Skip to content

Commit

Permalink
Rework the whole Manila configuration process
Browse files Browse the repository at this point in the history
This patch represents an implementation of the proposal [1] and aligns
the manila-operator with the work already done in Cinder and the other
operators. There are a few relevant changes in the bootstrap process of
Manila, in particular:

1. It stops using an InitContainer to generate the snippet files that
    configure each Manila service. The logic that was previously
    implemented in the InitContainer has been moved to the Controllers,
    where config files are generated and stored in k8s Secrets.
2. InitContainers are fully removed from the bootstrap process; It uses
   to copy additional files (httpd and wsgi config in manila-api) to the
   target directories, and mount the generated config (0{0,1,2,3}-config.conf
   to /etc/manila/manila.conf.d, which is used by each service to run;

3. The relevant content, including scripts, previously stored in a
    ConfigMap, are now stored in a corresponding k8s Secret, which is
    mounted to the Service deployment Pods; A total of 4 config snippet files
    are generated:
    - 00-config.conf contains global settings that are common to every Manila
      Pod, including ones that are derived from deployment secrets (e.g.
      database password, etc.)
    - 01-config.conf contains the global customServiceConfig settings that
      apply to every Manila service.
    - 02-config.conf contains the customServiceConfig settings that are
      specific to each service.
    - 03-config.conf contains secrets specified by each service's
      customServiceConfigSecrets. logging.conf has been removed as it'
      s no longer required in the switch to a side container approach for
      logging purposes, which will be part of a follow up PR.

Finally, functional tests are aligned to the use of k8s Secrets instead of
the old pattern based on ConfigMaps; kuttl tests are updated and the
initContainer has been removed. DBsync now mounts only the required
files (a minimal 00-config.conf) and a db-sync-config.json
containing the command run through kolla.

[1] openstack-k8s-operators/dev-docs#31

Signed-off-by: Francesco Pantano <[email protected]>
  • Loading branch information
fmount committed Sep 2, 2023
1 parent 41dee07 commit 28363d1
Show file tree
Hide file tree
Showing 37 changed files with 496 additions and 1,065 deletions.
3 changes: 0 additions & 3 deletions api/bases/manila.openstack.org_manilaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
12 changes: 0 additions & 12 deletions api/bases/manila.openstack.org_manilas.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,6 @@ spec:
type: string
debug:
properties:
dbInitContainer:
default: false
type: boolean
dbSync:
default: false
type: boolean
Expand Down Expand Up @@ -826,9 +823,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down Expand Up @@ -923,9 +917,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down Expand Up @@ -996,9 +987,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
3 changes: 0 additions & 3 deletions api/bases/manila.openstack.org_manilaschedulers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
3 changes: 0 additions & 3 deletions api/bases/manila.openstack.org_manilashares.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
10 changes: 1 addition & 9 deletions api/v1beta1/common_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ type ManilaServiceTemplate struct {
// +kubebuilder:default="# add your customization here"
// CustomServiceConfig - customize the service config using this parameter to change service defaults,
// or overwrite rendered information using raw OpenStack config format. The content gets added to
// to /etc/<service>/<service>.conf.d directory as custom.conf file.
// to /etc/<service>/<service>.conf.d directory a custom config file.
CustomServiceConfig string `json:"customServiceConfig,omitempty"`

// +kubebuilder:validation:Optional
Expand Down Expand Up @@ -118,10 +118,6 @@ type PasswordSelector struct {
// ManilaDebug indicates whether certain stages of Manila deployment should
// pause in debug mode
type ManilaDebug struct {
// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// dbInitContainer enable debug (waits until /tmp/stop-init-container disappears)
DBInitContainer bool `json:"dbInitContainer,omitempty"`
// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// dbSync enable debug
Expand All @@ -131,10 +127,6 @@ type ManilaDebug struct {
// ManilaServiceDebug indicates whether certain stages of Manila service
// deployment should pause in debug mode
type ManilaServiceDebug struct {
// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// initContainer enable debug (waits until /tmp/stop-init-container disappears)
InitContainer bool `json:"initContainer,omitempty"`
// +kubebuilder:validation:Optional
// +kubebuilder:default=false
// service enable debug
Expand Down
2 changes: 1 addition & 1 deletion api/v1beta1/manila_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ type ManilaSpec struct {
// +kubebuilder:default="# add your customization here"
// CustomServiceConfig - customize the service config for all Manila services using this parameter to change service defaults,
// or overwrite rendered information using raw OpenStack config format. The content gets added to
// to /etc/<service>/<service>.conf.d directory as custom.conf file.
// to /etc/<service>/<service>.conf.d directory a custom config file.
CustomServiceConfig string `json:"customServiceConfig,omitempty"`

// +kubebuilder:validation:Optional
Expand Down
1 change: 0 additions & 1 deletion api/v1beta1/manilashare_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,6 @@ func init() {
SchemeBuilder.Register(&ManilaShare{}, &ManilaShareList{})
}


// IsReady - returns true if ManilaShare is reconciled successfully
func (instance ManilaShare) IsReady() bool {
return instance.Status.Conditions.IsTrue(condition.ReadyCondition)
Expand Down
3 changes: 0 additions & 3 deletions config/crd/bases/manila.openstack.org_manilaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
12 changes: 0 additions & 12 deletions config/crd/bases/manila.openstack.org_manilas.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,9 +46,6 @@ spec:
type: string
debug:
properties:
dbInitContainer:
default: false
type: boolean
dbSync:
default: false
type: boolean
Expand Down Expand Up @@ -826,9 +823,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down Expand Up @@ -923,9 +917,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down Expand Up @@ -996,9 +987,6 @@ spec:
type: array
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
3 changes: 0 additions & 3 deletions config/crd/bases/manila.openstack.org_manilaschedulers.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
3 changes: 0 additions & 3 deletions config/crd/bases/manila.openstack.org_manilashares.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -56,9 +56,6 @@ spec:
type: string
debug:
properties:
initContainer:
default: false
type: boolean
service:
default: false
type: boolean
Expand Down
60 changes: 38 additions & 22 deletions controllers/manila_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ import (
keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1"
"github.com/openstack-k8s-operators/lib-common/modules/common"
"github.com/openstack-k8s-operators/lib-common/modules/common/condition"
"github.com/openstack-k8s-operators/lib-common/modules/common/configmap"
"github.com/openstack-k8s-operators/lib-common/modules/common/endpoint"
"github.com/openstack-k8s-operators/lib-common/modules/common/env"
"github.com/openstack-k8s-operators/lib-common/modules/common/helper"
Expand Down Expand Up @@ -258,7 +257,7 @@ func (r *ManilaReconciler) SetupWithManager(mgr ctrl.Manager) error {
Owns(&manilav1beta1.ManilaShare{}).
Owns(&rabbitmqv1.TransportURL{}).
Owns(&batchv1.Job{}).
Owns(&corev1.ConfigMap{}).
Owns(&corev1.Secret{}).
Owns(&corev1.ServiceAccount{}).
Owns(&rbacv1.Role{}).
Owns(&rbacv1.RoleBinding{}).
Expand Down Expand Up @@ -429,7 +428,7 @@ func (r *ManilaReconciler) reconcileNormal(ctx context.Context, instance *manila
}

// ConfigMap
configMapVars := make(map[string]env.Setter)
configVars := make(map[string]env.Setter)

//
// create RabbitMQ transportURL CR and get the actual URL from the associated secret that is created
Expand Down Expand Up @@ -488,7 +487,7 @@ func (r *ManilaReconciler) reconcileNormal(ctx context.Context, instance *manila
err.Error()))
return ctrl.Result{}, err
}
configMapVars[ospSecret.Name] = env.SetValue(hash)
configVars[ospSecret.Name] = env.SetValue(hash)

instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)
// run check OpenStack secret - end
Expand All @@ -500,12 +499,12 @@ func (r *ManilaReconciler) reconcileNormal(ctx context.Context, instance *manila
common.AppSelector: manila.ServiceName,
}
//
// create Configmap required for manila input
// create Config required for Manila input
// - %-scripts configmap holding scripts to e.g. bootstrap the service
// - %-config configmap holding minimal manila config required to get the service up, user can add additional files to be added to the service
// - parameters which has passwords gets added from the OpenStack secret via the init container
//
err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars, serviceLabels)
err = r.generateServiceConfig(ctx, helper, instance, &configVars, serviceLabels)
if err != nil {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.ServiceConfigReadyCondition,
Expand All @@ -520,7 +519,7 @@ func (r *ManilaReconciler) reconcileNormal(ctx context.Context, instance *manila
// create hash over all the different input resources to identify if any those changed
// and a restart/recreate is required.
//
_, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars)
_, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars)
if err != nil {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.ServiceConfigReadyCondition,
Expand All @@ -534,7 +533,7 @@ func (r *ManilaReconciler) reconcileNormal(ctx context.Context, instance *manila
// so we need to return and reconcile again
return ctrl.Result{}, nil
}
// Create ConfigMaps and Secrets - end
// Create Service Config and Secrets - end

instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage)

