From c0141e14423e37b87f86ca442d9977bb8874c674 Mon Sep 17 00:00:00 2001
From: Pete Birley <pete@port.direct>
Date: Tue, 4 Apr 2017 10:42:12 -0500
Subject: [PATCH] Update Heat DB Jobs
---
heat/templates/bin/_db-init.sh.tpl | 36 --------------------------
heat/templates/bin/_db-sync.sh.tpl | 19 ++++++++++++++
heat/templates/configmap-bin.yaml | 6 +++--
heat/templates/etc/_heat.conf.tpl | 2 +-
heat/templates/job-db-init.yaml | 36 ++++++++++++++++++++------
heat/templates/job-db-sync.yaml | 24 ++++++++++-------
heat/templates/secret-db-root.env.yaml | 7 +++++
heat/values.yaml | 25 +++++++++++-------
8 files changed, 88 insertions(+), 67 deletions(-)
delete mode 100644 heat/templates/bin/_db-init.sh.tpl
create mode 100644 heat/templates/bin/_db-sync.sh.tpl
create mode 100644 heat/templates/secret-db-root.env.yaml
diff --git a/heat/templates/bin/_db-init.sh.tpl b/heat/templates/bin/_db-init.sh.tpl
deleted file mode 100644
index a2a6a629ce..0000000000
--- a/heat/templates/bin/_db-init.sh.tpl
+++ /dev/null
@@ -1,36 +0,0 @@
-#!/bin/bash
-
-# Copyright 2017 The Openstack-Helm Authors.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-set -ex
-export HOME=/tmp
-
-ansible localhost -vvv \
- -m mysql_db -a "login_host='{{ .Values.database.address }}' \
- login_port='{{ .Values.database.port }}' \
- login_user='{{ .Values.database.root_user }}' \
- login_password='{{ .Values.database.root_password }}' \
- name='{{ .Values.database.heat_database_name }}'"
-
-ansible localhost -vvv \
- -m mysql_user -a "login_host='{{ .Values.database.address }}' \
- login_port='{{ .Values.database.port }}' \
- login_user='{{ .Values.database.root_user }}' \
- login_password='{{ .Values.database.root_password }}' \
- name='{{ .Values.database.heat_user }}' \
- password='{{ .Values.database.heat_password }}' \
- host='%' \
- priv='{{ .Values.database.heat_database_name }}.*:ALL' \
- append_privs='yes'"
diff --git a/heat/templates/bin/_db-sync.sh.tpl b/heat/templates/bin/_db-sync.sh.tpl
new file mode 100644
index 0000000000..214887b43c
--- /dev/null
+++ b/heat/templates/bin/_db-sync.sh.tpl
@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+
+heat-manage db_sync
diff --git a/heat/templates/configmap-bin.yaml b/heat/templates/configmap-bin.yaml
index 518742c85f..60fd2bde50 100644
--- a/heat/templates/configmap-bin.yaml
+++ b/heat/templates/configmap-bin.yaml
@@ -17,8 +17,10 @@ kind: ConfigMap
metadata:
name: heat-bin
data:
- db-init.sh: |+
-{{ tuple "bin/_db-init.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
+ db-init.py: |
+{{- include "helm-toolkit.db_init" . | indent 4 }}
+ db-sync.sh: |
+{{ tuple "bin/_db-sync.sh.tpl" . | include "helm-toolkit.template" | indent 4 }}
ks-service.sh: |+
{{- include "helm-toolkit.keystone_service" . | indent 4 }}
ks-endpoints.sh: |+
diff --git a/heat/templates/etc/_heat.conf.tpl b/heat/templates/etc/_heat.conf.tpl
index c07ecd1297..702d04ade7 100644
--- a/heat/templates/etc/_heat.conf.tpl
+++ b/heat/templates/etc/_heat.conf.tpl
@@ -40,7 +40,7 @@ backend = oslo_cache.memcache_pool
memcache_servers = "{{ .Values.memcached.host }}:{{ .Values.memcached.port }}"
[database]
-connection = mysql+pymysql://{{ .Values.database.heat_user }}:{{ .Values.database.heat_password }}@{{ .Values.database.address }}:{{ .Values.database.port }}/{{ .Values.database.heat_database_name }}
+connection = {{ tuple "oslo_db" "internal" "user" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" }}
max_retries = -1
[keystone_authtoken]
