-fernet-rotate.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ keystone_api: platform
+ keystone_tests: platform
+ keystone_credential_rotate: platform
+ keystone_fernet_rotate: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-credential-rotate.yaml
+ documentIndex: 5
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-fernet-rotate.yaml
+ documentIndex: 5
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/keystone/tests/runtimeclass_test.yaml b/roles/keystone/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..18db463
--- /dev/null
+++ b/roles/keystone/tests/runtimeclass_test.yaml
@@ -0,0 +1,72 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/cron-job-credential-rotate.yaml
+ - templates/cron-job-fernet-rotate.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/cron-job-credential-rotate.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/cron-job-fernet-rotate.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/cron-job-credential-rotate.yaml
+ - templates/cron-job-fernet-rotate.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ keystone_api: kata-clh
+ keystone_tests: kata-clh
+ keystone_credential_rotate: kata-clh
+ keystone_fernet_rotate: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-credential-rotate.yaml
+ documentIndex: 5
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-fernet-rotate.yaml
+ documentIndex: 5
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/magnum/tests/priorityclass_test.yaml b/roles/magnum/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..bff9129
--- /dev/null
+++ b/roles/magnum/tests/priorityclass_test.yaml
@@ -0,0 +1,48 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/statefulset-conductor.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/statefulset-conductor.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/statefulset-conductor.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ magnum_api: platform
+ magnum_conductor: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/statefulset-conductor.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/magnum/tests/runtimeclass_test.yaml b/roles/magnum/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..8db11ab
--- /dev/null
+++ b/roles/magnum/tests/runtimeclass_test.yaml
@@ -0,0 +1,48 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/statefulset-conductor.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/statefulset-conductor.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/statefulset-conductor.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ magnum_api: kata-clh
+ magnum_conductor: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/statefulset-conductor.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/manila/tests/priorityclass_test.yaml b/roles/manila/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..397d8ea
--- /dev/null
+++ b/roles/manila/tests/priorityclass_test.yaml
@@ -0,0 +1,84 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-data.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-share.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-data.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-share.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 1
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-data.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-share.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ manila_api: platform
+ manila_data: platform
+ manila_scheduler: platform
+ manila_share: platform
+ manila_tests: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-data.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-share.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 1
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/manila/tests/runtimeclass_test.yaml b/roles/manila/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..080d6c1
--- /dev/null
+++ b/roles/manila/tests/runtimeclass_test.yaml
@@ -0,0 +1,84 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-data.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-share.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-data.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-share.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 1
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-data.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-share.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ manila_api: kata-clh
+ manila_data: kata-clh
+ manila_scheduler: kata-clh
+ manila_tests: kata-clh
+ manila_share: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-data.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-share.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 1
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/octavia/tests/priorityclass_test.yaml b/roles/octavia/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..9808b3c
--- /dev/null
+++ b/roles/octavia/tests/priorityclass_test.yaml
@@ -0,0 +1,72 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/daemonset-health-manager.yaml
+ - templates/deployment-api.yaml
+ - templates/deployment-housekeeping.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/daemonset-health-manager.yaml
+ documentIndex: 4
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-housekeeping.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/daemonset-health-manager.yaml
+ - templates/deployment-api.yaml
+ - templates/deployment-housekeeping.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ octavia_health_manager: platform
+ octavia_api: platform
+ octavia_housekeeping: platform
+ octavia_worker: platform
+ db_sync: platform
+ asserts:
+ - template: templates/daemonset-health-manager.yaml
+ documentIndex: 4
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-housekeeping.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/octavia/tests/runtimeclass_test.yaml b/roles/octavia/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..c13f2bb
--- /dev/null
+++ b/roles/octavia/tests/runtimeclass_test.yaml
@@ -0,0 +1,72 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/daemonset-health-manager.yaml
+ - templates/deployment-api.yaml
+ - templates/deployment-housekeeping.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/daemonset-health-manager.yaml
+ documentIndex: 4
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-housekeeping.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/daemonset-health-manager.yaml
+ - templates/deployment-api.yaml
+ - templates/deployment-housekeeping.yaml
+ - templates/deployment-worker.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ octavia_health_manager: kata-clh
+ octavia_api: kata-clh
+ octavia_housekeeping: kata-clh
+ octavia_worker: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/daemonset-health-manager.yaml
+ documentIndex: 4
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-housekeeping.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-worker.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/placement/tests/priorityclass_test.yaml b/roles/placement/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..e7e0900
--- /dev/null
+++ b/roles/placement/tests/priorityclass_test.yaml
@@ -0,0 +1,36 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ placement: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/placement/tests/runtimeclass_test.yaml b/roles/placement/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..79bf19d
--- /dev/null
+++ b/roles/placement/tests/runtimeclass_test.yaml
@@ -0,0 +1,36 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ placement: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
diff --git a/roles/staffeln/tests/priorityclass_test.yaml b/roles/staffeln/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..943c8ac
--- /dev/null
+++ b/roles/staffeln/tests/priorityclass_test.yaml
@@ -0,0 +1,48 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-conductor.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-conductor.yaml
+ documentIndex: 5
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-conductor.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ staffeln_api: platform
+ staffeln_conductor: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-conductor.yaml
+ documentIndex: 5
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/staffeln/tests/runtimeclass_test.yaml b/roles/staffeln/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..4835aa1
--- /dev/null
+++ b/roles/staffeln/tests/runtimeclass_test.yaml
@@ -0,0 +1,48 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-conductor.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-conductor.yaml
+ documentIndex: 5
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-conductor.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ staffeln_api: kata-clh
+ staffeln_conductor: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-conductor.yaml
+ documentIndex: 5
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh