From ca5b5b005d2ca454015f8b0faa54372c60a0e40a Mon Sep 17 00:00:00 2001
From: "Suren A. Chilingaryan" <csa@suren.me>
Date: Fri, 23 Feb 2018 02:16:43 +0100
Subject: GlusterFS subpaths, ADEI frontend pods, fixes
---
roles/ands_kaas/templates/0-gfs-volumes.yml.j2 | 39 -----
roles/ands_kaas/templates/00-gfs-volumes.yml.j2 | 39 +++++
roles/ands_kaas/templates/50-kaas-pods.yml.j2 | 200 ++++++++++++++++++++++++
roles/ands_kaas/templates/6-kaas-pods.yml.j2 | 199 -----------------------
4 files changed, 239 insertions(+), 238 deletions(-)
delete mode 100644 roles/ands_kaas/templates/0-gfs-volumes.yml.j2
create mode 100644 roles/ands_kaas/templates/00-gfs-volumes.yml.j2
create mode 100644 roles/ands_kaas/templates/50-kaas-pods.yml.j2
delete mode 100644 roles/ands_kaas/templates/6-kaas-pods.yml.j2
(limited to 'roles/ands_kaas/templates')
diff --git a/roles/ands_kaas/templates/0-gfs-volumes.yml.j2 b/roles/ands_kaas/templates/0-gfs-volumes.yml.j2
deleted file mode 100644
index 8e5842a..0000000
--- a/roles/ands_kaas/templates/0-gfs-volumes.yml.j2
+++ /dev/null
@@ -1,39 +0,0 @@
----
-apiVersion: v1
-kind: Template
-metadata:
- name:
- annotations:
- descriptions: "KATRIN Volumes"
-objects:
-{% for name, vol in (kaas_project_config.volumes | default(kaas_openshift_volumes)).iteritems() %}
-{% set oc_name = vol.name | default(name) | regex_replace('_','-') %}
- - apiVersion: v1
- kind: PersistentVolume
- metadata:
- name: {{ oc_name }}
- spec:
- persistentVolumeReclaimPolicy: Retain
- glusterfs:
- endpoints: {{ kaas_glusterfs_endpoints }}
- path: {{ vol.volume }}
- readOnly: {{ not (vol.write | default(false)) }}
- accessModes:
- - {{ vol.access | default('ReadWriteMany') }}
- capacity:
- storage: {{ vol.capacity | default(kaas_default_volume_capacity) }}
- claimRef:
- name: {{ oc_name }}
- namespace: {{ kaas_project }}
- - apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: {{ oc_name }}
- spec:
- volumeName: {{ oc_name }}
- accessModes:
- - {{ vol.access | default('ReadWriteMany') }}
- resources:
- requests:
- storage: {{ vol.capacity | default(kaas_default_volume_capacity) }}
-{% endfor %}
diff --git a/roles/ands_kaas/templates/00-gfs-volumes.yml.j2 b/roles/ands_kaas/templates/00-gfs-volumes.yml.j2
new file mode 100644
index 0000000..c90c610
--- /dev/null
+++ b/roles/ands_kaas/templates/00-gfs-volumes.yml.j2
@@ -0,0 +1,39 @@
+---
+apiVersion: v1
+kind: Template
+metadata:
+ name:
+ annotations:
+ descriptions: "KATRIN Volumes"
+objects:
+{% for name, vol in (kaas_project_config.volumes | default(kaas_openshift_volumes)).iteritems() %}
+{% set oc_name = vol.name | default(name) | regex_replace('_','-') %}
+ - apiVersion: v1
+ kind: PersistentVolume
+ metadata:
+ name: {{ oc_name }}
+ spec:
+ persistentVolumeReclaimPolicy: Retain
+ glusterfs:
+ endpoints: {{ kaas_glusterfs_endpoints }}
+ path: "{{ vol.volume }}{{vol.path}}"
+ readOnly: {{ not (vol.write | default(false)) }}
+ accessModes:
+ - {{ vol.access | default(vol.write | default(false) | ternary('ReadWriteMany', 'ReadOnlyMany')) }}
+ capacity:
+ storage: {{ vol.capacity | default(kaas_default_volume_capacity) }}
+ claimRef:
+ name: {{ oc_name }}
+ namespace: {{ kaas_project }}
+ - apiVersion: v1
+ kind: PersistentVolumeClaim
+ metadata:
+ name: {{ oc_name }}
+ spec:
+ volumeName: {{ oc_name }}
+ accessModes:
+ - {{ vol.access | default('ReadWriteMany') }}
+ resources:
+ requests:
+ storage: {{ vol.capacity | default(kaas_default_volume_capacity) }}
+{% endfor %}
diff --git a/roles/ands_kaas/templates/50-kaas-pods.yml.j2 b/roles/ands_kaas/templates/50-kaas-pods.yml.j2
new file mode 100644
index 0000000..49dab3f
--- /dev/null
+++ b/roles/ands_kaas/templates/50-kaas-pods.yml.j2
@@ -0,0 +1,200 @@
+#jinja2: trim_blocks: "true", lstrip_blocks: "false"
+---
+apiVersion: v1
+kind: Template
+metadata:
+ name: {{ kaas_project }}-pods
+ annotations:
+ descriptions: {{ kaas_project_config.description | default(kaas_project ~ "auto-generated pod template") }}
+objects:
+{% for name, pod in (kaas_project_config.pods | default(kaas_openshift_volumes)).iteritems() %}
+ {% set pubkey = "kaas_" ~ name ~ "_pubkey" %}
+ {% set privkey = "kaas_" ~ name ~ "_privkey" %}
+ {% set cakey = "kaas_" ~ name ~ "_ca" %}
+ {% if pod.variant is defined %}
+ {% set pod = pod[pod.variant] %}
+ {% endif %}
+ {% if pod.service is defined %}
+ - apiVersion: v1
+ kind: Service
+ metadata:
+ name: {{ pod.name | default(name) }}
+ spec:
+ selector:
+ name: {{ pod.name | default(name) }}
+ {% if pod.service.ports is defined %}
+ ports:
+ {% for port in pod.service.ports %}
+ {% set portmap = (port | string).split('/') %}
+ - name: "{{ portmap[0] }}"
+ port: {{ portmap[0] }}
+ targetPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }}
+ {% endfor %}
+ {% endif %}
+ {% if (pod.service.ports is defined) and (pod.service.host is defined) %}
+ {% set first_port = (pod.service.ports[0] | string).split('/') %}
+ - apiVersion: v1
+ kind: Route
+ metadata:
+ name: {{ pod.name | default(name) }}
+ spec:
+ host: {{ pod.service.host }}
+ to:
+ kind: Service
+ name: {{ pod.name | default(name) }}
+ port:
+ targetPort: {{ (first_port[1] is defined) | ternary(first_port[1], first_port[0]) }}
+ {% if (first_port[0] == "80") %}
+ tls:
+ termination: edge
+ insecureEdgeTerminationPolicy: Allow
+ {% if hostvars[inventory_hostname][pubkey] is defined %}
+ certificate: |-
+ {{ hostvars[inventory_hostname][pubkey] | indent(10) }}
+ {% endif %}
+ {% if hostvars[inventory_hostname][privkey] is defined %}
+ key: |-
+ {{ hostvars[inventory_hostname][privkey] | indent(10) }}
+ {% endif %}
+ {% if hostvars[inventory_hostname][cakey] is defined %}
+ caCertificate: |-
+ {{ hostvars[inventory_hostname][cakey] | indent(10) }}
+ {% endif %}
+ {% endif %}
+ {% endif %}
+ {% endif %}
+ - apiVersion: v1
+ kind: DeploymentConfig
+ metadata:
+ name: {{ pod.name | default(name) }}
+ spec:
+ replicas: {{ pod.sched.replicas | default(1) }}
+ revisionHistoryLimit: 2
+ strategy:
+ type: {{ pod.sched.strategy | default('Rolling') }}
+ triggers:
+ - type: ConfigChange
+ selector:
+ name: {{ pod.name | default(name) }}
+ template:
+ metadata:
+ name: {{ pod.name | default(name) }}
+ labels:
+ name: {{ pod.name | default(name) }}
+ spec:
+ {% if pod.selector is defined %}
+ nodeSelector:
+ {% for skey, sval in pod.selector.iteritems() %}
