chore: bump charts
diff --git a/charts/placement/Chart.yaml b/charts/placement/Chart.yaml
index 23f8ccf..188ccfb 100644
--- a/charts/placement/Chart.yaml
+++ b/charts/placement/Chart.yaml
@@ -9,4 +9,4 @@
sources:
- https://opendev.org/openstack/placement
- https://opendev.org/openstack/openstack-helm
-version: 0.2.10
+version: 0.3.2
diff --git a/charts/placement/charts/helm-toolkit/Chart.yaml b/charts/placement/charts/helm-toolkit/Chart.yaml
index 4f9e6e5..12e2dd2 100644
--- a/charts/placement/charts/helm-toolkit/Chart.yaml
+++ b/charts/placement/charts/helm-toolkit/Chart.yaml
@@ -9,4 +9,4 @@
sources:
- https://opendev.org/openstack/openstack-helm-infra
- https://opendev.org/openstack/openstack-helm
-version: 0.2.46
+version: 0.2.50
diff --git a/charts/placement/charts/helm-toolkit/templates/manifests/_ingress.tpl b/charts/placement/charts/helm-toolkit/templates/manifests/_ingress.tpl
index 70e64cc..4c476b2 100644
--- a/charts/placement/charts/helm-toolkit/templates/manifests/_ingress.tpl
+++ b/charts/placement/charts/helm-toolkit/templates/manifests/_ingress.tpl
@@ -685,7 +685,7 @@
{{ $hostRules | include "helm-toolkit.manifests.ingress._host_rules" | indent 4 }}
{{- end }}
{{- if not ( hasSuffix ( printf ".%s.svc.%s" $envAll.Release.Namespace $envAll.Values.endpoints.cluster_domain_suffix) $hostNameFull) }}
-{{- $ingressConf := $envAll.Values.network.kibana.ingress -}}
+{{- $ingressConf := $envAll.Values.network -}}
{{- $ingressClasses := ternary (tuple "namespace") (tuple "namespace" "cluster") (and (hasKey $ingressConf "use_external_ingress_controller") $ingressConf.use_external_ingress_controller) }}
{{- range $key2, $ingressController := $ingressClasses }}
{{- $vHosts := list $hostNameFull }}
@@ -706,7 +706,6 @@
{{- range $v := without (index $endpointHost.tls "dnsNames" | default list) $hostNameFull }}
{{- $vHosts = append $vHosts $v }}
{{- end }}
-{{- if and ( not ( empty $endpointHost.tls.key ) ) ( not ( empty $endpointHost.tls.crt ) ) }}
{{- $secretName := index $envAll.Values.secrets "tls" ( $backendServiceType | replace "-" "_" ) $backendService $endpoint }}
{{- $_ := required "You need to specify a secret in your values for the endpoint" $secretName }}
tls:
@@ -718,7 +717,6 @@
{{- end }}
{{- end }}
{{- end }}
-{{- end }}
rules:
{{- range $vHost := $vHosts }}
{{- $hostNameFullRules := dict "vHost" $vHost "backendName" $backendName "backendPort" $backendPort }}
diff --git a/charts/placement/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl b/charts/placement/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
index 87872d6..3739f95 100644
--- a/charts/placement/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
+++ b/charts/placement/charts/helm-toolkit/templates/scripts/_rabbit-init.sh.tpl
@@ -77,6 +77,11 @@
password="${RABBITMQ_PASSWORD}" \
tags="user"
+echo "Deleting Guest User"
+rabbitmqadmin_cli \
+ delete user \
+ name="guest" || true
+
if [ "${RABBITMQ_VHOST}" != "/" ]
then
echo "Managing: vHost: ${RABBITMQ_VHOST}"
diff --git a/charts/placement/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl b/charts/placement/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
index 516d79e..687851e 100644
--- a/charts/placement/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
+++ b/charts/placement/charts/helm-toolkit/templates/scripts/db-backup-restore/_backup_main.sh.tpl
@@ -66,6 +66,14 @@
# framework will automatically tar/zip the files in that directory and
# name the tarball appropriately according to the proper conventions.
#
+# verify_databases_backup_archives [scope]
+# returns: 0 if no errors; 1 if any errors occurred
+#
+# This function is expected to verify the database backup archives. If this function
+# completes successfully (returns 0), the
+# framework will automatically starts remote backup upload.
+#
+#
# The functions in this file will take care of:
# 1) Calling "dump_databases_to_directory" and then compressing the files,
# naming the tarball properly, and then storing it locally at the specified
@@ -90,6 +98,16 @@
exit $ERRCODE
}
+log_verify_backup_exit() {
+ MSG=$1
+ ERRCODE=${2:-0}
+ log ERROR "${DB_NAME}_verify_backup" "${DB_NAMESPACE} namespace: ${MSG}"
+ rm -f $ERR_LOG_FILE
+ # rm -rf $TMP_DIR
+ exit $ERRCODE
+}
+
+
log() {
#Log message to a file or stdout
#TODO: This can be convert into mail alert of alert send to a monitoring system
@@ -201,12 +219,36 @@
log WARN "${DB_NAME}_backup" "Cannot create container object ${FILE}!"
return 2
fi
+
openstack object show $CONTAINER_NAME $FILE
if [[ $? -ne 0 ]]; then
log WARN "${DB_NAME}_backup" "Unable to retrieve container object $FILE after creation."
return 2
fi
+ # Calculation remote file SHA256 hash
+ REMOTE_FILE=$(mktemp -p /tmp)
+ openstack object save --file ${REMOTE_FILE} $CONTAINER_NAME $FILE
+ if [[ $? -ne 0 ]]; then
+ log WARN "${DB_NAME}_backup" "Unable to save container object $FILE for SHA256 hash verification."
+ rm -rf ${REMOTE_FILE}
+ return 1
+ fi
+
+ # Remote backup verification
+ SHA256_REMOTE=$(cat ${REMOTE_FILE} | sha256sum | awk '{print $1}')
+ SHA256_LOCAL=$(cat ${FILEPATH}/${FILE} | sha256sum | awk '{print $1}')
+ log INFO "${DB_NAME}_backup" "Calculated SHA256 hashes for the file $FILE in container $CONTAINER_NAME."
+ log INFO "${DB_NAME}_backup" "Local SHA256 hash is ${SHA256_LOCAL}."
+ log INFO "${DB_NAME}_backup" "Remote SHA256 hash is ${SHA256_REMOTE}."
+ if [[ "${SHA256_LOCAL}" == "${SHA256_REMOTE}" ]]; then
+ log INFO "${DB_NAME}_backup" "The local backup & remote backup SHA256 hash values are matching for file $FILE in container $CONTAINER_NAME."
+ else
+ log ERROR "${DB_NAME}_backup" "Mismatch between the local backup & remote backup sha256 hash values"
+ return 1
+ fi
+ rm -rf ${REMOTE_FILE}
+
log INFO "${DB_NAME}_backup" "Created file $FILE in container $CONTAINER_NAME successfully."
return 0
}
@@ -382,8 +424,8 @@
# Cleanup now that we're done.
for fd in ${BACKUP_FILES} ${DB_BACKUP_FILES}; do
- if [[ -f fd ]]; then
- rm -f fd
+ if [[ -f ${fd} ]]; then
+ rm -f ${fd}
else
log WARN "${DB_NAME}_backup" "Can not delete a temporary file ${fd}"
fi
@@ -444,10 +486,6 @@
cd $ARCHIVE_DIR
- # Remove the temporary directory and files as they are no longer needed.
- rm -rf $TMP_DIR
- rm -f $ERR_LOG_FILE
-
#Only delete the old archive after a successful archive
export LOCAL_DAYS_TO_KEEP=$(echo $LOCAL_DAYS_TO_KEEP | sed 's/"//g')
if [[ "$LOCAL_DAYS_TO_KEEP" -gt 0 ]]; then
@@ -459,6 +497,25 @@
done
fi
+ # Local backup verification process
+
+ # It is expected that this function will verify the database backup files
+ if verify_databases_backup_archives ${SCOPE}; then
+ log INFO "${DB_NAME}_backup_verify" "Databases backup verified successfully. Uploading verified backups to remote location..."
+ else
+ # If successful, there should be at least one file in the TMP_DIR
+ if [[ $(ls $TMP_DIR | wc -w) -eq 0 ]]; then
+ cat $ERR_LOG_FILE
+ fi
+ log_verify_backup_exit "Verify of the ${DB_NAME} database backup failed and needs attention."
+ exit 1
+ fi
+
+ # Remove the temporary directory and files as they are no longer needed.
+ rm -rf $TMP_DIR
+ rm -f $ERR_LOG_FILE
+
+ # Remote backup
REMOTE_BACKUP=$(echo $REMOTE_BACKUP_ENABLED | sed 's/"//g')
if $REMOTE_BACKUP; then
# Remove Quotes from the constants which were added due to reading
@@ -490,7 +547,7 @@
get_backup_prefix $(cat $DB_BACKUP_FILES)
for ((i=0; i<${#PREFIXES[@]}; i++)); do
echo "Working with prefix: ${PREFIXES[i]}"
- create_hash_table $(cat $DB_BACKUP_FILES | grep ${PREFIXES[i]})
+ create_hash_table $(cat ${DB_BACKUP_FILES} | grep ${PREFIXES[i]})
remove_old_remote_archives
done
fi
@@ -511,4 +568,4 @@
echo "=================================================================="
fi
}
-{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/charts/placement/requirements.lock b/charts/placement/requirements.lock
index dd3e146..8c8838b 100644
--- a/charts/placement/requirements.lock
+++ b/charts/placement/requirements.lock
@@ -1,6 +1,6 @@
dependencies:
- name: helm-toolkit
repository: file://../../openstack-helm-infra/helm-toolkit
- version: 0.2.46
-digest: sha256:4baae4035ac4ec09ff414ac48d8f1e3f030d1ce1629727cb1ff24d44ffa000f1
-generated: "2022-08-16T23:07:28.301383965Z"
+ version: 0.2.50
+digest: sha256:67fc0fd70898d60cddd5c634b632205a7716bfeb21e57adaeda464efbcfa2ce3
+generated: "2023-01-13T22:23:17.712734121Z"
diff --git a/charts/placement/templates/bin/_db-migrate.sh.tpl b/charts/placement/templates/bin/_db-migrate.sh.tpl
deleted file mode 100644
index 838e05f..0000000
--- a/charts/placement/templates/bin/_db-migrate.sh.tpl
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-set -ex
-
-# To make this migration idempotent and not break the chart deployment,
-# we will treat a new deployment ($?==4) and migration completed ($?==3)
-# as success so things can proceed.
-function handler {
- rv=$?
- if [ $rv -eq 4 ] || [ $rv -eq 3 ]; then
- exit 0
- else
- exit $rv
- fi
-}
-
-trap handler EXIT
-
-/tmp/mysql-migrate-db.sh --mkconfig /tmp/migrate-db.rc
-
-sed -i \
- -e "s/NOVA_API_USER=.*/NOVA_API_USER=\"${NOVA_API_USER}\"/g" \
- -e "s/NOVA_API_PASS=.*/NOVA_API_PASS=\"${NOVA_API_PASS}\"/g" \
- -e "s/NOVA_API_DB_HOST=.*/NOVA_API_DB_HOST=\"${NOVA_API_DB_HOST}\"/g" \
- -e "s/PLACEMENT_USER=.*/PLACEMENT_USER=\"${PLACEMENT_USER}\"/g" \
- -e "s/PLACEMENT_PASS=.*/PLACEMENT_PASS=\"${PLACEMENT_PASS}\"/g" \
- -e "s/PLACEMENT_DB_HOST=.*/PLACEMENT_DB_HOST=\"${PLACEMENT_DB_HOST}\"/g" \
- /tmp/migrate-db.rc
-
-/tmp/mysql-migrate-db.sh --migrate /tmp/migrate-db.rc
diff --git a/charts/placement/templates/bin/_mysql-migrate-db.sh.tpl b/charts/placement/templates/bin/_mysql-migrate-db.sh.tpl
deleted file mode 100644
index a87ebaf..0000000
--- a/charts/placement/templates/bin/_mysql-migrate-db.sh.tpl
+++ /dev/null
@@ -1,328 +0,0 @@
-#!/bin/bash
-
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-# This script will attempt to migrate your nova-api placement data to
-# a new placement database. Run it with --help for usage, and --mkconfig
-# to write a template config file to use.
-
-# Defaults we can guess
-DEFAULT_MIGRATE_TABLES="allocations placement_aggregates consumers inventories projects "
-DEFAULT_MIGRATE_TABLES+="resource_classes resource_provider_aggregates resource_provider_traits "
-DEFAULT_MIGRATE_TABLES+="resource_providers traits users "
-MIGRATE_TABLES=${MIGRATE_TABLES:-$DEFAULT_MIGRATE_TABLES}
-PLACEMENT_DB_HOST=${PLACEMENT_DB_HOST:-localhost}
-PLACEMENT_DB=${PLACEMENT_DB:-placement}
-NOVA_API_DB_HOST=${NOVA_API_DB_HOST:-localhost}
-NOVA_API_DB=${NOVA_API_DB:-nova_api}
-TMPDIR=${TMPDIR:-/tmp}
-LAST_MYSQL_ERR=${TMPDIR}/migrate-mysql-db.err
-INITIAL_PLACEMENT_DB_VERSION=${INITIAL_DB_VERSION:-b4ed3a175331}
-ME=$(basename "$0")
-
-declare -a ARGS
-declare -a OPTS
-
-function getflag() {
- # Return true if --$flag is present on the command line
- # Usage: getflag help -> 0
- local flag="$1"
- for opt in ${OPTS[*]}; do
- if [ "$opt" == "--${flag}" ]; then
- return 0
- fi
- done
- return 1
-}
-
-function parse_argv() {
- # Parse command line arguments into positional arguments and
- # option flags. Store each in $ARGS, $OPTS.
- # Usage: parse_argv $*
- for item in $*; do
- if echo $item | grep -q -- '^--'; then
- OPTS+=($item)
- else
- ARGS+=($item)
- fi
- done
-}
-
-function db_var() {
- # Return an attribute of database config based on the symbolic
- # name
- # Usage: db_var PLACEMENT USER -> $PLACEMENT_USER
- local db="$1"
- local var="$2"
-
- eval echo "\$${db}_${var}"
-}
-
-function mysql_command() {
- # Run a mysql command with the usual connection information taken
- # from a symbolic configuration name
- # Usage: mysql_command PLACEMENT [command] [args..] -> stdout
- local whichdb="$1"
- shift
- local command=mysql
- if [ "$2" ]; then
- command=${1:-mysql}
- shift
- fi
- local db=$(db_var $whichdb DB)
- local host=$(db_var $whichdb DB_HOST)
- local user=$(db_var $whichdb USER)
- local pass=$(db_var $whichdb PASS)
-
- if [ "$command" = "mysql" ]; then
- command="mysql --skip-column-names"
- fi
-
- if [ ! -z "$MARIADB_X509" ]; then
- local ca=/etc/mysql/certs/ca.crt
- local cert=/etc/mysql/certs/tls.crt
- local key=/etc/mysql/certs/tls.key
- $command -h$host -u$user -p$pass $db --ssl-ca=$ca --ssl-cert=$cert --ssl-key=$key $* 2>$LAST_MYSQL_ERR
- else
- $command -h$host -u$user -p$pass $db $* 2>$LAST_MYSQL_ERR
- fi
-}
-
-function show_error() {
- # Prints the last error (if present) and removes the temporary
- # file
- if [ -f $LAST_MYSQL_ERR ]; then
- cat $LAST_MYSQL_ERR
- rm -f $LAST_MYSQL_ERR
- fi
-}
-
-function check_db() {
- # Check a DB to see if it's missing, present, filled with data
- # Returns 0 if it is present with data, 1 if present but no data
- # or 2 if not present (or unable to connect)
- # Usage: check_db PLACEMENT -> 0
- local whichdb="$1"
-
- local inv
- local inv_count
-
- if ! echo "SELECT DATABASE()" | mysql_command $whichdb >/dev/null 2>&1; then
- echo "Failed to connect to $whichdb database"
- show_error
- return 2
- fi
-
- inv=$(echo "SELECT COUNT(id) FROM inventories" |
- mysql_command $whichdb)
- if [ $? -ne 0 ]; then
- # No schema
- return 1
- fi
-
- inv_count=$(echo $inv | tail -n1)
- if [ $inv_count -gt 0 ]; then
- # Data found
- return 0
- else
- # No data found, but schema intact
- return 1
- fi
-}
-
-function check_cli() {
- # Returns 0 if placement cli is installed and configured,
- # 1 if it is not installed, or 2 if the access to the
- # placement database fails
- # Usage: check_cli -> 0
- placement-manage --version > /dev/null 2>&1
-
- if [ $? -ne 0 ]; then
- # placement not installed
- return 1
- fi
-
- placement-manage db version > /dev/null 2>&1
-
- if [ $? -ne 0 ]; then
- # DB connection fails
- return 2
- fi
-}
-
-function migrate_data() {
- # Actually migrate data from a source to destination symbolic
- # database. Returns 1 if failure, 0 otherwise.
- # Usage: migrate_data NOVA_API PLACEMENT -> 0
- local source="$1"
- local dest="$2"
- local dump_flags="$3"
- local tmpdir=$(mktemp -d migrate-db.XXXXXXXX)
- local tmpfile="${tmpdir}/from-nova.sql"
-
- echo "Dumping from $source to $tmpfile"
- mysql_command $source mysqldump $dump_flags $MIGRATE_TABLES > $tmpfile || {
- echo 'Failed to dump source database:'
- show_error
- return 1
- }
- echo "Loading to $dest from $tmpfile"
- mysql_command $dest < $tmpfile || {
- echo 'Failed to load destination database:'
- show_error
- return 1
- }
-}
-
-function sanity_check_env() {
- # Check that we have everything we need to examine the situation
- # and potentially do the migration. Loads values from the rcfile,
- # if present. Returns 1 if a config was not found, 2 if that
- # config is incomplete or 0 if everything is good.
- # Usage: sanity_check_env $rcfile -> 0
-
- RCFILE="${1:-migrate-db.rc}"
- if [ "$RCFILE" = '-' ]; then
- # Don't require a file and assume everything is already
- # set in the environment
- true
- elif [ ! -f "$RCFILE" ]; then
- echo -n 'ERROR: Specify an RC file on the command line or create '
- echo 'migrate-db.rc in the current directory'
- echo
- show_help
- else
- source $RCFILE
- fi
-
- required="NOVA_API_DB NOVA_API_USER NOVA_API_PASS PLACEMENT_DB PLACEMENT_USER PLACEMENT_PASS"
- for var in $required; do
- value=$(eval echo "\$$var")
- if [ -z "$value" ]; then
- echo "A value for $var was not provided but is required"
- return 2
- fi
- done
-}
-
-function make_config() {
- # Create or update a config file with defaults we know. Either use
- # the default migrate-db.rc or the file specified on the command
- # line.
- RCFILE="${1:-migrate-db.rc}"
- if [ -f "$RCFILE" ]; then
- source $RCFILE
- fi
-
- vars="NOVA_API_DB NOVA_API_USER NOVA_API_PASS NOVA_API_DB_HOST "
- vars+="PLACEMENT_DB PLACEMENT_USER PLACEMENT_PASS PLACEMENT_DB_HOST "
- vars+="MIGRATE_TABLES"
-
- (for var in $vars; do
- val=$(eval echo "\$$var")
- echo "${var}=\"$val\""
- done) > $RCFILE
-
- echo Wrote $(readlink -f $RCFILE)
-}
-
-function show_help() {
- echo "Usage: $ME [flags] [rcfile]"
- echo
- echo "Flags:"
- echo " --help: this text"
- echo " --migrate: actually do data migration"
- echo " --mkconfig: write/update config to \$rcfile"
- echo " --skip-locks: don't use table locks for data migration"
- echo
- echo "Pass '-' as \$rcfile if all config values are set in"
- echo "the environment."
- echo
- echo "Exit codes:"
- echo " 0: Success"
- echo " 1: Usage error"
- echo " 2: Configuration missing or incomplete"
- echo " 3: Migration already completed"
- echo " 4: No data to migrate from nova (new deployment)"
- echo " 5: Unable to connect to one or both databases"
- echo " 6: Unable to execute placement's CLI commands"
- exit 0
-}
-
-parse_argv $*
-
-if getflag help; then
- show_help
-fi
-
-if getflag mkconfig; then
- make_config $ARGS
- exit 0
-fi
-
-#
-# Actual migration logic starts here
-#
-
-# Sanity check that we have what we need or bail
-sanity_check_env $ARGS || exit $?
-
-# Check the state of each database we care about
-check_db NOVA_API
-nova_present=$?
-check_db PLACEMENT
-placement_present=$?
-check_cli
-placement_cli=$?
-
-# Try to come up with a good reason to refuse to migrate
-if [ $nova_present -eq 0 -a $placement_present -eq 0 ]; then
- echo "Migration has already completed. The placement database appears to have data."
- exit 3
-elif [ $nova_present -eq 1 ]; then
- echo "No data present in nova database - nothing to migrate (new deployment?)"
- exit 4
-elif [ $nova_present -eq 2 ]; then
- echo "Unable to proceed without connection to nova database"
- exit 5
-elif [ $placement_present -eq 2 ]; then
- echo "Unable to proceed without connection to placement database"
- exit 5
-elif [ $placement_cli -eq 1 ]; then
- echo "Unable to proceed without placement installed"
- exit 6
-elif [ $placement_cli -eq 2 ]; then
- echo "The 'placement-manage db version' command fails"
- echo "Is placement.conf configured to access the new database?"
- exit 6
-fi
-
-# If we get here, we expect to be able to migrate. Require them to opt into
-# actual migration before we do anything.
-
-echo Nova database contains data, placement database does not. Okay to proceed with migration
-
-if getflag migrate $*; then
- if getflag skip-locks $*; then
- migrate_data NOVA_API PLACEMENT "--skip-lock-tables --skip-add-locks"
- else
- migrate_data NOVA_API PLACEMENT
- fi
- placement-manage db stamp $INITIAL_PLACEMENT_DB_VERSION
-else
- echo "To actually migrate, run me with --migrate"
-fi
-
-rm -f $LAST_MYSQL_ERR
diff --git a/charts/placement/templates/configmap-bin.yaml b/charts/placement/templates/configmap-bin.yaml
index 4fc59ce..0bc5546 100644
--- a/charts/placement/templates/configmap-bin.yaml
+++ b/charts/placement/templates/configmap-bin.yaml
@@ -30,14 +30,10 @@
{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
db-drop.py: |
{{- include "helm-toolkit.scripts.db_drop" . | indent 4 }}
- db-migrate.sh: |
-{{ tuple "bin/_db-migrate.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
ks-service.sh: |
{{- include "helm-toolkit.scripts.keystone_service" . | indent 4 }}
ks-endpoints.sh: |
{{- include "helm-toolkit.scripts.keystone_endpoints" . | indent 4 }}
ks-user.sh: |
{{- include "helm-toolkit.scripts.keystone_user" . | indent 4 }}
- mysql-migrate-db.sh: |
-{{ tuple "bin/_mysql-migrate-db.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
{{- end }}
diff --git a/charts/placement/templates/deployment.yaml b/charts/placement/templates/deployment.yaml
index 9dcde00..605f952 100644
--- a/charts/placement/templates/deployment.yaml
+++ b/charts/placement/templates/deployment.yaml
@@ -64,6 +64,11 @@
{{ tuple $envAll "placement" | include "helm-toolkit.snippets.image" | indent 10 }}
{{ tuple $envAll $envAll.Values.pod.resources.api | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
{{ dict "envAll" $envAll "application" "placement" "container" "placement_api" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
+{{- if or .Values.manifests.certificates .Values.tls.identity }}
+ env:
+ - name: REQUESTS_CA_BUNDLE
+ value: "/etc/placement/certs/ca.crt"
+{{- end }}
command:
- /tmp/placement-api.sh
- start
@@ -75,16 +80,19 @@
- stop
ports:
- name: p-api
- containerPort: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ containerPort: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
readinessProbe:
- # NOTE(portdirect): use tcpSocket check as HTTP will return 401
- tcpSocket:
- port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ httpGet:
+ scheme: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
+ path: /
+ port: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 15
periodSeconds: 10
livenessProbe:
- tcpSocket:
- port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ httpGet:
+ scheme: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
+ path: /
+ port: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
initialDelaySeconds: 50
periodSeconds: 10
volumeMounts:
@@ -115,7 +123,7 @@
subPath: wsgi-placement.conf
readOnly: true
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.placement.api.internal "path" "/etc/placement/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.placement.api.internal "path" "/etc/placement/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
{{ if $mounts_placement.volumeMounts }}{{ toYaml $mounts_placement.volumeMounts | indent 12 }}{{ end }}
volumes:
- name: pod-tmp
@@ -131,6 +139,6 @@
secretName: placement-etc
defaultMode: 0444
{{- dict "enabled" $envAll.Values.manifests.certificates "name" $envAll.Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.placement.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
+{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.placement.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
{{ if $mounts_placement.volumes }}{{ toYaml $mounts_placement.volumes | indent 8 }}{{ end }}
{{- end }}
diff --git a/charts/placement/templates/job-db-migrate.yaml b/charts/placement/templates/job-db-migrate.yaml
deleted file mode 100644
index 1b7f863..0000000
--- a/charts/placement/templates/job-db-migrate.yaml
+++ /dev/null
@@ -1,108 +0,0 @@
-{{/*
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.job_db_migrate }}
-{{- $envAll := . }}
-{{- $serviceAccountName := "placement-db-migrate" -}}
-{{- $service := "db_migrate" -}}
-{{ tuple $envAll $service $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
----
-apiVersion: batch/v1
-kind: Job
-metadata:
- name: placement-db-migrate
- labels:
-{{ tuple $envAll "placement" "db-migrate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
- annotations:
-{{- if .Values.helm3_hook }}
- helm.sh/hook: post-install,post-upgrade
- helm.sh/hook-weight: "-4"
-{{- end }}
- {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
-spec:
- template:
- metadata:
- labels:
-{{ tuple $envAll "placement" $service | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
- annotations:
-{{ dict "envAll" $envAll "podName" "placement-db-migrate" "containerNames" (list "placement-mysql-migration" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
- spec:
- serviceAccountName: {{ $serviceAccountName }}
-{{ dict "envAll" $envAll "application" "placement" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
- restartPolicy: OnFailure
- nodeSelector:
- {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
-{{ if $envAll.Values.pod.tolerations.placement.enabled }}
-{{ tuple $envAll "placement" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
-{{ end }}
- initContainers:
-{{ tuple $envAll $service list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
- containers:
- - name: placement-mysql-migration
-{{ tuple $envAll $service | include "helm-toolkit.snippets.image" | indent 10 }}
-{{ tuple $envAll $envAll.Values.pod.resources.jobs.ks_service | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
-{{ dict "envAll" $envAll "application" "placement" "container" "placement_mysql_migration" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
- command:
- - /tmp/db-migrate.sh
- env:
-{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.admin "useCA" .Values.manifests.certificates }}
-{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
-{{- end }}
- - name: NOVA_API_USER
- value: {{ .Values.endpoints.oslo_db.auth.nova_api.username | quote }}
- - name: NOVA_API_PASS
- value: {{ .Values.endpoints.oslo_db.auth.nova_api.password | quote }}
- - name: NOVA_API_DB_HOST
- value: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" | quote }}
- - name: PLACEMENT_USER
- value: {{ .Values.endpoints.oslo_db.auth.placement.username | quote }}
- - name: PLACEMENT_PASS
- value: {{ .Values.endpoints.oslo_db.auth.placement.password | quote }}
- - name: PLACEMENT_DB_HOST
- value: {{ tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" | quote }}
-{{- if $envAll.Values.manifests.certificates }}
- - name: MARIADB_X509
- value: "REQUIRE X509"
-{{- end }}
- volumeMounts:
- - name: pod-tmp
- mountPath: /tmp
- - name: placement-bin
- mountPath: /tmp/mysql-migrate-db.sh
- subPath: mysql-migrate-db.sh
- readOnly: true
- - name: placement-bin
- mountPath: /tmp/db-migrate.sh
- subPath: db-migrate.sh
- readOnly: true
- - name: placement-etc
- mountPath: /etc/placement/placement.conf
- subPath: placement.conf
- readOnly: true
-{{ dict "enabled" .Values.manifests.certificates "name" $envAll.Values.secrets.tls.placement.api.internal | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal "path" "/etc/mysql/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
- volumes:
- - name: pod-tmp
- emptyDir: {}
- - name: placement-bin
- configMap:
- name: placement-bin
- defaultMode: 0555
- - name: placement-etc
- secret:
- secretName: placement-etc
- defaultMode: 0444
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.endpoints.oslo_db.auth.admin.secret.tls.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.placement.api.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
-{{- end }}
diff --git a/charts/placement/templates/job-ks-endpoints.yaml b/charts/placement/templates/job-ks-endpoints.yaml
index 111ba33..bfb0bd2 100644
--- a/charts/placement/templates/job-ks-endpoints.yaml
+++ b/charts/placement/templates/job-ks-endpoints.yaml
@@ -21,7 +21,7 @@
{{- if .Values.manifests.job_ks_endpoints }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "placement" "serviceTypes" ( tuple "placement" ) -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.placement.api.internal -}}
{{- end -}}
{{- if .Values.helm3_hook }}
diff --git a/charts/placement/templates/job-ks-service.yaml b/charts/placement/templates/job-ks-service.yaml
index 10e45bd..3f05eb0 100644
--- a/charts/placement/templates/job-ks-service.yaml
+++ b/charts/placement/templates/job-ks-service.yaml
@@ -21,7 +21,7 @@
{{- if .Values.manifests.job_ks_service }}
{{- $ksServiceJob := dict "envAll" . "serviceName" "placement" "serviceTypes" ( tuple "placement" ) -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksServiceJob "tlsSecret" .Values.secrets.tls.placement.api.internal -}}
{{- end -}}
{{- if .Values.helm3_hook }}
diff --git a/charts/placement/templates/job-ks-user.yaml b/charts/placement/templates/job-ks-user.yaml
index 2c1a002..056938b 100644
--- a/charts/placement/templates/job-ks-user.yaml
+++ b/charts/placement/templates/job-ks-user.yaml
@@ -21,7 +21,7 @@
{{- if .Values.manifests.job_ks_user }}
{{- $ksUserJob := dict "envAll" . "serviceName" "placement" -}}
-{{- if .Values.manifests.certificates -}}
+{{- if or .Values.manifests.certificates .Values.tls.identity -}}
{{- $_ := set $ksUserJob "tlsSecret" .Values.secrets.tls.placement.api.internal -}}
{{- end -}}
{{- if .Values.helm3_hook }}
diff --git a/charts/placement/templates/service.yaml b/charts/placement/templates/service.yaml
index 3d9bd01..aa0168e 100644
--- a/charts/placement/templates/service.yaml
+++ b/charts/placement/templates/service.yaml
@@ -24,7 +24,7 @@
spec:
ports:
- name: p-api
- port: {{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ port: {{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
{{ if .Values.network.api.node_port.enabled }}
nodePort: {{ .Values.network.api.node_port.port }}
{{ end }}
diff --git a/charts/placement/values.yaml b/charts/placement/values.yaml
index 578d947..ff33660 100644
--- a/charts/placement/values.yaml
+++ b/charts/placement/values.yaml
@@ -36,7 +36,6 @@
ks_endpoints: docker.io/openstackhelm/heat:stein-ubuntu_bionic
db_init: docker.io/openstackhelm/heat:stein-ubuntu_bionic
db_drop: docker.io/openstackhelm/heat:stein-ubuntu_bionic
- db_migrate: quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic
placement_db_sync: docker.io/openstackhelm/placement:stein-ubuntu_bionic
dep_check: quay.io/airshipit/kubernetes-entrypoint:v1.0.0
image_repo_sync: docker.io/docker:17.07.0
@@ -74,44 +73,7 @@
# - status
a2enmod: null
a2dismod: null
- policy:
- "context_is_admin": "role:admin"
- "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s"
- "default": "rule:admin_or_owner"
- "admin_api": "role:admin"
- "placement:resource_providers:list": "rule:admin_api"
- "placement:resource_providers:create": "rule:admin_api"
- "placement:resource_providers:show": "rule:admin_api"
- "placement:resource_providers:update": "rule:admin_api"
- "placement:resource_providers:delete": "rule:admin_api"
- "placement:resource_classes:list": "rule:admin_api"
- "placement:resource_classes:create": "rule:admin_api"
- "placement:resource_classes:show": "rule:admin_api"
- "placement:resource_classes:update": "rule:admin_api"
- "placement:resource_classes:delete": "rule:admin_api"
- "placement:resource_providers:inventories:list": "rule:admin_api"
- "placement:resource_providers:inventories:create": "rule:admin_api"
- "placement:resource_providers:inventories:show": "rule:admin_api"
- "placement:resource_providers:inventories:update": "rule:admin_api"
- "placement:resource_providers:inventories:delete": "rule:admin_api"
- "placement:resource_providers:aggregates:list": "rule:admin_api"
- "placement:resource_providers:aggregates:update": "rule:admin_api"
- "placement:resource_providers:usages": "rule:admin_api"
- "placement:usages": "rule:admin_api"
- "placement:traits:list": "rule:admin_api"
- "placement:traits:show": "rule:admin_api"
- "placement:traits:update": "rule:admin_api"
- "placement:traits:delete": "rule:admin_api"
- "placement:resource_providers:traits:list": "rule:admin_api"
- "placement:resource_providers:traits:update": "rule:admin_api"
- "placement:resource_providers:traits:delete": "rule:admin_api"
- "placement:allocations:manage": "rule:admin_api"
- "placement:allocations:list": "rule:admin_api"
- "placement:allocations:update": "rule:admin_api"
- "placement:allocations:delete": "rule:admin_api"
- "placement:resource_providers:allocations:list": "rule:admin_api"
- "placement:allocation_candidates:list": "rule:admin_api"
- "placement:reshaper:reshape": "rule:admin_api"
+ policy: {}
placement:
DEFAULT:
debug: false
@@ -184,13 +146,13 @@
format: "%(message)s"
datefmt: "%Y-%m-%d %H:%M:%S"
wsgi_placement: |
- Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ Listen 0.0.0.0:{{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
- <VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
+ <VirtualHost *:{{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
WSGIDaemonProcess placement-api processes=4 threads=1 user=placement group=placement display-name=%{GROUP}
WSGIProcessGroup placement-api
WSGIScriptAlias / /var/www/cgi-bin/placement/placement-api
@@ -325,10 +287,12 @@
default: /
scheme:
default: 'http'
+ service: 'http'
port:
api:
default: 8778
public: 80
+ service: 8778
pod:
security_context:
@@ -408,13 +372,6 @@
limits:
memory: "1024Mi"
cpu: "2000m"
- db_migrate:
- requests:
- memory: "128Mi"
- cpu: "100m"
- limits:
- memory: "1024Mi"
- cpu: "2000m"
ks_endpoints:
requests:
memory: "128Mi"
@@ -491,18 +448,9 @@
services:
- endpoint: internal
service: oslo_db
- db_migrate:
- jobs:
- - placement-db-init
- - nova-db-sync
- services:
- - endpoint: internal
- service: oslo_db
db_sync:
jobs:
- placement-db-init
- # NOTE: This needs to be enabled if placement migration is required.
- # - placement-db-migrate
services:
- endpoint: internal
service: oslo_db
@@ -511,6 +459,11 @@
# set helm3_hook: false when using the helm2 binary.
helm3_hook: true
+tls:
+ identity: false
+ oslo_messaging: false
+ oslo_db: false
+
manifests:
certificates: false
configmap_bin: true
@@ -520,7 +473,6 @@
job_db_init: true
job_db_sync: true
job_db_drop: false
- job_db_migrate: false
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
diff --git a/charts/placement/values_overrides/apparmor.yaml b/charts/placement/values_overrides/apparmor.yaml
index 84ca750..ee883ac 100644
--- a/charts/placement/values_overrides/apparmor.yaml
+++ b/charts/placement/values_overrides/apparmor.yaml
@@ -5,10 +5,4 @@
placement-api:
placement-api: runtime/default
init: runtime/default
- placement-db-migrate:
- init: runtime/default
- placement-mysql-migration: runtime/default
-
-manifests:
- job_db_migrate: true
...
diff --git a/charts/placement/values_overrides/tls-offloading.yaml b/charts/placement/values_overrides/tls-offloading.yaml
new file mode 100644
index 0000000..ff97285
--- /dev/null
+++ b/charts/placement/values_overrides/tls-offloading.yaml
@@ -0,0 +1,12 @@
+---
+endpoints:
+ identity:
+ auth:
+ admin:
+ cacert: /etc/ssl/certs/openstack-helm.crt
+ placement:
+ cacert: /etc/ssl/certs/openstack-helm.crt
+
+tls:
+ identity: true
+...
