Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/main / . / charts / ironic / templates / statefulset-conductor.yaml
blob: fc0031ef9cedf89775f188f3a2ce6a88692f4886 [file] [log] [blame]
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]1{{/*
2Licensed under the Apache License, Version 2.0 (the "License");
3you may not use this file except in compliance with the License.
4You may obtain a copy of the License at
5
6 http://www.apache.org/licenses/LICENSE-2.0
7
8Unless required by applicable law or agreed to in writing, software
9distributed under the License is distributed on an "AS IS" BASIS,
10WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11See the License for the specific language governing permissions and
12limitations under the License.
13*/}}
14
15{{- if .Values.manifests.statefulset_conductor }}
16{{- $envAll := . }}
17
18{{- $mounts_ironic_conductor := .Values.pod.mounts.ironic_conductor.ironic_conductor }}
19{{- $mounts_ironic_conductor_init := .Values.pod.mounts.ironic_conductor.init_container }}
20
21{{- $serviceAccountName := "ironic-conductor" }}
22{{ tuple $envAll "conductor" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
23---
24apiVersion: apps/v1
25kind: StatefulSet
26metadata:
27 name: ironic-conductor
28 annotations:
29 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
30 labels:
31{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
32spec:
33 serviceName: ironic-conductor
34 replicas: {{ .Values.pod.replicas.conductor }}
35 selector:
36 matchLabels:
37{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
38 template:
39 metadata:
40 labels:
41{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
42 annotations:
43{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
44 configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
45 configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
46 spec:
Dong Ma36b89222025-02-13 16:15:52 +0000[diff] [blame]47{{ with .Values.pod.priorityClassName.ironic_conductor }}
48 priorityClassName: {{ . }}
49{{ end }}
50{{ with .Values.pod.runtimeClassName.ironic_conductor }}
51 runtimeClassName: {{ . }}
52{{ end }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]53 serviceAccountName: {{ $serviceAccountName }}
54 affinity:
55{{ tuple $envAll "ironic" "conductor" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
56 nodeSelector:
57 {{ .Values.labels.conductor.node_selector_key }}: {{ .Values.labels.conductor.node_selector_value }}
58{{ if $envAll.Values.pod.tolerations.ironic.enabled }}
59{{ tuple $envAll "ironic" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 10 }}
60{{ end }}
61 securityContext:
62 runAsUser: 0
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]63{{ if .Values.pod.useHostNetwork.conductor }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]64 hostNetwork: True
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]65 dnsPolicy: ClusterFirstWithHostNet
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]66{{ end }}
67{{ if .Values.pod.useHostIPC.conductor }}
68 hostIPC: True
69{{ end }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]70 initContainers:
71{{ tuple $envAll "conductor" $mounts_ironic_conductor_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]72{{- if $envAll.Values.conductor.pxe.enabled }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]73 - name: ironic-conductor-pxe-init
74{{ tuple $envAll "ironic_pxe_init" | include "helm-toolkit.snippets.image" | indent 10 }}
75{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
76 command:
77 - /tmp/ironic-conductor-pxe-init.sh
78 volumeMounts:
79 - name: pod-tmp
80 mountPath: /tmp
81 - name: ironic-bin
82 mountPath: /tmp/ironic-conductor-pxe-init.sh
83 subPath: ironic-conductor-pxe-init.sh
