Merge "Enable {priority,runtime}ClassName for Cinder" into stable/2023.2diff --git a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
index 897b5b6..14c18f5 100644
--- a/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+++ b/charts/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
@@ -50,6 +50,12 @@
{{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }}
spec:
{{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
+{{ with .Values.pod.priorityClassName.cinder_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
restartPolicy: OnFailure
{{ if $envAll.Values.pod.tolerations.cinder.enabled }}
diff --git a/charts/cinder/templates/deployment-api.yaml b/charts/cinder/templates/deployment-api.yaml
index feab3ef..13087e7 100644
--- a/charts/cinder/templates/deployment-api.yaml
+++ b/charts/cinder/templates/deployment-api.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_api }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_api }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-backup.yaml b/charts/cinder/templates/deployment-backup.yaml
index 47fac40..6e69c8e 100644
--- a/charts/cinder/templates/deployment-backup.yaml
+++ b/charts/cinder/templates/deployment-backup.yaml
@@ -47,6 +47,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_backup }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_backup }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-scheduler.yaml b/charts/cinder/templates/deployment-scheduler.yaml
index cf69dd1..a19be9d 100644
--- a/charts/cinder/templates/deployment-scheduler.yaml
+++ b/charts/cinder/templates/deployment-scheduler.yaml
@@ -45,6 +45,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_scheduler }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_scheduler }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/deployment-volume.yaml b/charts/cinder/templates/deployment-volume.yaml
index f029aff..b39cd2b 100644
--- a/charts/cinder/templates/deployment-volume.yaml
+++ b/charts/cinder/templates/deployment-volume.yaml
@@ -47,6 +47,12 @@
configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
{{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
spec:
+{{ with .Values.pod.priorityClassName.cinder_volume }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_volume }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
{{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
affinity:
diff --git a/charts/cinder/templates/pod-rally-test.yaml b/charts/cinder/templates/pod-rally-test.yaml
index 3ed52cd..e44bdcf 100644
--- a/charts/cinder/templates/pod-rally-test.yaml
+++ b/charts/cinder/templates/pod-rally-test.yaml
@@ -38,6 +38,12 @@
{{ end }}
nodeSelector:
{{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
+{{ with .Values.pod.priorityClassName.cinder_tests }}
+ priorityClassName: {{ . }}
+{{ end }}
+{{ with .Values.pod.runtimeClassName.cinder_tests }}
+ runtimeClassName: {{ . }}
+{{ end }}
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
diff --git a/charts/cinder/values.yaml b/charts/cinder/values.yaml
index 12351a6..23bcc8f 100644
--- a/charts/cinder/values.yaml
+++ b/charts/cinder/values.yaml
@@ -76,6 +76,22 @@
failed: 1
pod:
+ priorityClassName:
+ cinder_api: null
+ cinder_backup: null
+ cinder_scheduler: null
+ cinder_tests: null
+ cinder_volume_usage_audit: null
+ cinder_volume: null
+ db_sync: null
+ runtimeClassName:
+ cinder_api: null
+ cinder_backup: null
+ cinder_scheduler: null
+ cinder_tests: null
+ cinder_volume_usage_audit: null
+ cinder_volume: null
+ db_sync: null
security_context:
volume_usage_audit:
pod:
diff --git a/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch
new file mode 100644
index 0000000..7397b0e
--- /dev/null
+++ b/charts/patches/cinder/0003-Enable-priority-runtime-ClassName-for-Cinder.patch
@@ -0,0 +1,146 @@
+From 5fa9fbab45a5cd489007ca0286e7203accd1f398 Mon Sep 17 00:00:00 2001
+From: Mohammed Naser <mnaser@vexxhost.com>
+Date: Thu, 6 Feb 2025 09:33:47 -0500
+Subject: [PATCH] Enable {priority,runtime}ClassName for Cinder
+
+---
+ .../cron-job-cinder-volume-usage-audit.yaml | 6 ++++++
+ cinder/templates/deployment-api.yaml | 6 ++++++
+ cinder/templates/deployment-backup.yaml | 6 ++++++
+ cinder/templates/deployment-scheduler.yaml | 6 ++++++
+ cinder/templates/deployment-volume.yaml | 6 ++++++
+ cinder/templates/pod-rally-test.yaml | 6 ++++++
+ cinder/values.yaml | 16 ++++++++++++++++
+ 7 files changed, 52 insertions(+)
+
+diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+index 1d935f12..18d9e28e 100644
+--- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
++++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml
+@@ -50,6 +50,12 @@ spec:
+ {{ dict "envAll" $envAll "podName" $serviceAccountName "containerNames" (list "cinder-volume-usage-audit" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 12 }}
+ spec:
+ {{ dict "envAll" $envAll "application" "volume_usage_audit" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 10 }}
++{{ with .Values.pod.priorityClassName.cinder_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ {{ if $envAll.Values.pod.tolerations.cinder.enabled }}
+diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml
+index f29d103f..3b1a30d6 100644
+--- a/cinder/templates/deployment-api.yaml
++++ b/cinder/templates/deployment-api.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ tuple "cinder_api" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-api" "containerNames" (list "cinder-api" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_api }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_api }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_api" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml
+index ccd84fc0..617031a0 100644
+--- a/cinder/templates/deployment-backup.yaml
++++ b/cinder/templates/deployment-backup.yaml
+@@ -48,6 +48,12 @@ spec:
+ {{ tuple "cinder_backup" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-backup" "containerNames" (list "cinder-backup" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_backup }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_backup }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_backup" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml
+index 73e14e55..016ade95 100644
+--- a/cinder/templates/deployment-scheduler.yaml
++++ b/cinder/templates/deployment-scheduler.yaml
+@@ -46,6 +46,12 @@ spec:
+ {{ tuple "cinder_scheduler" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-scheduler" "containerNames" (list "cinder-scheduler" "ceph-coordination-volume-perms" "init") | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_scheduler }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_scheduler }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_scheduler" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml
+index c28518da..83430c33 100644
+--- a/cinder/templates/deployment-volume.yaml
++++ b/cinder/templates/deployment-volume.yaml
+@@ -48,6 +48,12 @@ spec:
+ {{ tuple "cinder_volume" . | include "helm-toolkit.snippets.custom_pod_annotations" | indent 8 }}
+ {{ dict "envAll" $envAll "podName" "cinder-volume" "containerNames" (list "cinder-volume" "ceph-coordination-volume-perms" "init-cinder-conf" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
+ spec:
++{{ with .Values.pod.priorityClassName.cinder_volume }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_volume }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ {{ dict "envAll" $envAll "application" "cinder_volume" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
+ affinity:
+diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml
+index 34316c65..a2852359 100644
+--- a/cinder/templates/pod-rally-test.yaml
++++ b/cinder/templates/pod-rally-test.yaml
+@@ -38,6 +38,12 @@ spec:
+ {{ end }}
+ nodeSelector:
+ {{ .Values.labels.test.node_selector_key }}: {{ .Values.labels.test.node_selector_value }}
++{{ with .Values.pod.priorityClassName.cinder_tests }}
++ priorityClassName: {{ . }}
++{{ end }}
++{{ with .Values.pod.runtimeClassName.cinder_tests }}
++ runtimeClassName: {{ . }}
++{{ end }}
+ serviceAccountName: {{ $serviceAccountName }}
+ initContainers:
+ {{ tuple $envAll "tests" $mounts_tests_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
+diff --git a/cinder/values.yaml b/cinder/values.yaml
+index 6b335be1..1377e4cd 100644
+--- a/cinder/values.yaml
++++ b/cinder/values.yaml
+@@ -76,6 +76,22 @@ jobs:
+ failed: 1
+
+ pod:
++ priorityClassName:
++ cinder_api: null
++ cinder_backup: null
++ cinder_scheduler: null
++ cinder_tests: null
++ cinder_volume_usage_audit: null
++ cinder_volume: null
++ db_sync: null
++ runtimeClassName:
++ cinder_api: null
++ cinder_backup: null
++ cinder_scheduler: null
++ cinder_tests: null
++ cinder_volume_usage_audit: null
++ cinder_volume: null
++ db_sync: null
+ security_context:
+ volume_usage_audit:
+ pod:
+--
+2.43.0
diff --git a/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml
new file mode 100644
index 0000000..6852e16
--- /dev/null
+++ b/releasenotes/notes/cinder-priority-runtime-class-910112b1da7bd5c1.yaml
@@ -0,0 +1,4 @@
+---
+features:
+ - The Cinder role now allows users to configure the ``priorityClassName`` and
+ the ``runtimeClassName`` for all of the different components of the service.
diff --git a/roles/cinder/tests/priorityclass_test.yaml b/roles/cinder/tests/priorityclass_test.yaml
new file mode 100644
index 0000000..4ca4967
--- /dev/null
+++ b/roles/cinder/tests/priorityclass_test.yaml
@@ -0,0 +1,96 @@
+suite: priorityclass
+tests:
+ - it: should support not having a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.priorityClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.priorityClassName
+
+ - it: should support setting a priority class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ priorityClassName:
+ cinder_api: platform
+ cinder_backup: platform
+ cinder_scheduler: platform
+ cinder_tests: platform
+ cinder_volume_usage_audit: platform
+ cinder_volume: platform
+ db_sync: platform
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.priorityClassName
+ value: platform
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.priorityClassName
+ value: platform
diff --git a/roles/cinder/tests/runtimeclass_test.yaml b/roles/cinder/tests/runtimeclass_test.yaml
new file mode 100644
index 0000000..151958a
--- /dev/null
+++ b/roles/cinder/tests/runtimeclass_test.yaml
@@ -0,0 +1,96 @@
+suite: runtimeclass
+tests:
+ - it: should support not having a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.runtimeClassName
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ notExists:
+ path: spec.template.spec.runtimeClassName
+
+ - it: should support setting a runtime class
+ templates:
+ - templates/deployment-api.yaml
+ - templates/deployment-scheduler.yaml
+ - templates/deployment-volume.yaml
+ - templates/cron-job-cinder-volume-usage-audit.yaml
+ - templates/deployment-backup.yaml
+ - templates/pod-rally-test.yaml
+ - templates/job-db-sync.yaml
+ set:
+ pod:
+ runtimeClassName:
+ cinder_api: kata-clh
+ cinder_backup: kata-clh
+ cinder_scheduler: kata-clh
+ cinder_tests: kata-clh
+ cinder_volume_usage_audit: kata-clh
+ cinder_volume: kata-clh
+ db_sync: kata-clh
+ asserts:
+ - template: templates/deployment-api.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-scheduler.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-volume.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/cron-job-cinder-volume-usage-audit.yaml
+ documentIndex: 3
+ equal:
+ path: spec.jobTemplate.spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/deployment-backup.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh
+ - template: templates/pod-rally-test.yaml
+ documentIndex: 3
+ equal:
+ path: spec.runtimeClassName
+ value: kata-clh
+ - template: templates/job-db-sync.yaml
+ documentIndex: 3
+ equal:
+ path: spec.template.spec.runtimeClassName
+ value: kata-clh