Expand Down Expand Up @@ -718,28 +717,26 @@ func (r *ManilaReconciler) reconcileUpgrade(ctx context.Context, instance *manil
}

// generateServiceConfigMaps - create create configmaps which hold scripts and service configuration
// TODO add DefaultConfigOverwrite
func (r *ManilaReconciler) generateServiceConfigMaps(
func (r *ManilaReconciler) generateServiceConfig(
ctx context.Context,
h *helper.Helper,
instance *manilav1beta1.Manila,
envVars *map[string]env.Setter,
serviceLabels map[string]string,
) error {
//
// create Configmap/Secret required for manila input
// create Secret required for manila input
// - %-scripts configmap holding scripts to e.g. bootstrap the service
// - %-config configmap holding minimal manila config required to get the service up, user can add additional files to be added to the service
// - parameters which has passwords gets added from the ospSecret via the init container
//

cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(manila.ServiceName), serviceLabels)
labels := labels.GetLabels(instance, labels.GetGroupLabel(manila.ServiceName), serviceLabels)

// customData hold any customization for the service.
// custom.conf is going to /etc/<service>/<service>.conf.d
// all other files get placed into /etc/<service> to allow overwrite of e.g. policy.json
// TODO: make sure custom.conf can not be overwritten
customData := map[string]string{common.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig}
customData := map[string]string{manila.CustomConfigFileName: instance.Spec.CustomServiceConfig}

for key, data := range instance.Spec.DefaultConfigOverwrite {
customData[key] = data
Expand All @@ -758,19 +755,38 @@ func (r *ManilaReconciler) generateServiceConfigMaps(
return err
}

templateParameters := make(map[string]interface{})
templateParameters["ServiceUser"] = instance.Spec.ServiceUser
templateParameters["KeystonePublicURL"] = keystonePublicURL
templateParameters["KeystoneInternalURL"] = keystoneInternalURL
ospSecret, _, err := secret.GetSecret(ctx, h, instance.Spec.Secret, instance.Namespace)
if err != nil {
return err
}

transportURLSecret, _, err := secret.GetSecret(ctx, h, instance.Status.TransportURLSecret, instance.Namespace)
if err != nil {
return err
}

//templateParameters := make(map[string]interface{})
templateParameters := map[string]interface{}{
"ServiceUser": instance.Spec.ServiceUser,
"ServicePassword": string(ospSecret.Data[instance.Spec.PasswordSelectors.Service]),
"KeystonePublicURL": keystonePublicURL,
"KeystoneInternalURL": keystoneInternalURL,
"TransportURL": string(transportURLSecret.Data["transport_url"]),
"DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s",
instance.Spec.DatabaseUser,
string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]),
instance.Status.DatabaseHostname,
manila.DatabaseName),
}

cms := []util.Template{
configTemplates := []util.Template{
// ScriptsConfigMap
{
Name: fmt.Sprintf("%s-scripts", instance.Name),
Namespace: instance.Namespace,
Type: util.TemplateTypeScripts,
InstanceType: instance.Kind,
Labels: cmLabels,
Labels: labels,
},
// ConfigMap
{
Expand All @@ -780,11 +796,11 @@ func (r *ManilaReconciler) generateServiceConfigMaps(
InstanceType: instance.Kind,
CustomData: customData,
ConfigOptions: templateParameters,
Labels: cmLabels,
Labels: labels,
},
}

return configmap.EnsureConfigMaps(ctx, h, instance, cms, envVars)
return secret.EnsureSecrets(ctx, h, instance, configTemplates, envVars)
}

// createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart
Expand Down
Loading

0 comments on commit 28363d1

Please sign in to comment.