84 readOnly: true
85 - name: pod-data
86 mountPath: /var/lib/openstack-helm
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]87{{- end }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]88 - name: ironic-conductor-init
89{{ tuple $envAll "ironic_conductor" | include "helm-toolkit.snippets.image" | indent 10 }}
90{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
91 env:
92 - name: PROVISIONER_INTERFACE
93 value: {{ .Values.network.pxe.device }}
94 command:
95 - /tmp/ironic-conductor-init.sh
96 volumeMounts:
97 - name: pod-tmp
98 mountPath: /tmp
99 - name: ironic-bin
100 mountPath: /tmp/ironic-conductor-init.sh
101 subPath: ironic-conductor-init.sh
102 readOnly: true
103 - name: pod-shared
104 mountPath: /tmp/pod-shared
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]105{{- if $envAll.Values.conductor.http.enabled }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]106 - name: ironic-conductor-http-init
107{{ tuple $envAll "ironic_conductor" | include "helm-toolkit.snippets.image" | indent 10 }}
108{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
109 env:
110 - name: PROVISIONER_INTERFACE
111 value: {{ .Values.network.pxe.device }}
112 command:
113 - /tmp/ironic-conductor-http-init.sh
114 volumeMounts:
115 - name: pod-tmp
116 mountPath: /tmp
117 - name: ironic-bin
118 mountPath: /tmp/ironic-conductor-http-init.sh
119 subPath: ironic-conductor-http-init.sh
120 readOnly: true
121 - name: ironic-etc
122 mountPath: /etc/nginx/nginx.conf
123 subPath: nginx.conf
124 readOnly: true
125 - name: pod-shared
126 mountPath: /tmp/pod-shared
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]127{{- end }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]128{{- if and (.Values.bootstrap.object_store.enabled) (.Values.bootstrap.object_store.openstack.enabled) }}
129 - name: ironic-retrive-swift-config
130{{ tuple $envAll "ironic_retrive_swift_config" | include "helm-toolkit.snippets.image" | indent 10 }}
131{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
132 env:
133 - name: OS_SWIFT_API_VERSION
134 value: {{ .Values.conf.ironic.glance.swift_api_version | quote }}
135{{- with $env := dict "ksUserSecret" .Values.secrets.identity.glance }}
136{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
137{{- end }}
138 command:
139 - /tmp/retreive-swift-config.sh
140 volumeMounts:
141 - name: pod-tmp
142 mountPath: /tmp
143 - name: ironic-bin
144 mountPath: /tmp/retreive-swift-config.sh
145 subPath: retreive-swift-config.sh
146 readOnly: true
147 - name: pod-shared
148 mountPath: /tmp/pod-shared
149{{- end }}
150{{- if and (.Values.bootstrap.network.enabled) (.Values.bootstrap.network.openstack.enabled) }}
151 - name: ironic-retrive-cleaning-net
152{{ tuple $envAll "ironic_retrive_cleaning_network" | include "helm-toolkit.snippets.image" | indent 10 }}
153{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
154 env:
155{{- with $env := dict "ksUserSecret" .Values.secrets.identity.ironic }}
156{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 12 }}
157{{- end }}
158{{ include "helm-toolkit.utils.to_k8s_env_vars" $envAll.Values.network.pxe | indent 12 }}
159 command:
160 - /tmp/retreive-cleaning-network.sh
161 volumeMounts:
162 - name: pod-tmp
163 mountPath: /tmp
164 - name: ironic-bin
165 mountPath: /tmp/retreive-cleaning-network.sh
166 subPath: retreive-cleaning-network.sh
167 readOnly: true
168 - name: pod-shared
169 mountPath: /tmp/pod-shared
170{{- end }}
171 containers:
172 - name: ironic-conductor
173{{ tuple $envAll "ironic_conductor" | include "helm-toolkit.snippets.image" | indent 10 }}
174{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
175 securityContext:
176 privileged: true
177 command:
178 - /tmp/ironic-conductor.sh
179 volumeMounts:
180 - name: pod-tmp
181 mountPath: /tmp
182 - name: ironic-bin
183 mountPath: /tmp/ironic-conductor.sh
184 subPath: ironic-conductor.sh
185 readOnly: true
186 - name: pod-shared
187 mountPath: /tmp/pod-shared
188 - name: pod-var-cache-ironic
189 mountPath: /var/cache/ironic
190 - name: ironic-etc
191 mountPath: /etc/ironic/ironic.conf
192 subPath: ironic.conf
193 readOnly: true
194 {{- if .Values.conf.ironic.DEFAULT.log_config_append }}
195 - name: ironic-etc
196 mountPath: {{ .Values.conf.ironic.DEFAULT.log_config_append }}
197 subPath: {{ base .Values.conf.ironic.DEFAULT.log_config_append }}
198 readOnly: true
199 {{- end }}
200 - name: ironic-etc
201 mountPath: /etc/ironic/policy.yaml
202 subPath: policy.yaml
203 readOnly: true
204 - name: host-var-lib-ironic
205 mountPath: /var/lib/ironic
206 - name: host-run
207 mountPath: /var/run
208 - name: host-dev
209 mountPath: /dev
210 - name: host-sys
211 mountPath: /sys
212 - name: pod-data
213 mountPath: /var/lib/openstack-helm
214{{ if $mounts_ironic_conductor.volumeMounts }}{{ toYaml $mounts_ironic_conductor.volumeMounts | indent 12 }}{{ end }}
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]215{{- if $envAll.Values.conductor.pxe.enabled }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]216 - name: ironic-conductor-pxe
217{{ tuple $envAll "ironic_pxe" | include "helm-toolkit.snippets.image" | indent 10 }}
218{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
219 securityContext:
220 privileged: true
221 env:
222 - name: PROVISIONER_INTERFACE
223 value: {{ .Values.network.pxe.device }}
224 command:
225 - /tmp/ironic-conductor-pxe.sh
226 volumeMounts:
227 - name: pod-tmp
228 mountPath: /tmp
229 - name: ironic-bin
230 mountPath: /tmp/ironic-conductor-pxe.sh
231 subPath: ironic-conductor-pxe.sh
232 readOnly: true
233 - name: ironic-etc
234 mountPath: /tftp-map-file
235 subPath: tftp-map-file
236 readOnly: true
237 - name: pod-data
238 mountPath: /var/lib/openstack-helm
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]239{{- end }}
240{{- if $envAll.Values.conductor.http.enabled }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]241 - name: ironic-conductor-http
242{{ tuple $envAll "ironic_pxe_http" | include "helm-toolkit.snippets.image" | indent 10 }}
243{{ tuple $envAll $envAll.Values.pod.resources.conductor | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
244 command:
245 - /tmp/ironic-conductor-http.sh
246 volumeMounts:
247 - name: pod-tmp
248 mountPath: /tmp
249 - name: ironic-bin
250 mountPath: /tmp/ironic-conductor-http.sh
251 subPath: ironic-conductor-http.sh
252 readOnly: true
253 - name: pod-shared
254 mountPath: /tmp/pod-shared
255 readOnly: true
256 - name: pod-data
257 mountPath: /var/lib/openstack-helm
258{{ if $mounts_ironic_conductor.volumeMounts }}{{ toYaml $mounts_ironic_conductor.volumeMounts | indent 12 }}{{ end }}
Oleksandr K.ae821ee2024-08-08 20:00:26 +0200[diff] [blame]259{{- end }}
Mohammed Naser298f0272024-07-29 18:43:25 -0400[diff] [blame]260 volumes:
261 - name: pod-tmp
262 emptyDir: {}
263 - name: pod-shared
264 emptyDir: {}
265 - name: pod-var-cache-ironic
266 emptyDir: {}
267 - name: ironic-bin
268 configMap:
269 name: ironic-bin
270 defaultMode: 0555
271 - name: ironic-etc
272 secret:
273 secretName: ironic-etc
274 defaultMode: 0444
275 - name: host-var-lib-ironic
276 hostPath:
277 path: /var/lib/ironic
278 - name: host-run
279 hostPath:
280 path: /var/run
281 - name: host-dev
282 hostPath:
283 path: /dev
284 - name: host-sys
285 hostPath:
286 path: /sys
287 - name: pod-data
288 emptyDir: {}
289{{ if $mounts_ironic_conductor.volumes }}{{ toYaml $mounts_ironic_conductor.volumes | indent 8 }}{{ end }}
290{{- end }}