diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index a3051c30d..06d0c21cb 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -51,18 +51,6 @@ rules: - patch - update - watch -- apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - apiGroups: - "" resources: diff --git a/controllers/glance_common.go b/controllers/glance_common.go new file mode 100644 index 000000000..212ce75bf --- /dev/null +++ b/controllers/glance_common.go @@ -0,0 +1,61 @@ +/* +Copyright 2022. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "fmt" + "github.com/openstack-k8s-operators/lib-common/modules/common/env" + "github.com/openstack-k8s-operators/lib-common/modules/common/helper" + "github.com/openstack-k8s-operators/lib-common/modules/common/secret" + "github.com/openstack-k8s-operators/lib-common/modules/common/util" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +func GenerateConfigsGeneric( + ctx context.Context, h *helper.Helper, + instance client.Object, + envVars *map[string]env.Setter, + templateParameters map[string]interface{}, + customData map[string]string, + cmLabels map[string]string, + scripts bool, +) error { + + cms := []util.Template{ + // Templates where the GlanceAPI config is stored + { + Name: fmt.Sprintf("%s-config-data", instance.GetName()), + Namespace: instance.GetNamespace(), + Type: util.TemplateTypeConfig, + InstanceType: instance.GetObjectKind().GroupVersionKind().Kind, + ConfigOptions: templateParameters, + CustomData: customData, + Labels: cmLabels, + }, + } + if scripts { + cms = append(cms, util.Template{ + Name: fmt.Sprintf("%s-scripts", instance.GetName()), + Namespace: instance.GetNamespace(), + Type: util.TemplateTypeScripts, + InstanceType: instance.GetObjectKind().GroupVersionKind().Kind, + Labels: cmLabels, + }) + } + return secret.EnsureSecrets(ctx, h, instance, cms, envVars) +} diff --git a/controllers/glance_controller.go b/controllers/glance_controller.go index 5dc599ea4..dae7fb7a1 100644 --- a/controllers/glance_controller.go +++ b/controllers/glance_controller.go @@ -21,6 +21,7 @@ import ( "fmt" "time" + "github.com/openstack-k8s-operators/lib-common/modules/common/secret" rbacv1 "k8s.io/api/rbac/v1" k8s_errors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" @@ -37,7 +38,6 @@ import ( keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/common" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" - "github.com/openstack-k8s-operators/lib-common/modules/common/configmap" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" "github.com/openstack-k8s-operators/lib-common/modules/common/env" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" @@ -191,7 +191,6 @@ func (r *GlanceReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&keystonev1.KeystoneService{}). Owns(&corev1.PersistentVolumeClaim{}). Owns(&batchv1.Job{}). - Owns(&corev1.ConfigMap{}). Owns(&corev1.Secret{}). Owns(&corev1.ServiceAccount{}). Owns(&rbacv1.Role{}). @@ -491,8 +490,12 @@ func (r *GlanceReconciler) reconcileNormal(ctx context.Context, instance *glance return rbacResult, nil } - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) + + // ServiceLabels + serviceLabels := map[string]string{ + common.AppSelector: glance.ServiceName, + } // // check for required OpenStack secret holding passwords for service/admin user and add hash to the vars map @@ -515,21 +518,16 @@ func (r *GlanceReconciler) reconcileNormal(ctx context.Context, instance *glance err.Error())) return ctrl.Result{}, err } - configMapVars[ospSecret.Name] = env.SetValue(hash) + configVars[ospSecret.Name] = env.SetValue(hash) instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) // run check OpenStack secret - end // - // Create ConfigMaps and Secrets required as input for the Service and calculate an overall hash of hashes + // Create Secrets required as input for the Service and calculate an overall hash of hashes // // - // create Configmap required for glance input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal glance config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the OpenStack secret via the init container - // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars) + err = r.generateServiceConfig(ctx, helper, instance, &configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -540,16 +538,12 @@ func (r *GlanceReconciler) reconcileNormal(ctx context.Context, instance *glance return ctrl.Result{}, err } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end + // Create Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped // - serviceLabels := map[string]string{ - common.AppSelector: glance.ServiceName, - } - // networks to attach to for _, netAtt := range instance.Spec.GlanceAPIInternal.NetworkAttachments { _, err := nad.GetNADWithName(ctx, helper, netAtt, instance.Namespace) @@ -739,61 +733,38 @@ func (r *GlanceReconciler) apiDeploymentCreateOrUpdate(ctx context.Context, inst return deployment, op, err } -// generateServiceConfigMaps - create create configmaps which hold scripts and service configuration (*used for DBSync only*) -// TODO add DefaultConfigOverwrite -func (r *GlanceReconciler) generateServiceConfigMaps( +// generateServiceConfig - create secrets which hold scripts and service configuration (*used for DBSync only*) +func (r *GlanceReconciler) generateServiceConfig( ctx context.Context, h *helper.Helper, instance *glancev1.Glance, envVars *map[string]env.Setter, ) error { - // TODO: Since these CMs are only used for the DBSync, is there further pruning that - // could be done here? + labels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), map[string]string{}) - // - // create Configmap/Secret required for glance input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal glance config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the ospSecret via the init container - // + ospSecret, _, err := secret.GetSecret(ctx, h, instance.Spec.Secret, instance.Namespace) + if err != nil { + return err + } - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), map[string]string{}) + // We only need a minimal 00-config.conf that is only used by db-sync job, + // hence only passing the database related parameters + templateParameters := map[string]interface{}{ + "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", + instance.Spec.DatabaseUser, + string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), + instance.Status.DatabaseHostname, + glance.DatabaseName, + ), + } + customData := map[string]string{glance.CustomConfigFileName: instance.Spec.CustomServiceConfig} - // customData hold any customization for the service. - // custom.conf is going to /etc//.conf.d - // all other files get placed into /etc/ to allow overwrite of e.g. logging.conf or policy.json - // TODO: make sure custom.conf can not be overwritten - customData := map[string]string{common.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} for key, data := range instance.Spec.DefaultConfigOverwrite { customData[key] = data } - cms := []util.Template{ - // ScriptsConfigMap - { - Name: fmt.Sprintf("%s-scripts", instance.Name), - Namespace: instance.Namespace, - Type: util.TemplateTypeScripts, - InstanceType: instance.Kind, - Labels: cmLabels, - }, - // ConfigMap - { - Name: fmt.Sprintf("%s-config-data", instance.Name), - Namespace: instance.Namespace, - Type: util.TemplateTypeConfig, - InstanceType: instance.Kind, - CustomData: customData, - Labels: cmLabels, - }, - } - err := configmap.EnsureConfigMaps(ctx, h, instance, cms, envVars) - - if err != nil { - return nil - } + return GenerateConfigsGeneric(ctx, h, instance, envVars, templateParameters, customData, labels, false) - return nil } // ensureRegisteredLimits - create registered limits in keystone that will be diff --git a/controllers/glanceapi_controller.go b/controllers/glanceapi_controller.go index a6c27c0bb..af8376bc2 100644 --- a/controllers/glanceapi_controller.go +++ b/controllers/glanceapi_controller.go @@ -44,13 +44,13 @@ import ( keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1" "github.com/openstack-k8s-operators/lib-common/modules/common" "github.com/openstack-k8s-operators/lib-common/modules/common/condition" - "github.com/openstack-k8s-operators/lib-common/modules/common/configmap" "github.com/openstack-k8s-operators/lib-common/modules/common/deployment" "github.com/openstack-k8s-operators/lib-common/modules/common/endpoint" "github.com/openstack-k8s-operators/lib-common/modules/common/env" "github.com/openstack-k8s-operators/lib-common/modules/common/helper" "github.com/openstack-k8s-operators/lib-common/modules/common/labels" nad "github.com/openstack-k8s-operators/lib-common/modules/common/networkattachment" + "github.com/openstack-k8s-operators/lib-common/modules/common/secret" oko_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret" "github.com/openstack-k8s-operators/lib-common/modules/common/util" @@ -71,7 +71,6 @@ type GlanceAPIReconciler struct { //+kubebuilder:rbac:groups=glance.openstack.org,resources=glanceapis/status,verbs=get;update;patch //+kubebuilder:rbac:groups=glance.openstack.org,resources=glanceapis/finalizers,verbs=update // +kubebuilder:rbac:groups=core,resources=secrets,verbs=get;list;watch;create;update;patch;delete; -// +kubebuilder:rbac:groups=core,resources=configmaps,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete; // +kubebuilder:rbac:groups=core,resources=pods,verbs=get;list; @@ -245,7 +244,6 @@ func (r *GlanceAPIReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&keystonev1.KeystoneEndpoint{}). Owns(&corev1.Service{}). Owns(&corev1.Secret{}). - Owns(&corev1.ConfigMap{}). Owns(&appsv1.Deployment{}). Owns(&routev1.Route{}). Watches(&source.Kind{Type: &corev1.Secret{}}, @@ -409,8 +407,7 @@ func (r *GlanceAPIReconciler) reconcileUpgrade(ctx context.Context, instance *gl func (r *GlanceAPIReconciler) reconcileNormal(ctx context.Context, instance *glancev1.GlanceAPI, helper *helper.Helper, req ctrl.Request) (ctrl.Result, error) { r.Log.Info(fmt.Sprintf("Reconciling Service '%s'", instance.Name)) - // ConfigMap - configMapVars := make(map[string]env.Setter) + configVars := make(map[string]env.Setter) privileged := false // @@ -434,21 +431,15 @@ func (r *GlanceAPIReconciler) reconcileNormal(ctx context.Context, instance *gla err.Error())) return ctrl.Result{}, err } - configMapVars[ospSecret.Name] = env.SetValue(hash) + configVars[ospSecret.Name] = env.SetValue(hash) instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage) // run check OpenStack secret - end // - // Create ConfigMaps and Secrets required as input for the Service and calculate an overall hash of hashes + // Create Secrets required as input for the Service and calculate an overall hash of hashes // - // - // create Configmap required for glance input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal glance config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the OpenStack secret via the init container - // - err = r.generateServiceConfigMaps(ctx, helper, instance, &configMapVars) + err = r.generateServiceConfig(ctx, helper, instance, &configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -463,7 +454,7 @@ func (r *GlanceAPIReconciler) reconcileNormal(ctx context.Context, instance *gla // create hash over all the different input resources to identify if any those changed // and a restart/recreate is required. // - inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configMapVars) + inputHash, hashChanged, err := r.createHashOfInputHashes(ctx, instance, configVars) if err != nil { instance.Status.Conditions.Set(condition.FalseCondition( condition.ServiceConfigReadyCondition, @@ -478,7 +469,7 @@ func (r *GlanceAPIReconciler) reconcileNormal(ctx context.Context, instance *gla return ctrl.Result{}, nil } instance.Status.Conditions.MarkTrue(condition.ServiceConfigReadyCondition, condition.ServiceConfigReadyMessage) - // Create ConfigMaps and Secrets - end + // Create Secrets - end // // TODO check when/if Init, Update, or Upgrade should/could be skipped @@ -623,32 +614,35 @@ func (r *GlanceAPIReconciler) reconcileNormal(ctx context.Context, instance *gla return ctrl.Result{}, nil } -// generateServiceConfigMaps - create create configmaps which hold scripts and service configuration -// TODO add DefaultConfigOverwrite -func (r *GlanceAPIReconciler) generateServiceConfigMaps( +// generateServiceConfig - create create secrets which hold scripts and service configuration +func (r *GlanceAPIReconciler) generateServiceConfig( ctx context.Context, h *helper.Helper, instance *glancev1.GlanceAPI, envVars *map[string]env.Setter, ) error { - // - // create Configmap/Secret required for glance input - // - %-scripts configmap holding scripts to e.g. bootstrap the service - // - %-config configmap holding minimal glance config required to get the service up, user can add additional files to be added to the service - // - parameters which has passwords gets added from the ospSecret via the init container - // - cmLabels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), map[string]string{}) + labels := labels.GetLabels(instance, labels.GetGroupLabel(glance.ServiceName), map[string]string{}) - // customData hold any customization for the service. - // custom.conf is going to /etc//.conf.d - // all other files get placed into /etc/ to allow overwrite of e.g. logging.conf or policy.json - // TODO: make sure custom.conf can not be overwritten - customData := map[string]string{common.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} + // 02-config.conf + customData := map[string]string{glance.CustomServiceConfigFileName: instance.Spec.CustomServiceConfig} for key, data := range instance.Spec.DefaultConfigOverwrite { customData[key] = data } + // 03-config.conf + customSecrets := "" + for _, secretName := range instance.Spec.CustomServiceConfigSecrets { + secret, _, err := secret.GetSecret(ctx, h, secretName, instance.Namespace) + if err != nil { + return err + } + for _, data := range secret.Data { + customSecrets += string(data) + "\n" + } + } + customData[glance.CustomServiceConfigSecretsFileName] = customSecrets + keystoneAPI, err := keystonev1.GetKeystoneAPI(ctx, h, instance.Namespace, map[string]string{}) // KeystoneAPI not available we should not aggregate the error and continue if err != nil { @@ -662,9 +656,23 @@ func (r *GlanceAPIReconciler) generateServiceConfigMaps( if err != nil { return err } - templateParameters := make(map[string]interface{}) - templateParameters["ServiceUser"] = instance.Spec.ServiceUser - templateParameters["KeystoneAuthURL"] = keystonePublicURL + + ospSecret, _, err := secret.GetSecret(ctx, h, instance.Spec.Secret, instance.Namespace) + if err != nil { + return err + } + + templateParameters := map[string]interface{}{ + "ServiceUser": instance.Spec.ServiceUser, + "ServicePassword": string(ospSecret.Data[instance.Spec.PasswordSelectors.Service]), + "KeystoneAuthURL": keystonePublicURL, + "DatabaseConnection": fmt.Sprintf("mysql+pymysql://%s:%s@%s/%s", + instance.Spec.DatabaseUser, + string(ospSecret.Data[instance.Spec.PasswordSelectors.Database]), + instance.Spec.DatabaseHostname, + glance.DatabaseName, + ), + } // If Quota values are defined in the top level spec (they are global values), // each GlanceAPI instance should build the config file according to @@ -682,27 +690,9 @@ func (r *GlanceAPIReconciler) generateServiceConfigMaps( templateParameters["ShowMultipleLocations"] = false } - cms := []util.Template{ - // ScriptsConfigMap - { - Name: fmt.Sprintf("%s-scripts", instance.Name), - Namespace: instance.Namespace, - Type: util.TemplateTypeScripts, - InstanceType: instance.Kind, - Labels: cmLabels, - }, - // ConfigMap - { - Name: fmt.Sprintf("%s-config-data", instance.Name), - Namespace: instance.Namespace, - Type: util.TemplateTypeConfig, - InstanceType: instance.Kind, - CustomData: customData, - ConfigOptions: templateParameters, - Labels: cmLabels, - }, - } - return configmap.EnsureConfigMaps(ctx, h, instance, cms, envVars) + // 00-default.conf will be regenerated as we have a ln -s of the + // templates/glance/config directory + return GenerateConfigsGeneric(ctx, h, instance, envVars, templateParameters, customData, labels, false) } // createHashOfInputHashes - creates a hash of hashes which gets added to the resources which requires a restart diff --git a/pkg/glance/const.go b/pkg/glance/const.go index 6626f86c8..0cba2c612 100644 --- a/pkg/glance/const.go +++ b/pkg/glance/const.go @@ -32,8 +32,14 @@ const ( // GlanceInternalPort - GlanceInternalPort int32 = 9292 - // KollaConfig - - KollaConfig = "/var/lib/config-data/merged/glance-api-config.json" + // DefaultsConfigFileName - + DefaultsConfigFileName = "00-config.conf" + // CustomConfigFileName - + CustomConfigFileName = "01-config.conf" + // CustomServiceConfigFileName - + CustomServiceConfigFileName = "02-config.conf" + // CustomServiceConfigSecretsFileName - + CustomServiceConfigSecretsFileName = "03-config.conf" // GlanceExtraVolTypeUndefined can be used to label an extraMount which // is not associated with a specific backend diff --git a/pkg/glance/dbsync.go b/pkg/glance/dbsync.go index 3b6de9758..a0b76eaba 100644 --- a/pkg/glance/dbsync.go +++ b/pkg/glance/dbsync.go @@ -27,7 +27,7 @@ import ( const ( // DBSyncCommand - - DBSyncCommand = "/usr/local/bin/kolla_set_configs && su -s /bin/sh -c \"glance-manage db sync\" glance && glance-manage db_load_metadefs" + DBSyncCommand = "/usr/local/bin/kolla_set_configs && /usr/local/bin/kolla_start" ) // DbSyncJob func @@ -40,7 +40,46 @@ func DbSyncJob( dbSyncExtraMounts := []glancev1.GlanceExtraVolMounts{} secretNames := []string{} + var config0644AccessMode int32 = 0644 + // Unlike the individual glanceAPI services, the DbSyncJob doesn't need a + // secret that contains all of the config snippets required by every + // service, The two snippet files that it does need (DefaultsConfigFileName + // and CustomConfigFileName) can be extracted from the top-level glance + // config-data secret. + dbSyncVolume := corev1.Volume{ + Name: "db-sync-config-data", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: &config0644AccessMode, + SecretName: instance.Name + "-config-data", + Items: []corev1.KeyToPath{ + { + Key: DefaultsConfigFileName, + Path: DefaultsConfigFileName, + }, + { + Key: CustomConfigFileName, + Path: CustomConfigFileName, + }, + }, + }, + }, + } + + dbSyncMounts := []corev1.VolumeMount{ + { + Name: "db-sync-config-data", + MountPath: "/etc/glance/glance.conf.d", + ReadOnly: true, + }, + { + Name: "config-data", + MountPath: "/var/lib/kolla/config_files/config.json", + SubPath: "db-sync-config.json", + ReadOnly: true, + }, + } args := []string{"-c"} if instance.Spec.Debug.DBSync { args = append(args, common.DebugCommand) @@ -49,7 +88,6 @@ func DbSyncJob( } envVars := map[string]env.Setter{} - envVars["KOLLA_CONFIG_FILE"] = env.SetValue(KollaConfig) envVars["KOLLA_CONFIG_STRATEGY"] = env.SetValue("COPY_ALWAYS") envVars["KOLLA_BOOTSTRAP"] = env.SetValue("true") @@ -79,12 +117,10 @@ func DbSyncJob( RunAsUser: &runAsUser, }, Env: env.MergeEnvs([]corev1.EnvVar{}, envVars), - VolumeMounts: GetVolumeMounts( - secretNames, - false, - dbSyncExtraMounts, - DbsyncPropagation, - ), + VolumeMounts: append(GetVolumeMounts( + secretNames, false, + dbSyncExtraMounts, DbsyncPropagation), + dbSyncMounts...), }, }, }, @@ -92,30 +128,15 @@ func DbSyncJob( }, } - job.Spec.Template.Spec.Volumes = GetVolumes( + job.Spec.Template.Spec.Volumes = append(GetVolumes( instance.Name, ServiceName, false, secretNames, dbSyncExtraMounts, - DbsyncPropagation, + DbsyncPropagation), + dbSyncVolume, ) - initContainerDetails := APIDetails{ - ContainerImage: instance.Spec.ContainerImage, - DatabaseHost: instance.Status.