Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / 39149c35be7dc4cc4a8905ae1d7c84bb09c5c1ed / . / atmosphere / tasks / constants.py
blob: 4fc9aab707a911e68c405dcc52888df6da350c98 [file] [log] [blame]
Mohammed Naser7d3c7972022-11-07 10:54:56 -0500[diff] [blame]1import pkg_resources
2
3from atmosphere import utils
4
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]5NODE_SELECTOR_CONTROL_PLANE = {
6 "openstack-control-plane": "enabled",
7}
8
9NAMESPACE_CERT_MANAGER = "cert-manager"
10NAMESPACE_KUBE_SYSTEM = "kube-system"
11NAMESPACE_MONITORING = "monitoring"
12NAMESPACE_OPENSTACK = "openstack"
13
14HELM_REPOSITORY_BITNAMI = "bitnami"
15HELM_REPOSITORY_CEPH = "ceph"
16HELM_REPOSITORY_COREDNS = "coredns"
Mohammed Nasere04907d2022-10-05 21:39:31 +0000[diff] [blame]17
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]18HELM_REPOSITORY_INGRESS_NGINX = "ingress-nginx"
Mohammed Nasere04907d2022-10-05 21:39:31 +0000[diff] [blame]19HELM_REPOSITORY_INGRESS_NGINX_URL = "https://kubernetes.github.io/ingress-nginx"
20
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]21HELM_REPOSITORY_JETSTACK = "jetstack"
22HELM_REPOSITORY_NODE_FEATURE_DISCOVERY = "node-feature-discovery"
23HELM_REPOSITORY_OPENSTACK_HELM = "openstack-helm"
24HELM_REPOSITORY_OPENSTACK_HELM_INFRA = "openstack-helm-infra"
25HELM_REPOSITORY_PERCONA = "percona"
Mohammed Naserad5e2652022-11-25 18:31:36 +0000[diff] [blame]26
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]27HELM_REPOSITORY_PROMETHEUS_COMMUINTY = "prometheus-community"
Mohammed Naserad5e2652022-11-25 18:31:36 +0000[diff] [blame]28HELM_REPOSITORY_PROMETHEUS_COMMUINTY_URL = (
29 "https://prometheus-community.github.io/helm-charts"
30)
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]31
Mohammed Naser7d3c7972022-11-07 10:54:56 -0500[diff] [blame]32PROMETHEUS_MONITOR_RELABELING_SET_NODE_NAME_TO_INSTANCE = {
33 "sourceLabels": ["__meta_kubernetes_pod_node_name"],
34 "targetLabel": "instance",
35}
36PROMETHEUS_MONITOR_RELABELING_SET_POD_NAME_TO_INSTANCE = {
37 "sourceLabels": ["__meta_kubernetes_pod_name"],
38 "targetLabel": "instance",
39}
40PROMETHEUS_MONITOR_RELABELING_DROP_ALL_KUBERNETES_LABELS = {
41 "action": "labeldrop",
42 "regex": "^(container|endpoint|namespace|pod|node|service)$",
43}
44
45PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME = [
46 PROMETHEUS_MONITOR_RELABELING_SET_POD_NAME_TO_INSTANCE,
47 PROMETHEUS_MONITOR_RELABELING_DROP_ALL_KUBERNETES_LABELS,
48]
49PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME = [
50 PROMETHEUS_MONITOR_RELABELING_SET_NODE_NAME_TO_INSTANCE,
51 PROMETHEUS_MONITOR_RELABELING_DROP_ALL_KUBERNETES_LABELS,
52]
53PROMETHEUS_MONITOR_RELABELINGS_KUBELET = [
54 {"sourceLabels": ["__metrics_path__"], "targetLabel": "metrics_path"},
55 {"sourceLabels": ["node"], "targetLabel": "instance"},
56 PROMETHEUS_MONITOR_RELABELING_DROP_ALL_KUBERNETES_LABELS,
57]
58
59HELM_RELEASE_KUBE_PROMETHEUS_STACK_NAME = "kube-prometheus-stack"
Mohammed Naserba926072022-11-10 22:45:36 +0000[diff] [blame]60HELM_RELEASE_KUBE_PROMETHEUS_STACK_VERSION = "41.7.3"
Mohammed Naser7d3c7972022-11-07 10:54:56 -0500[diff] [blame]61HELM_RELEASE_KUBE_PROMETHEUS_STACK_VALUES = {
62 "defaultRules": {
63 "disabled": {
64 # NOTE(mnaser): https://github.com/prometheus-community/helm-charts/issues/144
65 # https://github.com/openshift/cluster-monitoring-operator/issues/248
66 "etcdHighNumberOfFailedGRPCRequests": True
67 }
68 },
69 "alertmanager": {
70 "serviceMonitor": {
71 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
72 },
73 "alertmanagerSpec": {
74 "storage": {
75 "volumeClaimTemplate": {
76 "spec": {
77 "storageClassName": "general",
78 "accessModes": ["ReadWriteOnce"],
79 "resources": {"requests": {"storage": "40Gi"}},
80 }
81 }
82 },
83 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
84 },
85 },
86 "grafana": {
87 "serviceMonitor": {
88 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
89 },
90 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
91 },
92 "kubeApiServer": {
93 "serviceMonitor": {
94 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME
95 }
96 },
97 "kubelet": {
98 "serviceMonitor": {
99 "cAdvisorRelabelings": PROMETHEUS_MONITOR_RELABELINGS_KUBELET,
100 "probesRelabelings": PROMETHEUS_MONITOR_RELABELINGS_KUBELET,
101 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_KUBELET,
102 }
103 },
104 "kubeControllerManager": {
105 "serviceMonitor": {
106 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME,
107 }
108 },
109 "coreDns": {
110 "serviceMonitor": {
111 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
112 }
113 },
114 "kubeEtcd": {
Mohammed Naserba926072022-11-10 22:45:36 +0000[diff] [blame]115 "service": {
116 "port": 2379,
117 "targetPort": 2379,
118 },
Mohammed Naser7d3c7972022-11-07 10:54:56 -0500[diff] [blame]119 "serviceMonitor": {
120 "scheme": "https",
121 "serverName": "localhost",
122 "insecureSkipVerify": False,
123 "caFile": "/etc/prometheus/secrets/kube-prometheus-stack-etcd-client-cert/ca.crt",
124 "certFile": "/etc/prometheus/secrets/kube-prometheus-stack-etcd-client-cert/healthcheck-client.crt",
125 "keyFile": "/etc/prometheus/secrets/kube-prometheus-stack-etcd-client-cert/healthcheck-client.key",
126 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME,
Mohammed Naserba926072022-11-10 22:45:36 +0000[diff] [blame]127 },
Mohammed Naser7d3c7972022-11-07 10:54:56 -0500[diff] [blame]128 },
129 "kubeScheduler": {
130 "service": {"port": 10259, "targetPort": 10259},
131 "serviceMonitor": {
132 "https": True,
133 "insecureSkipVerify": True,
134 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME,
135 },
136 },
137 "kubeProxy": {
138 "serviceMonitor": {
139 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME
140 }
141 },
142 "kube-state-metrics": {
143 "prometheus": {
144 "monitor": {
145 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
146 }
147 },
148 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
149 },
150 "prometheus": {
151 "serviceMonitor": {
152 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
153 },
154 "prometheusSpec": {
155 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
156 "secrets": ["kube-prometheus-stack-etcd-client-cert"],
157 },
158 "additionalServiceMonitors": [
159 {
160 "name": "ceph",
161 "jobLabel": "application",
162 "selector": {"matchLabels": {"application": "ceph"}},
163 "namespaceSelector": {"matchNames": ["openstack"]},
164 "endpoints": [
165 {
166 "port": "metrics",
167 "honorLabels": True,
168 "relabelings": [
169 {
170 "action": "replace",
171 "regex": "(.*)",
172 "replacement": "ceph",
173 "targetLabel": "cluster",
174 },
175 PROMETHEUS_MONITOR_RELABELING_DROP_ALL_KUBERNETES_LABELS,
176 ],
177 }
178 ],
179 },
180 {
181 "name": "coredns",
182 "jobLabel": "app.kubernetes.io/name",
183 "namespaceSelector": {"matchNames": ["openstack"]},
184 "selector": {
185 "matchLabels": {
186 "app.kubernetes.io/name": "coredns",
187 "app.kubernetes.io/component": "metrics",
188 }
189 },
190 "endpoints": [
191 {
192 "port": "metrics",
193 "relabelings": [
194 {
195 "sourceLabels": [
196 "__meta_kubernetes_pod_label_application"
197 ],
198 "targetLabel": "application",
199 },
200 ]
201 + PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME,
202 }
203 ],
204 },
205 {
206 "name": "memcached",
207 "jobLabel": "application",
208 "namespaceSelector": {"matchNames": ["openstack"]},
209 "selector": {
210 "matchLabels": {"application": "memcached", "component": "server"}
211 },
212 "endpoints": [
213 {
214 "port": "metrics",
215 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME,
216 }
217 ],
218 },
219 {
220 "name": "openstack-exporter",
221 "jobLabel": "jobLabel",
222 "namespaceSelector": {"matchNames": ["openstack"]},