diff --git a/charts/placement/values_overrides/tls.yaml b/charts/placement/values_overrides/tls.yaml
index adfd359..514b660 100644
--- a/charts/placement/values_overrides/tls.yaml
+++ b/charts/placement/values_overrides/tls.yaml
@@ -13,13 +13,13 @@
keystone_authtoken:
cafile: /etc/placement/certs/ca.crt
wsgi_placement: |
- Listen 0.0.0.0:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ Listen 0.0.0.0:{{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded
- <VirtualHost *:{{ tuple "placement" "internal" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
+ <VirtualHost *:{{ tuple "placement" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}>
ServerName {{ printf "%s.%s.svc.%s" "placement-api" .Release.Namespace .Values.endpoints.cluster_domain_suffix }}
WSGIDaemonProcess placement-api processes=4 threads=1 user=placement group=placement display-name=%{GROUP}
WSGIProcessGroup placement-api
@@ -71,6 +71,7 @@
kind: ClusterIssuer
scheme:
default: https
+ service: https
port:
api:
public: 443
diff --git a/charts/placement/values_overrides/train-ubuntu_bionic.yaml b/charts/placement/values_overrides/train-ubuntu_bionic.yaml
deleted file mode 100644
index d721085..0000000
--- a/charts/placement/values_overrides/train-ubuntu_bionic.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-images:
- pull_policy: IfNotPresent
- tags:
- placement: "docker.io/openstackhelm/placement:train-ubuntu_bionic"
- ks_user: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
- ks_service: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
- ks_endpoints: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
- db_init: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
- db_drop: "docker.io/openstackhelm/heat:train-ubuntu_bionic"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
- placement_db_sync: "docker.io/openstackhelm/placement:train-ubuntu_bionic"
- dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
- image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
-dependencies:
- static:
- db_sync:
- jobs:
- - placement-db-init
- - placement-db-migrate
-...
diff --git a/charts/placement/values_overrides/ussuri-ubuntu_bionic.yaml b/charts/placement/values_overrides/ussuri-ubuntu_bionic.yaml
deleted file mode 100644
index 6f19c55..0000000
--- a/charts/placement/values_overrides/ussuri-ubuntu_bionic.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
----
-images:
- pull_policy: IfNotPresent
- tags:
- placement: "docker.io/openstackhelm/placement:ussuri-ubuntu_bionic"
- ks_user: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
- ks_service: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
- ks_endpoints: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
- db_init: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
- db_drop: "docker.io/openstackhelm/heat:ussuri-ubuntu_bionic"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
- placement_db_sync: "docker.io/openstackhelm/placement:ussuri-ubuntu_bionic"
- dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
- image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
-dependencies:
- static:
- db_sync:
- jobs:
- - placement-db-init
- - placement-db-migrate
-...
diff --git a/charts/placement/values_overrides/victoria-ubuntu_focal.yaml b/charts/placement/values_overrides/victoria-ubuntu_focal.yaml
index 1c94633..55a4693 100644
--- a/charts/placement/values_overrides/victoria-ubuntu_focal.yaml
+++ b/charts/placement/values_overrides/victoria-ubuntu_focal.yaml
@@ -8,16 +8,12 @@
ks_endpoints: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
db_init: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
db_drop: "docker.io/openstackhelm/heat:victoria-ubuntu_focal"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
placement_db_sync: "docker.io/openstackhelm/placement:victoria-ubuntu_focal"
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
dependencies:
static:
db_sync:
jobs:
- placement-db-init
- - placement-db-migrate
...
diff --git a/charts/placement/values_overrides/wallaby-ubuntu_focal.yaml b/charts/placement/values_overrides/wallaby-ubuntu_focal.yaml
index 9122f5b..47cf660 100644
--- a/charts/placement/values_overrides/wallaby-ubuntu_focal.yaml
+++ b/charts/placement/values_overrides/wallaby-ubuntu_focal.yaml
@@ -8,16 +8,12 @@
ks_endpoints: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
db_init: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
db_drop: "docker.io/openstackhelm/heat:wallaby-ubuntu_focal"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
placement_db_sync: "docker.io/openstackhelm/placement:wallaby-ubuntu_focal"
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
dependencies:
static:
db_sync:
jobs:
- placement-db-init
- - placement-db-migrate
...
diff --git a/charts/placement/values_overrides/xena-ubuntu_focal.yaml b/charts/placement/values_overrides/xena-ubuntu_focal.yaml
index c8355d9..68baf2c 100644
--- a/charts/placement/values_overrides/xena-ubuntu_focal.yaml
+++ b/charts/placement/values_overrides/xena-ubuntu_focal.yaml
@@ -8,16 +8,12 @@
ks_endpoints: "docker.io/openstackhelm/heat:xena-ubuntu_focal"
db_init: "docker.io/openstackhelm/heat:xena-ubuntu_focal"
db_drop: "docker.io/openstackhelm/heat:xena-ubuntu_focal"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
placement_db_sync: "docker.io/openstackhelm/placement:xena-ubuntu_focal"
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
dependencies:
static:
db_sync:
jobs:
- placement-db-init
- - placement-db-migrate
...
diff --git a/charts/placement/values_overrides/yoga-ubuntu_focal.yaml b/charts/placement/values_overrides/yoga-ubuntu_focal.yaml
index b508709..46fdb90 100644
--- a/charts/placement/values_overrides/yoga-ubuntu_focal.yaml
+++ b/charts/placement/values_overrides/yoga-ubuntu_focal.yaml
@@ -8,16 +8,12 @@
ks_endpoints: "docker.io/openstackhelm/heat:yoga-ubuntu_focal"
db_init: "docker.io/openstackhelm/heat:yoga-ubuntu_focal"
db_drop: "docker.io/openstackhelm/heat:yoga-ubuntu_focal"
- db_migrate: "quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_bionic"
placement_db_sync: "docker.io/openstackhelm/placement:yoga-ubuntu_focal"
dep_check: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
image_repo_sync: "docker.io/docker:17.07.0"
-manifests:
- job_db_migrate: true
dependencies:
static:
db_sync:
jobs:
- placement-db-init
- - placement-db-migrate
...