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, - DatabaseName: DatabaseName, - OSPSecret: instance.Spec.Secret, - DBPasswordSelector: instance.Spec.PasswordSelectors.Database, - UserPasswordSelector: instance.Spec.PasswordSelectors.Service, - VolumeMounts: getInitVolumeMounts( - secretNames, - dbSyncExtraMounts, - DbsyncPropagation, - ), - } - job.Spec.Template.Spec.InitContainers = InitContainer(initContainerDetails) - return job } diff --git a/pkg/glance/initcontainer.go b/pkg/glance/initcontainer.go deleted file mode 100644 index 40a4c6cfe..000000000 --- a/pkg/glance/initcontainer.go +++ /dev/null @@ -1,119 +0,0 @@ -/* - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package glance - -import ( - "github.com/openstack-k8s-operators/lib-common/modules/common/env" - corev1 "k8s.io/api/core/v1" - "strconv" -) - -// APIDetails information -type APIDetails struct { - ContainerImage string - DatabaseHost string - DatabaseUser string - DatabaseName string - TransportURL string - OSPSecret string - DBPasswordSelector string - UserPasswordSelector string - VolumeMounts []corev1.VolumeMount - QuotaEnabled bool - Privileged bool -} - -const ( - // InitContainerCommand - - InitContainerCommand = "/usr/local/bin/container-scripts/init.sh" -) - -// InitContainer - init container for glance api pods -func InitContainer(init APIDetails) []corev1.Container { - runAsUser := int64(0) - trueVar := true - - args := []string{ - "-c", - InitContainerCommand, - } - - securityContext := &corev1.SecurityContext{ - RunAsUser: &runAsUser, - } - - if init.Privileged { - securityContext.Privileged = &trueVar - } - - envVars := map[string]env.Setter{} - envVars["DatabaseHost"] = env.SetValue(init.DatabaseHost) - envVars["DatabaseUser"] = env.SetValue(init.DatabaseUser) - envVars["DatabaseName"] = env.SetValue(init.DatabaseName) - envVars["QuotaEnabled"] = env.SetValue(strconv.FormatBool(init.QuotaEnabled)) - - envs := []corev1.EnvVar{ - { - Name: "DatabasePassword", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: init.OSPSecret, - }, - Key: init.DBPasswordSelector, - }, - }, - }, - { - Name: "GlancePassword", - ValueFrom: &corev1.EnvVarSource{ - SecretKeyRef: &corev1.SecretKeySelector{ - LocalObjectReference: corev1.LocalObjectReference{ - Name: init.OSPSecret, - }, - Key: init.UserPasswordSelector, - }, - }, - }, - // TODO - // { - // Name: "TransportUrl", - // ValueFrom: &corev1.EnvVarSource{ - // SecretKeyRef: &corev1.SecretKeySelector{ - // LocalObjectReference: corev1.LocalObjectReference{ - // Name: init.OSPSecret, - // }, - // Key: "TransportUrl", - // }, - // }, - // }, - } - envs = env.MergeEnvs(envs, envVars) - - return []corev1.Container{ - { - Name: "init", - Image: init.ContainerImage, - SecurityContext: securityContext, - Command: []string{ - "/bin/bash", - }, - Args: args, - Env: envs, - VolumeMounts: init.VolumeMounts, - }, - } -} diff --git a/pkg/glance/volumes.go b/pkg/glance/volumes.go index a5db24bfc..91837f2bb 100644 --- a/pkg/glance/volumes.go +++ b/pkg/glance/volumes.go @@ -24,38 +24,19 @@ import ( // GetVolumes - service volumes func GetVolumes(name string, pvcName string, hasCinder bool, secretNames []string, extraVol []glancev1.GlanceExtraVolMounts, svc []storage.PropagationType) []corev1.Volume { - var scriptsVolumeDefaultMode int32 = 0755 - var config0640AccessMode int32 = 0640 + //var scriptsVolumeDefaultMode int32 = 0755 + var config0644AccessMode int32 = 0644 vm := []corev1.Volume{ - { - Name: "scripts", - VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - DefaultMode: &scriptsVolumeDefaultMode, - LocalObjectReference: corev1.LocalObjectReference{ - Name: name + "-scripts", - }, - }, - }, - }, { Name: "config-data", VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ - DefaultMode: &config0640AccessMode, - LocalObjectReference: corev1.LocalObjectReference{ - Name: name + "-config-data", - }, + Secret: &corev1.SecretVolumeSource{ + DefaultMode: &config0644AccessMode, + SecretName: name + "-config-data", }, }, }, - { - Name: "config-data-merged", - VolumeSource: corev1.VolumeSource{ - EmptyDir: &corev1.EmptyDirVolumeSource{Medium: ""}, - }, - }, { Name: "lib-data", VolumeSource: corev1.VolumeSource{ @@ -102,50 +83,15 @@ func GetVolumes(name string, pvcName string, hasCinder bool, secretNames []strin return vm } -// getInitVolumeMounts - general init task VolumeMounts -func getInitVolumeMounts(secretNames []string, extraVol []glancev1.GlanceExtraVolMounts, svc []storage.PropagationType) []corev1.VolumeMount { - vm := []corev1.VolumeMount{ - { - Name: "scripts", - MountPath: "/usr/local/bin/container-scripts", - ReadOnly: true, - }, - { - Name: "config-data", - MountPath: "/var/lib/config-data/default", - ReadOnly: true, - }, - { - Name: "config-data-merged", - MountPath: "/var/lib/config-data/merged", - ReadOnly: false, - }, - } - - for _, exv := range extraVol { - for _, vol := range exv.Propagate(svc) { - vm = append(vm, vol.Mounts...) - } - } - _, secretConfig := GetConfigSecretVolumes(secretNames) - vm = append(vm, secretConfig...) - return vm -} - // GetVolumeMounts - general VolumeMounts func GetVolumeMounts(secretNames []string, hasCinder bool, extraVol []glancev1.GlanceExtraVolMounts, svc []storage.PropagationType) []corev1.VolumeMount { vm := []corev1.VolumeMount{ { - Name: "scripts", - MountPath: "/usr/local/bin/container-scripts", + Name: "config-data", + MountPath: "/var/lib/config-data/default", ReadOnly: true, }, - { - Name: "config-data-merged", - MountPath: "/var/lib/config-data/merged", - ReadOnly: false, - }, { Name: "lib-data", MountPath: "/var/lib/glance", diff --git a/pkg/glanceapi/deployment.go b/pkg/glanceapi/deployment.go index 05a3040f0..52f3a7ddd 100644 --- a/pkg/glanceapi/deployment.go +++ b/pkg/glanceapi/deployment.go @@ -44,15 +44,13 @@ func Deployment( privileged bool, ) *appsv1.Deployment { runAsUser := int64(0) + var