223 "selector": {"matchLabels": {"application": "openstack-exporter"}},
224 "endpoints": [
225 {
226 "interval": "1m",
227 "scrapeTimeout": "30s",
228 "port": "metrics",
229 "relabelings": [
230 {
231 "action": "replace",
232 "regex": "(.*)",
233 "replacement": "default",
234 "targetLabel": "instance",
235 }
236 ],
237 }
238 ],
239 },
240 ],
241 "additionalPodMonitors": [
242 {
243 "name": "ethtool-exporter",
244 "jobLabel": "job",
245 "selector": {"matchLabels": {"application": "ethtool-exporter"}},
246 "podMetricsEndpoints": [
247 {
248 "port": "metrics",
249 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME,
250 }
251 ],
252 },
253 {
254 "name": "ipmi-exporter",
255 "jobLabel": "job",
256 "selector": {"matchLabels": {"application": "ipmi-exporter"}},
257 "podMetricsEndpoints": [
258 {
259 "port": "metrics",
260 "interval": "60s",
261 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME,
262 }
263 ],
264 },
265 {
266 "name": "percona-xtradb-pxc",
267 "jobLabel": "app.kubernetes.io/component",
268 "namespaceSelector": {"matchNames": ["openstack"]},
269 "selector": {
270 "matchLabels": {
271 "app.kubernetes.io/component": "pxc",
272 "app.kubernetes.io/instance": "percona-xtradb",
273 }
274 },
275 "podMetricsEndpoints": [
276 {
277 "port": "metrics",
278 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME,
279 }
280 ],
281 },
282 {
283 "name": "rabbitmq",
284 "jobLabel": "app.kubernetes.io/component",
285 "namespaceSelector": {"matchNames": ["openstack"]},
286 "selector": {
287 "matchLabels": {"app.kubernetes.io/component": "rabbitmq"}
288 },
289 "podMetricsEndpoints": [
290 {
291 "port": "prometheus",
292 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME,
293 }
294 ],
295 },
296 ],
297 },
298 "prometheusOperator": {
299 "admissionWebhooks": {"patch": NODE_SELECTOR_CONTROL_PLANE},
300 "serviceMonitor": {
301 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_POD_NAME
302 },
303 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
304 },
305 "prometheus-node-exporter": {
306 "extraArgs": [
307 "--collector.diskstats.ignored-devices=^(ram|loop|nbd|fd|(h|s|v|xv)d[a-z]|nvme\\d+n\\d+p)\\d+$",
308 "--collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|fuse.squashfuse_ll|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$", # noqa: E501
309 "--collector.filesystem.mount-points-exclude=^/(dev|proc|run/credentials/.+|sys|var/lib/docker/.+|var/lib/kubelet/pods/.+|var/lib/kubelet/plugins/kubernetes.io/csi/.+|run/containerd/.+)($|/)", # noqa: E501
310 "--collector.netclass.ignored-devices=^(lxc|cilium_|qbr|qvb|qvo|tap|ovs-system|br|tbr|gre_sys).*$",
311 "--collector.netdev.device-exclude=^(lxc|cilium_|qbr|qvb|qvo|tap|ovs-system|br|tbr|gre_sys).*$",
312 ],
313 "prometheus": {
314 "monitor": {
315 "relabelings": PROMETHEUS_MONITOR_RELABELINGS_INSTANCE_TO_NODE_NAME
316 }
317 },
318 },
319 "additionalPrometheusRulesMap": utils.load_jsonnet_from_path(
320 pkg_resources.resource_filename("atmosphere.jsonnet", "rules.jsonnet")
321 ),
322}
323
Mohammed Naser46475f82022-09-28 15:56:13 -0400[diff] [blame]324HELM_RELEASE_INGRESS_NGINX_NAME = "ingress-nginx"
325HELM_RELEASE_INGRESS_NGINX_VERSION = "4.0.17"
326HELM_RELEASE_INGRESS_NGINX_VALUES = {
327 "controller": {
328 "config": {"proxy-buffer-size": "16k"},
329 "dnsPolicy": "ClusterFirstWithHostNet",
330 "hostNetwork": True,
331 "ingressClassResource": {"name": "openstack"},
332 "ingressClass": "openstack",
Mohammed Naser46475f82022-09-28 15:56:13 -0400[diff] [blame]333 "kind": "DaemonSet",
334 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
335 "service": {"type": "ClusterIP"},
336 "admissionWebhooks": {"port": 7443},
337 },
338 "defaultBackend": {"enabled": True},
Mohammed Naser54e074c2022-10-04 19:24:11 +0000[diff] [blame]339 "tcp": {
340 "5354": "openstack/minidns:5354",
341 },
