charts/patches/manila/0003-Enable-priority-runtime-ClassName-for-Manila.patch

From 01653c9c731dc2b66a79426f1021052186eebe40 Mon Sep 17 00:00:00 2001
From: Dong Ma <dong.ma@vexxhost.com>
Date: Tue, 11 Feb 2025 05:18:42 +0000
Subject: [PATCH] Enable {priority,runtime}ClassName for Manila

Also fix pod-rally-test.yaml template

---
 manila/templates/deployment-api.yaml        |  6 +++++
 manila/templates/deployment-data.yaml       |  6 +++++
 manila/templates/deployment-scheduler.yaml  |  6 +++++
 manila/templates/deployment-share.yaml      |  6 +++++
 manila/templates/pod-rally-test.yaml        | 24 +++++++++++-------
 manila/values.yaml                          | 25 ++++++++++++++++++-
 6 files changed, 63 insertions(+), 10 deletions(-)

diff --git a/manila/templates/deployment-api.yaml b/manila/templates/deployment-api.yaml
index bcc352f0..0338ee17 100644
--- a/manila/templates/deployment-api.yaml
+++ b/manila/templates/deployment-api.yaml
@@ -46,6 +46,12 @@ spec:
 {{ dict "envAll" $envAll "podName" "manila-api" "containerNames" (list "init" "manila-api") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_api }}
+      priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_api }}
+      runtimeClassName: {{ . }}
+{{ end }}
       serviceAccountName: {{ $serviceAccountName }}
       affinity:
 {{ tuple $envAll "manila" "api" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/manila/templates/deployment-data.yaml b/manila/templates/deployment-data.yaml
index 21db299e..6c981a67 100644
--- a/manila/templates/deployment-data.yaml
+++ b/manila/templates/deployment-data.yaml
@@ -46,6 +46,12 @@ spec:
 {{ dict "envAll" $envAll "podName" "manila-data" "containerNames" (list "init" "manila-data") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_data }}
+      priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_data }}
+      runtimeClassName: {{ . }}
+{{ end }}
       serviceAccountName: {{ $serviceAccountName }}
       affinity:
 {{ tuple $envAll "manila" "data" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/manila/templates/deployment-scheduler.yaml b/manila/templates/deployment-scheduler.yaml
index 4858dfce..c8749a25 100644
--- a/manila/templates/deployment-scheduler.yaml
+++ b/manila/templates/deployment-scheduler.yaml
@@ -46,6 +46,12 @@ spec:
 {{ dict "envAll" $envAll "podName" "manila-scheduler" "containerNames" (list "init" "manila-scheduler") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_scheduler }}
+      priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_scheduler }}
+      runtimeClassName: {{ . }}
+{{ end }}
       serviceAccountName: {{ $serviceAccountName }}
       affinity:
 {{ tuple $envAll "manila" "scheduler" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/manila/templates/deployment-share.yaml b/manila/templates/deployment-share.yaml
index 87bff3b1..2d7a6c19 100644
--- a/manila/templates/deployment-share.yaml
+++ b/manila/templates/deployment-share.yaml
@@ -46,6 +46,12 @@ spec:
 {{ dict "envAll" $envAll "podName" "manila-share" "containerNames" (list "init" "manila-share" "manila-share-init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
     spec:
 {{ dict "envAll" $envAll "application" "manila" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+{{ with .Values.pod.priorityClassName.manila_share }}
+      priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_share }}
+      runtimeClassName: {{ . }}
+{{ end }}
       serviceAccountName: {{ $serviceAccountName }}
       affinity:
 {{ tuple $envAll "manila" "share" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
diff --git a/manila/templates/pod-rally-test.yaml b/manila/templates/pod-rally-test.yaml
index 928c1831..940989bb 100644
--- a/manila/templates/pod-rally-test.yaml
+++ b/manila/templates/pod-rally-test.yaml
@@ -42,6 +42,12 @@ spec:
 {{ dict "envAll" $envAll "application" "test" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 2 }}
   nodeSelector:
     {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ with .Values.pod.priorityClassName.manila_tests }}
+  priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.manila_tests }}
+  runtimeClassName: {{ . }}
+{{ end }}
   serviceAccountName: {{ $serviceAccountName }}
   initContainers:
 {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
@@ -62,27 +68,27 @@ spec:
 {{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.share.api.internal | include "helm-toolkit.snippets.tls_volume_mount"  | indent 8 }}
 {{- end }}
       env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
 {{- end }}
         - name: SERVICE_OS_SERVICE_NAME
           value: "test"
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
 {{- end }}
         - name: SERVICE_OS_ROLE
-          value: {{ .Values.endpoints.share.auth.test.role | quote }}
+          value: {{ .Values.endpoints.identity.auth.test.role | quote }}
   containers:
     - name: manila-test
 {{ tuple $envAll "test" | include "helm-toolkit.snippets.image" | indent 6 }}
 {{ tuple $envAll $envAll.Values.pod.resources.jobs.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}
 {{ dict "envAll" $envAll "application" "test" "container" "manila_test" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 6}}
       env:
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
-{{- include "helm-toolkit.snippets.manila_openrc_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.admin "useCA" (and .Values.manifests.certificates .Values.secrets.tls.share.api.internal) }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 8 }}
 {{- end }}
-{{- with $env := dict "ksUserSecret" .Values.secrets.share.test }}
-{{- include "helm-toolkit.snippets.manila_user_create_env_vars" $env | indent 8 }}
+{{- with $env := dict "ksUserSecret" .Values.secrets.identity.test }}
+{{- include "helm-toolkit.snippets.keystone_user_create_env_vars" $env | indent 8 }}
 {{- end }}
         - name: RALLY_ENV_NAME
           value: {{.deployment_name}}
diff --git a/manila/values.yaml b/manila/values.yaml
index f820bc1f..400d52da 100644
--- a/manila/values.yaml
+++ b/manila/values.yaml
@@ -66,6 +66,20 @@ images:
       - image_repo_sync
 
 pod:
+  priorityClassName:
+    manila_api: null
+    manila_data: null
+    manila_scheduler: null
+    manila_tests: null
+    manila_share: null
+    db_sync: null
+  runtimeClassName:
+    manila_api: null
+    manila_data: null
+    manila_scheduler: null
+    manila_tests: null
+    manila_share: null
+    db_sync: null
   security_context:
     manila:
       pod:
@@ -829,6 +843,7 @@ secrets:
   identity:
     admin: manila-keystone-admin
     manila: manila-keystone-user
+    test: manila-keystone-test
   oslo_db:
     admin: manila-db-admin
     manila: manila-db-user
@@ -890,6 +905,14 @@ endpoints:
         project_name: service
         user_domain_name: service
         project_domain_name: service
+      test:
+        role: admin
+        region_name: RegionOne
+        username: manila-test
+        password: password
+        project_name: test
+        user_domain_name: service
+        project_domain_name: service
     hosts:
       default: keystone
       internal: keystone-api
@@ -1061,7 +1084,7 @@ manifests:
   job_ks_service: true
   job_ks_user: true
   pdb_api: true
-  pod_test: true
+  pod_rally_test: true
   secret_db: true
   network_policy: false
   secret_ingress_tls: true
-- 
2.34.1