+ {{ skey }}: "{{ sval }}"
+ {% endfor %}
+ {% endif %}
+ {% set mappings = (pod.images | json_query('[*].mappings') | length) %}
+ {% if mappings > 0 %}
+ volumes:
+ {% for img in pod.images %}
+ {% set imgidx = loop.index %}
+ {% for vol in img.mappings %}
+ {% set oc_name = vol.name | default(name) | regex_replace('_','-') %}
+ - name: vol-{{imgidx}}-{{loop.index}}
+ persistentVolumeClaim:
+ claimName: {{ oc_name }}
+ {% endfor %}
+ {% endfor %}
+ {% endif %}
+ {% if (pod.groups is defined) or (pod.run_as is defined) %}
+ securityContext:
+ {% if (pod.run_as is defined) %}
+ {% if (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as] is defined %}
+ - {{ (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as].id }}
+ {% else %}
+ - {{ pod.run_as }}
+ {% endif %}
+ {% endif %}
+ {% if (pod.groups is defined) %}
+ supplementalGroups:
+ {% for group in pod.groups %}
+ {% if (kaas_project_config.gids | default(kaas_openshift_gids))[group] is defined %}
+ - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}
+ {% else %}
+ - {{ group }}
+ {% endif %}
+ {% endfor %}
+ {% endif %}
+ {% endif %}
+ containers:
+ {% for img in pod.images %}
+ {% set imgidx = loop.index %}
+ - name: {{ img.name | default(pod.name) | default(name) }}
+ image: {{ img.image }}
+ imagePullPolicy: Always
+ ports:
+ {% if img.ports is defined %}
+ {% for port in img.ports %}
+ - containerPort: {{ port }}
+ {% endfor %}
+ {% else %}
+ {% for port in pod.service.ports %}
+ {% set portmap = (port | string).split('/') %}
+ - containerPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }}
+ {% endfor %}
+ {% endif %}
+ {% if img.env is defined %}
+ env:
+ {% for env_item in img.env %}
+ {% set env_name = env_item.name %}
+ {% set env_val = env_item.value %}
+ {% set env_parts = (env_val | string).split('@') %}
+ - name: "{{ env_name }}"
+ {% if env_parts[0] == "secret" %}
+ {% set env_sec = (env_parts[1] | string).split('/') %}
+ valueFrom:
+ secretKeyRef:
+ name: {{ env_sec[0] }}
+ key: {{ env_sec[1] }}
+ {% elif env_parts[0] == "cm" %}
+ {% set env_cm = (env_parts[1] | string).split('/') %}
+ valueFrom:
+ configMapKeyRef:
+ name: {{ env_cm[0] }}
+ key: {{ env_cm[1] }}
+ {% else %}
+ value: "{{ env_val }}"
+ {% endif %}
+ {% endfor %}
+ {% endif %}
+ {% if img.mappings is defined %}
+ volumeMounts:
+ {% for vol in img.mappings %}
+ - name: vol-{{imgidx}}-{{loop.index}}
+ subPath: {{ vol.path | default("") }}
+ mountPath: {{ vol.mount }}
+ {% endfor %}
+ {% endif %}
+ {% if img.probes is defined %}
+ {% for probe in img.probes %}
+ {% if (probe.type is undefined) %}
+ {% set seq = ['livenessProbe', 'readinessProbe'] %}
+ {% elif (probe.type == "liveness") %}
+ {% set seq = ['livenessProbe'] %}
+ {% else %}
+ {% set seq = ['readinessProbe'] %}
+ {% endif %}
+ {% for type in seq %}
+ {{ type }}:
+ timeoutSeconds: {{ probe.timeout | default(1) }}
+ initialDelaySeconds: {{ probe.delay | default(10) }}
+ {% if (probe.cmd is defined) %}
+ command: "{{ probe.cmd }}"
+ {% elif (probe.path is defined) %}
+ httpGet:
+ path: {{ probe.path }}
+ port: {{ probe.port | default(80) }}
+ {% else %}
+ tcpSocket:
+ port: {{ probe.port | default(80) }}
+ {% endif %}
+ {% endfor %}
+ {% endfor %}
+ {% endif %}
+ {% endfor %}
+{% endfor %}
diff --git a/roles/ands_kaas/templates/6-kaas-pods.yml.j2 b/roles/ands_kaas/templates/6-kaas-pods.yml.j2
deleted file mode 100644
index d5418d3..0000000
--- a/roles/ands_kaas/templates/6-kaas-pods.yml.j2
+++ /dev/null
@@ -1,199 +0,0 @@
-#jinja2: trim_blocks: "true", lstrip_blocks: "false"
----
-apiVersion: v1
-kind: Template
-metadata:
- name: {{ kaas_project }}-pods
- annotations:
- descriptions: {{ kaas_project_config.description | default(kaas_project ~ "auto-generated pod template") }}
-objects:
-{% for name, pod in (kaas_project_config.pods | default(kaas_openshift_volumes)).iteritems() %}
- {% set pubkey = "kaas_" ~ name ~ "_pubkey" %}
- {% set privkey = "kaas_" ~ name ~ "_privkey" %}
- {% set cakey = "kaas_" ~ name ~ "_ca" %}
- {% if pod.variant is defined %}
- {% set pod = pod[pod.variant] %}
- {% endif %}
- {% if pod.service is defined %}
- - apiVersion: v1
- kind: Service
- metadata:
- name: {{ pod.name | default(name) }}
- spec:
- selector:
- name: {{ pod.name | default(name) }}
- {% if pod.service.ports is defined %}
- ports:
- {% for port in pod.service.ports %}
- {% set portmap = (port | string).split('/') %}
- - name: "{{ portmap[0] }}"
- port: {{ portmap[0] }}
- targetPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }}
- {% endfor %}
- {% endif %}
- {% if (pod.service.ports is defined) and (pod.service.host is defined) %}
- {% set first_port = (pod.service.ports[0] | string).split('/')[0] %}
- - apiVersion: v1
- kind: Route
- metadata:
- name: {{ pod.name | default(name) }}
- spec:
- host: {{ pod.service.host }}
- to:
- kind: Service
- name: {{ pod.name | default(name) }}
- port:
- targetPort: {{ first_port }}
- {% if (first_port == "80") %}
- tls:
- termination: edge
- insecureEdgeTerminationPolicy: Allow
- {% if hostvars[inventory_hostname][pubkey] is defined %}
- certificate: |-
- {{ hostvars[inventory_hostname][pubkey] | indent(10) }}
- {% endif %}
- {% if hostvars[inventory_hostname][privkey] is defined %}
- key: |-
- {{ hostvars[inventory_hostname][privkey] | indent(10) }}
- {% endif %}
- {% if hostvars[inventory_hostname][cakey] is defined %}
- caCertificate: |-
- {{ hostvars[inventory_hostname][cakey] | indent(10) }}
- {% endif %}
- {% endif %}
- {% endif %}
- {% endif %}
- - apiVersion: v1
- kind: DeploymentConfig
- metadata:
- name: {{ pod.name | default(name) }}
- spec:
- replicas: {{ pod.sched.replicas | default(1) }}
- selector:
- name: {{ pod.name | default(name) }}
- template:
- metadata:
- name: {{ pod.name | default(name) }}
- labels:
- name: {{ pod.name | default(name) }}
- strategy:
- type: {{ pod.sched.strategy | default('Rolling') }}
- triggers:
- - type: ConfigChange
- spec:
- {% if pod.selector is defined %}
- nodeSelector:
- {% for skey, sval in pod.selector.iteritems() %}
- {{ skey }}: "{{ sval }}"
- {% endfor %}
- {% endif %}
- {% set mappings = (pod.images | json_query('[*].mappings') | length) %}
- {% if mappings > 0 %}
- volumes:
- {% for img in pod.images %}
- {% set imgidx = loop.index %}
- {% for vol in img.mappings %}
- {% set oc_name = vol.name | default(name) | regex_replace('_','-') %}
- - name: vol-{{imgidx}}-{{loop.index}}
- persistentVolumeClaim:
- claimName: {{ oc_name }}
- {% endfor %}
- {% endfor %}
- {% endif %}
- {% if (pod.groups is defined) or (pod.run_as is defined) %}
- securityContext:
- {% if (pod.run_as is defined) %}
- {% if (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as] is defined %}
- - {{ (kaas_project_config.uids | default(kaas_openshift_uids))[pod.run_as].id }}
- {% else %}
- - pod.run_as
- {% endif %}
- {% endif %}
- {% if (pod.groups is defined) %}
- supplementalGroups:
- {% for group in pod.groups %}
- {% if (kaas_project_config.gids | default(kaas_openshift_gids))[group] is defined %}
- - {{ (kaas_project_config.gids | default(kaas_openshift_gids))[group].id }}
- {% else %}
- - group
- {% endif %}
- {% endfor %}
- {% endif %}
- {% endif %}
- containers:
- {% for img in pod.images %}
- {% set imgidx = loop.index %}
- - name: {{ img.name | default(pod.name) | default(name) }}
- image: {{ img.image }}
- imagePullPolicy: Always
- ports:
- {% if img.ports is defined %}
- {% for port in img.ports %}
- - containerPort: {{ port }}
- {% endfor %}
- {% else %}
- {% for port in pod.service.ports %}
- {% set portmap = (port | string).split('/') %}
- - containerPort: {{ (portmap[1] is defined) | ternary(portmap[1], portmap[0]) }}
- {% endfor %}
- {% endif %}
- {% if img.env is defined %}
- env:
- {% for env_item in img.env %}
- {% set env_name = env_item.name %}
- {% set env_val = env_item.value %}
- {% set env_parts = (env_val | string).split('@') %}
- - name: "{{ env_name }}"
- {% if env_parts[0] == "secret" %}
- {% set env_sec = (env_parts[1] | string).split('/') %}
- valueFrom:
- secretKeyRef:
- name: {{ env_sec[0] }}
- key: {{ env_sec[1] }}
- {% elif env_parts[0] == "cm" %}
- {% set env_cm = (env_parts[1] | string).split('/') %}
- valueFrom:
- configMapKeyRef:
- name: {{ env_cm[0] }}
- key: {{ env_cm[1] }}
- {% else %}
- value: "{{ env_val }}"
- {% endif %}
- {% endfor %}
- {% endif %}
- {% if img.mappings is defined %}
- volumeMounts:
- {% for vol in img.mappings %}
- - name: vol-{{imgidx}}-{{loop.index}}
- subPath: {{ (((kaas_project_config.volumes | default(kaas_openshift_volumes))[vol.name].path | default("")) ~ "/") | regex_replace('^/','') }}{{ vol.path | default("") }}
- mountPath: {{ vol.mount }}
- {% endfor %}
- {% endif %}
- {% if img.probes is defined %}
- {% for probe in img.probes %}
- {% if (probe.type is undefined) %}
- {% set seq = ['livenessProbe', 'readynessProbe'] %}
- {% elif (probe.type == "liveness") %}
- {% set seq = ['livenessProbe'] %}
- {% else %}
- {% set seq = ['readynessProbe'] %}
- {% endif %}
- {% for type in seq %}
- {{ type }}:
- timeoutSeconds: {{ probe.timeout | default(1) }}
- initialDelaySeconds: {{ probe.delay | default(10) }}
- {% if (probe.cmd is defined) %}
- command: "{{ probe.cmd }}"
- {% elif (probe.path is defined) %}
- httpGet:
- path: {{ probe.path }}
- port: {{ probe.port | default(80) }}
- {% else %}
- tcpSocket:
- port: {{ probe.port | default(80) }}
- {% endif %}
- {% endfor %}
- {% endfor %}
- {% endif %}
- {% endfor %}
-{% endfor %}
--
cgit v1.2.3