diff --git a/heat/templates/job-db-init.yaml b/heat/templates/job-db-init.yaml
index b7b560536b..41edc90568 100644
--- a/heat/templates/job-db-init.yaml
+++ b/heat/templates/job-db-init.yaml
@@ -43,17 +43,37 @@ spec:
cpu: {{ .Values.resources.heat_db_init.limits.cpu | quote }}
{{- end }}
env:
- - name: ANSIBLE_LIBRARY
- value: /usr/share/ansible/
+ - name: ROOT_DB_CONNECTION
+ valueFrom:
+ secretKeyRef:
+ name: heat-db-root
+ key: DB_CONNECTION
+ - name: OPENSTACK_CONFIG_FILE
+ value: /etc/heat/heat.conf
+ - name: OPENSTACK_CONFIG_DB_SECTION
+ value: database
+ - name: OPENSTACK_CONFIG_DB_KEY
+ value: connection
command:
- - bash
- - /tmp/db-init.sh
+ - python
+ - /tmp/db-init.py
volumeMounts:
- - name: dbinitsh
- mountPath: /tmp/db-init.sh
- subPath: db-init.sh
+ - name: heat-bin
+ mountPath: /tmp/db-init.py
+ subPath: db-init.py
+ readOnly: true
+ - name: etcheat
+ mountPath: /etc/heat
+ - name: heatapiconf
+ mountPath: /etc/heat/heat.conf
+ subPath: heat.conf
readOnly: true
volumes:
- - name: dbinitsh
+ - name: etcheat
+ emptyDir: {}
+ - name: heatapiconf
+ configMap:
+ name: heat-etc
+ - name: heat-bin
configMap:
name: heat-bin
diff --git a/heat/templates/job-db-sync.yaml b/heat/templates/job-db-sync.yaml
index 187f1c21dd..5f8d340b46 100644
--- a/heat/templates/job-db-sync.yaml
+++ b/heat/templates/job-db-sync.yaml
@@ -43,21 +43,25 @@ spec:
cpu: {{ .Values.resources.heat_db_sync.limits.cpu | quote }}
{{- end }}
command:
- - heat-manage
- args:
- - --config-dir
- - /etc/heat/conf
- - db_sync
+ - bash
+ - /tmp/db-sync.sh
volumeMounts:
- - name: pod-etc-heat
+ - name: heat-bin
+ mountPath: /tmp/db-sync.sh
+ subPath: db-sync.sh
+ readOnly: true
+ - name: etcheat
mountPath: /etc/heat
- - name: heatconf
- mountPath: /etc/heat/conf/heat.conf
+ - name: heatapiconf
+ mountPath: /etc/heat/heat.conf
subPath: heat.conf
readOnly: true
volumes:
- - name: pod-etc-heat
+ - name: etcheat
emptyDir: {}
- - name: heatconf
+ - name: heatapiconf
configMap:
name: heat-etc
+ - name: heat-bin
+ configMap:
+ name: heat-bin
diff --git a/heat/templates/secret-db-root.env.yaml b/heat/templates/secret-db-root.env.yaml
new file mode 100644
index 0000000000..f8346a2eab
--- /dev/null
+++ b/heat/templates/secret-db-root.env.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: heat-db-root
+type: Opaque
+data:
+ DB_CONNECTION: {{ tuple "oslo_db" "internal" "admin" "mysql" . | include "helm-toolkit.authenticated_endpoint_uri_lookup" | b64enc }}
diff --git a/heat/values.yaml b/heat/values.yaml
index 61ff920eba..f591a396f5 100644
--- a/heat/values.yaml
+++ b/heat/values.yaml
@@ -30,7 +30,7 @@ labels:
images:
dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.1.1
- db_init: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
+ db_init: docker.io/kolla/ubuntu-source-heat-api:3.0.1
db_sync: docker.io/kolla/ubuntu-source-heat-api:3.0.1
ks_user: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
ks_service: quay.io/stackanetes/stackanetes-kolla-toolbox:newton
@@ -100,15 +100,6 @@ network:
enabled: false
port: 30003
-database:
- address: mariadb
- port: 3306
- root_user: root
- root_password: password
- heat_database_name: heat
- heat_password: password
- heat_user: heat
-
messaging:
hosts: rabbitmq
user: rabbitmq
@@ -218,6 +209,20 @@ endpoints:
scheme: 'http'
port:
api: 8003
+ oslo_db:
+ auth:
+ admin:
+ username: root
+ password: password
+ user:
+ username: heat
+ password: password
+ hosts:
+ default: mariadb
+ path: /heat
+ scheme: mysql+pymysql
+ port:
+ mysql: 3306
resources:
enabled: false