Michiel Piscaer02a52132022-10-13 10:48:10 +0200[diff] [blame]342 "udp": {
343 "5354": "openstack/minidns:5354",
344 },
Mohammed Naser46475f82022-09-28 15:56:13 -0400[diff] [blame]345}
346
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]347HELM_RELEASE_CERT_MANAGER_NAME = "cert-manager"
348HELM_RELEASE_CERT_MANAGER_VERSION = "v1.7.1"
349HELM_RELEASE_CERT_MANAGER_VALUES = {
350 "installCRDs": True,
Mohammed Naserc5824202022-11-12 17:17:02 +0000[diff] [blame]351 "featureGates": "AdditionalCertificateOutputFormats=true",
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]352 "volumes": [
353 {
354 "name": "etc-ssl-certs",
355 "hostPath": {
356 "path": "/etc/ssl/certs",
357 },
358 }
359 ],
360 "volumeMounts": [
361 {
362 "name": "etc-ssl-certs",
363 "mountPath": "/etc/ssl/certs",
364 "readOnly": True,
365 }
366 ],
367 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
368 "webhook": {
Mohammed Naserc5824202022-11-12 17:17:02 +0000[diff] [blame]369 "extraArgs": [
370 "--feature-gates=AdditionalCertificateOutputFormats=true",
371 ],
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]372 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
373 },
374 "cainjector": {
375 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
376 },
377 "startupapicheck": {
378 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
379 },
380}
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]381
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]382HELM_RELEASE_NODE_FEATURE_DISCOVERY_VALUES = {
383 "master": {"nodeSelector": NODE_SELECTOR_CONTROL_PLANE}
384}
385
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]386HELM_RELEASE_RABBITMQ_OPERATOR_NAME = "rabbitmq-cluster-operator"
387HELM_RELEASE_RABBITMQ_OPERATOR_VERSION = "2.5.2"
388HELM_RELEASE_RABBITMQ_OPERATOR_VALUES = {
389 "rabbitmqImage": {"repository": "library/rabbitmq", "tag": "3.10.2-management"},
390 "credentialUpdaterImage": {
391 "repository": "rabbitmqoperator/default-user-credential-updater",
392 "tag": "1.0.2",
393 },
394 "clusterOperator": {
395 "fullnameOverride": "rabbitmq-cluster-operator",
396 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
397 "image": {
398 "repository": "rabbitmqoperator/cluster-operator",
399 "tag": "1.13.1",
400 },
401 },
402 "msgTopologyOperator": {
403 "fullnameOverride": "rabbitmq-messaging-topology-operator",
404 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
405 "image": {
406 "repository": "rabbitmqoperator/messaging-topology-operator",
407 "tag": "1.6.0",
408 },
409 },
410 "useCertManager": True,
411}
Mohammed Naser5e1dce92022-09-28 15:50:57 -0400[diff] [blame]412HELM_RELEASE_RABBITMQ_OPERATOR_REQUIRES = set(
413 [
414 f"helm-release-{NAMESPACE_CERT_MANAGER}-{HELM_RELEASE_CERT_MANAGER_NAME}",
415 ]
416)
Mohammed Nasere1e1ae42022-09-26 20:03:27 -0400[diff] [blame]417
Mohammed Naserbdb97742022-09-26 15:20:49 -0400[diff] [blame]418HELM_RELEASE_PXC_OPERATOR_NAME = "pxc-operator"
419HELM_RELEASE_PXC_OPERATOR_VERSION = "1.10.0"
420HELM_RELEASE_PXC_OPERATOR_VALUES = {
421 "nodeSelector": NODE_SELECTOR_CONTROL_PLANE,
422}
Mohammed Naser196945a2022-09-26 22:40:32 -0400[diff] [blame]423
424HELM_RELEASE_KEYSTONE_NAME = "keystone"
425
426HELM_RELEASE_BARBICAN_NAME = "barbican"
427
428HELM_RELEASE_GLANCE_NAME = "glance"
429
430HELM_RELEASE_CINDER_NAME = "cinder"
431
432HELM_RELEASE_NEUTRON_NAME = "neutron"
433
434HELM_RELEASE_NOVA_NAME = "nova"
435
okozachenko1203d8d2aa12022-10-22 00:55:14 +1100[diff] [blame]436HELM_RELEASE_OCTAVIA_NAME = "octavia"
437
Mohammed Naser196945a2022-09-26 22:40:32 -0400[diff] [blame]438HELM_RELEASE_SENLIN_NAME = "senlin"
439
Mohammed Naserfb2c19d2022-12-06 02:14:03 +0000[diff] [blame]440HELM_RELEASE_DESIGNATE_NAME = "designate"
441
Mohammed Naser196945a2022-09-26 22:40:32 -0400[diff] [blame]442HELM_RELEASE_HEAT_NAME = "heat"
okozachenko12037d3c4882022-09-28 19:34:33 +1000[diff] [blame]443