diff --git a/cinder/templates/bin/_iscsiadm.tpl b/cinder/templates/bin/_iscsiadm.tpl new file mode 100644 index 00000000..f27d757b --- /dev/null +++ b/cinder/templates/bin/_iscsiadm.tpl @@ -0,0 +1,20 @@ +#!/bin/bash + +{{/* +Copyright 2020 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +chroot /mnt/host-rootfs /usr/bin/env -i PATH="/sbin:/bin:/usr/bin" \ + iscsiadm "${@:1}" diff --git a/cinder/templates/configmap-bin.yaml b/cinder/templates/configmap-bin.yaml index df96fabf..732b0bd4 100644 --- a/cinder/templates/configmap-bin.yaml +++ b/cinder/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: cinder-bin data: +{{- if .Values.conf.enable_iscsi }} + iscsiadm: | +{{ tuple "bin/_iscsiadm.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- end }} {{- if .Values.images.local_registry.active }} image-repo-sync.sh: | {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml index 3411305a..3abb2183 100755 --- a/cinder/templates/deployment-volume.yaml +++ b/cinder/templates/deployment-volume.yaml @@ -52,6 +52,9 @@ spec: {{ tuple $envAll "cinder" "volume" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} nodeSelector: {{ .Values.labels.volume.node_selector_key }}: {{ .Values.labels.volume.node_selector_value }} +{{- if .Values.pod.useHostNetwork.volume }} + hostNetwork: true +{{- end }} initContainers: {{ tuple $envAll "volume" $mounts_cinder_volume_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} {{- range $name := rest (splitList "," (include "cinder.utils.ceph_backend_list" $envAll)) }} @@ -195,6 +198,22 @@ spec: readOnly: true {{- end }} {{- end }} + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + mountPath: /mnt/host-rootfs + - name: runlock + mountPath: /run/lock + - name: etciscsi + mountPath: /etc/iscsi + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: usrlocalsbin + mountPath: /usr/local/sbin + - name: cinder-bin + mountPath: /usr/local/sbin/iscsiadm + subPath: iscsiadm + {{- end }} {{ if $mounts_cinder_volume.volumeMounts }}{{ toYaml $mounts_cinder_volume.volumeMounts | indent 12 }}{{ end }} volumes: - name: pod-tmp @@ -228,5 +247,18 @@ spec: - name: cinder-coordination emptyDir: {} {{- end }} + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + hostPath: + path: / + - name: runlock + hostPath: + path: /run/lock + - name: etciscsi + hostPath: + path: /etc/iscsi + - name: usrlocalsbin + emptyDir: {} + {{- end }} {{ if $mounts_cinder_volume.volumes }}{{ toYaml $mounts_cinder_volume.volumes | indent 8 }}{{ end }} {{- end }} diff --git a/cinder/values.yaml b/cinder/values.yaml index d7d8c5c3..c3936e16 100644 --- a/cinder/values.yaml +++ b/cinder/values.yaml @@ -143,7 +143,8 @@ pod: default: kubernetes.io/hostname weight: default: 10 - + useHostNetwork: + volume: false mounts: cinder_api: init_container: null @@ -1025,7 +1026,7 @@ conf: - name - volume_type volume_type: [] - + enable_iscsi: false backup: external_ceph_rbd: enabled: false diff --git a/nova/templates/bin/_iscsiadm.tpl b/nova/templates/bin/_iscsiadm.tpl new file mode 100644 index 00000000..edb50175 --- /dev/null +++ b/nova/templates/bin/_iscsiadm.tpl @@ -0,0 +1,20 @@ +#!/bin/bash + +{{/* +Copyright 2020 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +chroot /mnt/host-rootfs /usr/bin/env -i PATH="/sbin:/bin:/usr/bin" \ + iscsiadm "${@:1}" diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index 0d94b92b..398e035c 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -23,6 +23,10 @@ kind: ConfigMap metadata: name: nova-bin data: +{{- if .Values.conf.enable_iscsi }} + iscsiadm: | +{{ tuple "bin/_iscsiadm.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} +{{- end }} {{- if .Values.images.local_registry.active }} image-repo-sync.sh: | {{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index ff835a43..564b1015 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -64,6 +64,7 @@ spec: value: "{{ .Values.pod.user.nova.uid }}" command: - /tmp/nova-compute-init.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -84,6 +85,7 @@ spec: - -R - "nova:" - /etc/ceph + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -95,6 +97,7 @@ spec: {{ dict "envAll" $envAll "application" "nova" "container" "ceph_admin_keyring_placement" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} command: - /tmp/ceph-admin-keyring.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -125,6 +128,7 @@ spec: value: "{{ .Values.conf.ceph.secret_uuid }}" command: - /tmp/ceph-keyring.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -145,6 +149,7 @@ spec: {{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_vnc_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} command: - /tmp/nova-console-compute-init.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -162,6 +167,7 @@ spec: {{ dict "envAll" $envAll "application" "nova" "container" "nova_compute_spice_init" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }} command: - /tmp/nova-console-compute-init.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -223,6 +229,7 @@ spec: timeoutSeconds: 580 command: - /tmp/nova-compute.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -316,6 +323,25 @@ spec: - name: machine-id mountPath: /etc/machine-id readOnly: true + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + mountPath: /mnt/host-rootfs + - name: usrlocalsbin + mountPath: /usr/local/sbin + - name: etciscsi + mountPath: /etc/iscsi + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: dev + mountPath: /dev + {{- if or ( gt .Capabilities.KubeVersion.Major "1" ) ( ge .Capabilities.KubeVersion.Minor "10" ) }} + mountPropagation: Bidirectional + {{- end }} + - name: nova-bin + mountPath: /usr/local/sbin/iscsiadm + subPath: iscsiadm + {{- end }} {{ if $mounts_nova_compute.volumeMounts }}{{ toYaml $mounts_nova_compute.volumeMounts | indent 12 }}{{ end }} {{- if .Values.network.sshd.enabled }} - name: nova-compute-ssh @@ -333,6 +359,7 @@ spec: - containerPort: {{ .Values.network.ssh.port }} command: - /tmp/ssh-start.sh + terminationMessagePath: /var/log/termination-log volumeMounts: - name: pod-tmp mountPath: /tmp @@ -400,6 +427,19 @@ spec: - name: machine-id hostPath: path: /etc/machine-id + {{- if .Values.conf.enable_iscsi }} + - name: host-rootfs + hostPath: + path: / + - name: etciscsi + hostPath: + path: /etc/iscsi + - name: dev + hostPath: + path: /dev + - name: usrlocalsbin + emptyDir: {} + {{- end }} {{ if $mounts_nova_compute.volumes }}{{ toYaml $mounts_nova_compute.volumes | indent 8 }}{{ end }} {{- end }} {{- end }} diff --git a/nova/values.yaml b/nova/values.yaml index e65b7cb9..a25ef3f4 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -1759,6 +1759,7 @@ conf: keys: - root - nova + - os.brick handlers: keys: - stdout @@ -1776,6 +1777,11 @@ conf: handlers: - stdout qualname: nova + logger_os.brick: + level: INFO + handlers: + - stdout + qualname: os.brick logger_amqp: level: WARNING handlers: stderr @@ -1828,6 +1834,7 @@ conf: priority: 0 apply-to: all pattern: '^(?!(amq\.|reply_)).*' + enable_iscsi: false # Names of secrets used by bootstrap and environmental checks secrets: