Skip to content

Commit

Permalink
feat: netapp-volume-worker support
Browse files Browse the repository at this point in the history 
This creates a new Kustomize deployment for cinder with a netapp volume
backend. The worker uses an existing cinder deployment managed by helm
kustomizes the configuration values and produces a netapp specific volume
container which has the ability to run with multiple netapp backends.

To use this container the following secrete must be created

``` shell
kubectl --namespace openstack \
        create secret generic cinder-netapp \
        --type Opaque \
        --from-literal=BACKENDS="netapp-backend-1,root,10.0.0.1,80,vserver1,qos-something,True,True,True,True,True"
```

Each backend has 11 values which correspond to the needed configuration.
Multiple backends are supported using a semicolon.

Signed-off-by: Kevin Carter <[email protected]>
  • Loading branch information
@cloudnull
cloudnull committed Nov 2, 2024
1 parent feea7fe commit 13280c0
Show file tree
Hide file tree
Showing 8 changed files with 809 additions and 0 deletions.
54 changes: 54 additions & 0 deletions base-kustomize/cinder/netapp/configmap-etc.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: cinder-volume-netapp-config
namespace: openstack
data:
cinder-scheduler.sh: |
#!/bin/bash
set -ex
exec cinder-scheduler --config-file /tmp/pod-shared/cinder.conf
cinder-volume.sh: |
#!/bin/bash
set -ex
exec cinder-volume \
--config-file /tmp/pod-shared/cinder.conf \
--config-file /tmp/pod-shared/backends.conf \
--config-file /tmp/pod-shared/internal_tenant.conf
data-generate-backends.py: |
#!/usr/bin/env python
import configparser
import os
netapp_backends = os.environ.get('NETAPP_BACKENDS')
config = configparser.ConfigParser()
config.read('/etc/cinder/conf/backends.conf')
for backend in netapp_backends.split(';'):
backend = backend.split(',')
assert len(backend) == 11
config.add_section(backend[0])
config.set(backend[0], 'netapp_login', backend[1])
config.set(backend[0], 'netapp_password', backend[2])
config.set(backend[0], 'netapp_server_hostname', backend[3])
config.set(backend[0], 'netapp_server_port', backend[4])
config.set(backend[0], 'netapp_storage_family', 'ontap_cluster')
config.set(backend[0], 'netapp_storage_protocol', 'iscsi')
config.set(backend[0], 'netapp_transport_type', 'http')
config.set(backend[0], 'netapp_vserver', backend[5])
config.set(backend[0], 'netapp:qos_policy_group', backend[6])
config.set(backend[0], 'netapp_dedup', backend[7])
config.set(backend[0], 'netapp_compression', backend[8])
config.set(backend[0], 'netapp_thick_provisioned', backend[9])
config.set(backend[0], 'netapp_lun_space_reservation', backend[10])
config.set(backend[0], 'volume_driver', 'cinder.volume.drivers.netapp.common.NetAppDriver')
config.set(backend[0], 'volume_backend_name', backend[0])
with open('/tmp/pod-shared/backends.conf', 'w') as configfile:
config.write(configfile)
config = configparser.ConfigParser()
config.read('/etc/cinder/cinder.conf')
backends = ','.join([i.split(',')[0] for i in netapp_backends.split(';')])
config.set('DEFAULT', 'enabled_backends', backends)
config.set('DEFAULT', 'host', 'cinder-volume-netapp-worker')
with open('/tmp/pod-shared/cinder.conf', 'w') as configfile:
config.write(configfile)
273 changes: 273 additions & 0 deletions base-kustomize/cinder/netapp/deploy-volume-netapp-scheduler.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,273 @@
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: cinder-netapp-scheduler
namespace: openstack

---
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
name: cinder-default-cinder-netapp-scheduler
namespace: openstack
rules:
- apiGroups:
- ""
- extensions
- batch
- apps
verbs:
- get
- list
resources:
- services
- endpoints
- jobs
- pods

---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: cinder-cinder-netapp-scheduler
namespace: openstack
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: cinder-default-cinder-netapp-scheduler
subjects:
- kind: ServiceAccount
name: cinder-netapp-scheduler
namespace: openstack

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cinder-netapp-scheduler
labels:
release_group: cinder
application: cinder
component: scheduler
spec:
replicas: 1
selector:
matchLabels:
release_group: cinder
application: cinder
component: scheduler
revisionHistoryLimit: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 3
template:
metadata:
labels:
release_group: cinder
application: cinder
component: scheduler
spec:
serviceAccountName: cinder-netapp-scheduler
securityContext:
runAsUser: 42424
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchExpressions:
- key: release_group
operator: In
values:
- cinder
- key: application
operator: In
values:
- cinder
- key: component
operator: In
values:
- scheduler
topologyKey: kubernetes.io/hostname
weight: 10
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: "quay.io/airshipit/kubernetes-entrypoint:v1.0.0"
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsUser: 65534
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/
- name: DEPENDENCY_SERVICE
value: "openstack:keystone-api,openstack:cinder-api"
- name: DEPENDENCY_JOBS
value: "cinder-db-sync,cinder-ks-user,cinder-ks-endpoints"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: DEPENDENCY_POD_JSON
value: ""
- name: DEPENDENCY_CUSTOM_RESOURCE
value: ""
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-coordination-volume-perms
image: docker.io/openstackhelm/cinder:2024.1-ubuntu_jammy
imagePullPolicy: IfNotPresent
securityContext:
readOnlyRootFilesystem: true
runAsUser: 0
command:
- chown
- -R
- "cinder:"
- /var/lib/cinder/coordination
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: cinder-coordination
mountPath: /var/lib/cinder/coordination
- name: cinder-netapp-scheduler-init
image: docker.io/openstackhelm/cinder:2024.1-ubuntu_jammy
imagePullPolicy: Always
securityContext:
readOnlyRootFilesystem: true
command:
- /var/lib/openstack/bin/python3 /tmp/data-generate-backends.py
env:
- name: NETAPP_BACKENDS
valueFrom:
secretKeyRef:
name: cinder-netapp
key: BACKENDS
terminationMessagePath: /var/log/termination-log
resources:
limits:
memory: "1Gi"
requests:
memory: "256Mi"
cpu: "250m"
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: cinder-netapp-data
mountPath: /tmp/data-generate-backends.py
subPath: generate-backends.py
readOnly: true
- name: pod-shared
mountPath: /tmp/pod-shared
- name: cinder-conversion
mountPath: /var/lib/cinder/conversion
- name: cinder-etc
mountPath: /etc/cinder/cinder.conf
subPath: cinder.conf
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/logging.conf
subPath: logging.conf
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/conf/backends.conf
subPath: backends.conf
readOnly: true
- name: cinder-coordination
mountPath: /var/lib/cinder/coordination
- name: cinder-etc
mountPath: /etc/sudoers.d/kolla_cinder_sudoers
subPath: cinder_sudoers
readOnly: true
- name: cinder-etc
mountPath: /etc/sudoers.d/kolla_cinder_volume_sudoers
subPath: cinder_sudoers
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/rootwrap.conf
subPath: rootwrap.conf
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/rootwrap.d/volume.filters
subPath: volume.filters
readOnly: true
containers:
- name: cinder-netapp-scheduler
image: docker.io/openstackhelm/cinder:2024.1-ubuntu_jammy
imagePullPolicy: IfNotPresent
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
command:
- /tmp/cinder-scheduler.sh
resources:
limits:
memory: "1Gi"
requests:
memory: "256Mi"
cpu: "250m"
volumeMounts:
- name: pod-tmp
mountPath: /tmp
- name: cinder-netapp-data
mountPath: /tmp/cinder-scheduler.sh
subPath: cinder-scheduler.sh
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/cinder.conf
subPath: cinder.conf
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/logging.conf
subPath: logging.conf
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/api-paste.ini
subPath: api-paste.ini
readOnly: true
- name: cinder-etc
mountPath: /etc/cinder/policy.yaml
subPath: policy.yaml
readOnly: true
- name: cinder-coordination
mountPath: /var/lib/cinder/coordination
volumes:
- name: pod-tmp
emptyDir: {}
- name: cinder-bin
configMap:
name: cinder-bin
defaultMode: 0555
- name: cinder-etc
secret:
secretName: cinder-etc
defaultMode: 0444
- name: pod-shared
emptyDir: {}
- name: cinder-conversion
emptyDir: {}
- name: cinder-coordination
emptyDir: {}
- name: cinder-netapp-data
configMap:
name: "cinder-volume-netapp-config"
defaultMode: 0555
Loading

0 comments on commit 13280c0

Please sign in to comment.