config0644AccessMode int32 = 0644 livenessProbe := &corev1.Probe{ - // TODO might need tuning - TimeoutSeconds: 5, PeriodSeconds: 3, InitialDelaySeconds: 3, } readinessProbe := &corev1.Probe{ - // TODO might need tuning TimeoutSeconds: 5, PeriodSeconds: 5, InitialDelaySeconds: 5, @@ -95,10 +93,29 @@ func Deployment( } envVars := map[string]env.Setter{} - envVars["KOLLA_CONFIG_FILE"] = env.SetValue(glance.KollaConfig) envVars["KOLLA_CONFIG_STRATEGY"] = env.SetValue("COPY_ALWAYS") envVars["CONFIG_HASH"] = env.SetValue(configHash) + apiVolumes := []corev1.Volume{ + { + Name: "config-data-custom", + VolumeSource: corev1.VolumeSource{ + Secret: &corev1.SecretVolumeSource{ + DefaultMode: &config0644AccessMode, + SecretName: instance.Name + "-config-data", + }, + }, + }, + } + apiVolumeMounts := []corev1.VolumeMount{ + { + Name: "config-data", + MountPath: "/var/lib/kolla/config_files/config.json", + SubPath: "glance-api-config.json", + ReadOnly: true, + }, + } + deployment := &appsv1.Deployment{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("%s-api", instance.Name), @@ -129,11 +146,12 @@ func Deployment( Privileged: &privileged, }, Env: env.MergeEnvs([]corev1.EnvVar{}, envVars), - VolumeMounts: glance.GetVolumeMounts( + VolumeMounts: append(glance.GetVolumeMounts( instance.Spec.CustomServiceConfigSecrets, privileged, instance.Spec.ExtraMounts, - glance.GlanceAPIPropagation, + glance.GlanceAPIPropagation), + apiVolumeMounts..., ), Resources: instance.Spec.Resources, ReadinessProbe: readinessProbe, @@ -144,14 +162,14 @@ func Deployment( }, }, } - deployment.Spec.Template.Spec.Volumes = glance.GetVolumes( + deployment.Spec.Template.Spec.Volumes = append(glance.GetVolumes( instance.Name, glance.ServiceName, privileged, instance.Spec.CustomServiceConfigSecrets, instance.Spec.ExtraMounts, - glance.GlanceAPIPropagation, - ) + glance.GlanceAPIPropagation), + apiVolumes...) // If possible two pods of the same service should not // run on the same worker node. If this is not possible @@ -167,22 +185,5 @@ func Deployment( deployment.Spec.Template.Spec.NodeSelector = instance.Spec.NodeSelector } - initContainerDetails := glance.APIDetails{ - ContainerImage: instance.Spec.ContainerImage, - DatabaseHost: instance.Spec.DatabaseHostname, - DatabaseUser: instance.Spec.DatabaseUser, - DatabaseName: glance.DatabaseName, - OSPSecret: instance.Spec.Secret, - DBPasswordSelector: instance.Spec.PasswordSelectors.Database, - UserPasswordSelector: instance.Spec.PasswordSelectors.Service, - VolumeMounts: getInitVolumeMounts( - instance.Spec.CustomServiceConfigSecrets, - instance.Spec.ExtraMounts, - glance.GlanceAPIPropagation, - ), - QuotaEnabled: instance.Spec.Quota, - } - deployment.Spec.Template.Spec.InitContainers = glance.InitContainer(initContainerDetails) - return deployment } diff --git a/pkg/glanceapi/volumes.go b/pkg/glanceapi/volumes.go deleted file mode 100644 index e12cb277d..000000000 --- a/pkg/glanceapi/volumes.go +++ /dev/null @@ -1,52 +0,0 @@ -/* - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package glanceapi - -import ( - glancev1 "github.com/openstack-k8s-operators/glance-operator/api/v1beta1" - glance "github.com/openstack-k8s-operators/glance-operator/pkg/glance" - "github.com/openstack-k8s-operators/lib-common/modules/storage" - corev1 "k8s.io/api/core/v1" -) - -// getInitVolumeMounts - general init task VolumeMounts -func getInitVolumeMounts(secretNames []string, extraVol []glancev1.GlanceExtraVolMounts, svc []storage.PropagationType) []corev1.VolumeMount { - vm := []corev1.VolumeMount{ - { - Name: "scripts", - MountPath: "/usr/local/bin/container-scripts", - ReadOnly: true, - }, - { - Name: "config-data", - MountPath: "/var/lib/config-data/default", - ReadOnly: true, - }, - { - Name: "config-data-merged", - MountPath: "/var/lib/config-data/merged", - ReadOnly: false, - }, - } - for _, exv := range extraVol { - for _, vol := range exv.Propagate(svc) { - vm = append(vm, vol.Mounts...) - } - } - _, secretConfig := glance.GetConfigSecretVolumes(secretNames) - vm = append(vm, secretConfig...) - return vm -} diff --git a/templates/glance/bin/init.sh b/templates/glance/bin/init.sh deleted file mode 100755 index 1ea3ac06b..000000000 --- a/templates/glance/bin/init.sh +++ /dev/null @@ -1,87 +0,0 @@ -#!/bin//bash -# -# Copyright 2020 Red Hat Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -set -ex - -# This script generates the glance-api.conf/logging.conf file and -# copies the result to the ephemeral /var/lib/config-data/merged volume. - -export PASSWORD=${GlancePassword:?"Please specify a GlanceKeystoneAuthPassword variable."} -export DBHOST=${DatabaseHost:?"Please specify a DatabaseHost variable."} -export DBUSER=${DatabaseUser:-"glance"} -export DB=${DatabaseName:-"glance"} -export DBPASSWORD=${DatabasePassword:?"Please specify a DatabasePassword variable."} -export QUOTA_ENABLED=${QuotaEnabled:-"false"} - - -DEFAULT_DIR=/var/lib/config-data/default -CUSTOM_DIR=/var/lib/config-data/custom -MERGED_DIR=/var/lib/config-data/merged -SVC_CFG=/etc/glance/glance-api.conf -SVC_CFG_MERGED=${MERGED_DIR}/glance-api.conf -SVC_CFG_MERGED_DIR=${MERGED_DIR}/glance.conf.d - -mkdir -p ${SVC_CFG_MERGED_DIR} - -cp ${DEFAULT_DIR}/* ${MERGED_DIR} - -# Save the default service config from container image as glance-api.conf.sample, -# and create a small glance-api.conf file that directs people to files in -# glance.conf.d. - -cp -a ${SVC_CFG} ${SVC_CFG_MERGED}.sample -cat < ${SVC_CFG_MERGED} -# Service configuration snippets are stored in the glance.conf.d subdirectory. -EOF - -cp ${DEFAULT_DIR}/glance-api.conf ${SVC_CFG_MERGED_DIR}/00-default.conf - -# Generate 01-deployment-secrets.conf -DEPLOYMENT_SECRETS=${SVC_CFG_MERGED_DIR}/01-deployment-secrets.conf - -cat <> ${DEPLOYMENT_SECRETS} -[database] -connection = mysql+pymysql://${DBUSER}:${DBPASSWORD}@${DBHOST}/${DB} - -[keystone_authtoken] -password = ${PASSWORD} - -[service_user] -password = ${PASSWORD} -EOF - -# Add oslo_limit glance password if QuotaLimits are enabled -# https://docs.openstack.org/glance/latest/admin/quotas.html -if [ "$QUOTA_ENABLED" == "true" ]; then -cat <> ${DEPLOYMENT_SECRETS} -[oslo_limit] -password = ${PASSWORD} -EOF -fi - -if [ -f ${DEFAULT_DIR}/custom.conf ]; then - cp ${DEFAULT_DIR}/custom.conf ${SVC_CFG_MERGED_DIR}/02-global.conf -fi - -if [ -f ${CUSTOM_DIR}/custom.conf ]; then - cp ${CUSTOM_DIR}/custom.conf ${SVC_CFG_MERGED_DIR}/03-service.conf -fi - -SECRET_FILES="$(ls /var/lib/config-data/secret-*/* 2>/dev/null || true)" -if [ -n "${SECRET_FILES}" ]; then - cat ${SECRET_FILES} > ${SVC_CFG_MERGED_DIR}/04-secrets.conf -fi - -chown -R :glance ${SVC_CFG_MERGED_DIR} diff --git a/templates/glance/config/glance-api.conf b/templates/glance/config/00-config.conf similarity index 83% rename from templates/glance/config/glance-api.conf rename to templates/glance/config/00-config.conf index f4b202df2..635a12bf9 100644 --- a/templates/glance/config/glance-api.conf +++ b/templates/glance/config/00-config.conf @@ -12,12 +12,18 @@ bind_host=0.0.0.0 bind_port=9292 workers=3 image_cache_dir=/var/lib/glance/image-cache -log_config_append=/etc/glance/logging.conf enabled_backends=default_backend:file {{ if (index . "QuotaEnabled") }} use_keystone_limits = {{ .QuotaEnabled }} {{ end }} +[database] +{{ if (index . "DatabaseConnection") }} +connection = {{ .DatabaseConnection }} +{{ end }} +max_retries = -1 +db_max_retries = -1 + [file] filesystem_store_datadir = /var/lib/glance/images @@ -33,10 +39,19 @@ auth_type=password {{ if (index . "ServiceUser") }} username={{ .ServiceUser }} {{ end }} +{{ if (index . "ServicePassword") }} +password = {{ .ServicePassword }} +{{ end }} project_domain_name=Default user_domain_name=Default project_name=service + +{{ if (index . "ServicePassword") }} +[service_user] +password = {{ .ServicePassword }} +{{ end }} + [oslo_messaging_notifications] # TODO: update later once rabbit is working #driver=messagingv2 @@ -76,3 +91,6 @@ endpoint_id = {{ .EndpointID }} {{ if (index . "Region") }} region_name = {{ .Region }} {{ end }} + +[image_import_opts] +image_import_plugins = ['no_op'] diff --git a/templates/glance/config/db-sync-config.json b/templates/glance/config/db-sync-config.json new file mode 100644 index 000000000..890c24d02 --- /dev/null +++ b/templates/glance/config/db-sync-config.json @@ -0,0 +1,3 @@ +{ + "command": "glance-manage --config-dir /etc/glance/glance.conf.d db sync glance && glance-manage db_load_metadefs" +} diff --git a/templates/glance/config/glance-api-config.json b/templates/glance/config/glance-api-config.json index 8436fd76a..215391cd6 100644 --- a/templates/glance/config/glance-api-config.json +++ b/templates/glance/config/glance-api-config.json @@ -2,28 +2,31 @@ "command": "/usr/bin/glance-api --config-dir /etc/glance/glance.conf.d", "config_files": [ { - "source": "/var/lib/config-data/merged/glance.conf.d", - "dest": "/etc/glance/glance.conf.d", + "source": "/var/lib/config-data/default/00-config.conf", + "dest": "/etc/glance/glance.conf.d/00-config.conf", "owner": "glance", - "perm": "0750" + "perm": "0600" }, { - "source": "/var/lib/config-data/merged/glance-image-import.conf", - "dest": "/etc/glance/glance.conf.d/glance-image-import.conf", + "source": "/var/lib/config-data/default/02-config.conf", + "dest": "/etc/glance/glance.conf.d/02-config.conf", "owner": "glance", - "perm": "0600" + "perm": "0600", + "optional": true }, { - "source": "/var/lib/config-data/merged/policy.yaml", - "dest": "/etc/glance/glance.conf.d/policy.yaml", + "source": "/var/lib/config-data/default/03-config.conf", + "dest": "/etc/glance/glance.conf.d/03-config.conf", "owner": "glance", - "perm": "0600" + "perm": "0640", + "optional": true }, { - "source": "/var/lib/config-data/merged/logging.conf", - "dest": "/etc/glance/logging.conf", + "source": "/var/lib/config-data/default/policy.yaml", + "dest": "/etc/glance/glance.conf.d/policy.yaml", "owner": "glance", - "perm": "0600" + "perm": "0600", + "optional": true } ] } diff --git a/templates/glance/config/glance-image-import.conf b/templates/glance/config/glance-image-import.conf deleted file mode 100644 index f5026c5a5..000000000 --- a/templates/glance/config/glance-image-import.conf +++ /dev/null @@ -1,4 +0,0 @@ -[DEFAULT] - -[image_import_opts] -image_import_plugins = ['no_op'] diff --git a/templates/glance/config/logging.conf b/templates/glance/config/logging.conf deleted file mode 100644 index 75cd16df7..000000000 --- a/templates/glance/config/logging.conf +++ /dev/null @@ -1,34 +0,0 @@ -[loggers] -keys=root - -[handlers] -keys=stdout - -[formatters] -keys=normal - - -########### -# Loggers # -########### - -[logger_root] -level=WARNING -handlers=stdout - -################ -# Log Handlers # -################ - -[handler_stdout] -class=StreamHandler -level=WARNING -formatter=normal -args=(sys.stdout,) - -################## -# Log Formatters # -################## - -[formatter_normal] -format=(%(name)s): %(asctime)s %(levelname)s %(message)s diff --git a/tests/functional/glance_controller_test.go b/tests/functional/glance_controller_test.go index fa7733fd7..ca2174553 100644 --- a/tests/functional/glance_controller_test.go +++ b/tests/functional/glance_controller_test.go @@ -229,8 +229,6 @@ var _ = Describe("Glance controller", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateGlance(glanceTest.Instance, GetGlanceDefaultSpec())) // Get Default GlanceAPI (internal/external) - DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.Instance, GetDefaultGlanceAPISpec(GlanceAPITypeExternal))) - DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.Instance, GetDefaultGlanceAPISpec(GlanceAPITypeInternal))) DeferCleanup( th.DeleteDBService, th.CreateDBService( @@ -263,7 +261,6 @@ var _ = Describe("Glance controller", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateGlance(glanceTest.Instance, GetGlanceDefaultSpec())) // Get Default GlanceAPI (internal/external) - DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.Instance, GetDefaultGlanceAPISpec(GlanceAPITypeExternal))) DeferCleanup( th.DeleteDBService, th.CreateDBService( @@ -286,22 +283,8 @@ var _ = Describe("Glance controller", func() { th.DeleteInstance(GetGlance(glanceTest.Instance)) }) - It("removes the ConfigMaps", func() { - Eventually(func() corev1.ConfigMap { - return *th.GetConfigMap(glanceTest.GlanceConfigMapData) - }, timeout, interval).ShouldNot(BeNil()) - Eventually(func() corev1.ConfigMap { - return *th.GetConfigMap(glanceTest.GlanceConfigMapScripts) - }, timeout, interval).ShouldNot(BeNil()) - Eventually(func() []corev1.ConfigMap { - return th.ListConfigMaps(glanceTest.GlanceConfigMapData.Name).Items - }, timeout, interval).Should(BeEmpty()) - Eventually(func() []corev1.ConfigMap { - return th.ListConfigMaps(glanceTest.GlanceConfigMapScripts.Name).Items - }, timeout, interval).Should(BeEmpty()) - }) }) - When("Glance CR instance is built w/ NAD", func() { + When("Glance CR instance is built with NAD", func() { BeforeEach(func() { nad := th.CreateNetworkAttachmentDefinition(glanceTest.InternalAPINAD) DeferCleanup(th.DeleteInstance, nad) diff --git a/tests/functional/glanceapi_controller_test.go b/tests/functional/glanceapi_controller_test.go index 7602dfd94..efe01475e 100644 --- a/tests/functional/glanceapi_controller_test.go +++ b/tests/functional/glanceapi_controller_test.go @@ -26,7 +26,7 @@ import ( ) var _ = Describe("Glanceapi controller", func() { - When("a GlanceAPI CR is created", func() { + When("GlanceAPI CR is created", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateGlanceAPI(glanceTest.GlanceInternal, GetDefaultGlanceAPISpec(GlanceAPITypeInternal))) }) @@ -67,7 +67,6 @@ var _ = Describe("Glanceapi controller", func() { corev1.ConditionFalse, ) }) - }) When("the Secret is created with all the expected fields", func() { BeforeEach(func() { @@ -95,22 +94,22 @@ var _ = Describe("Glanceapi controller", func() { condition.ServiceConfigReadyCondition, corev1.ConditionTrue, ) - configDataMap := th.GetConfigMap(glanceTest.GlanceInternalConfigMapData) - Expect(configDataMap).ShouldNot(BeNil()) - Expect(configDataMap.Data).Should(HaveKey("custom.conf")) + secretDataMap := th.GetSecret(glanceTest.GlanceInternalConfigMapData) + Expect(secretDataMap).ShouldNot(BeNil()) + // We apply customServiceConfig to the GlanceAPI Pod + Expect(secretDataMap.Data).Should(HaveKey("02-config.conf")) //Double check customServiceConfig has been applied - configData := string(configDataMap.Data["custom.conf"]) + configData := string(secretDataMap.Data["02-config.conf"]) Expect(configData).Should(ContainSubstring("foo=bar")) }) It("stored the input hash in the Status", func() { Eventually(func(g Gomega) { - novaAPI := GetGlanceAPI(glanceTest.GlanceInternal) - g.Expect(novaAPI.Status.Hash).Should(HaveKeyWithValue("input", Not(BeEmpty()))) + glanceAPI := GetGlanceAPI(glanceTest.GlanceInternal) + g.Expect(glanceAPI.Status.Hash).Should(HaveKeyWithValue("input", Not(BeEmpty()))) }, timeout, interval).Should(Succeed()) }) }) - When("GlanceAPI is generated by the top-level CR", func() { BeforeEach(func() { DeferCleanup(th.DeleteInstance, CreateDefaultGlance(glanceTest.Instance)) @@ -137,7 +136,7 @@ var _ = Describe("Glanceapi controller", func() { ss := th.GetDeployment(glanceTest.GlanceInternalAPI) // Check the resulting deployment fields Expect(int(*ss.Spec.Replicas)).To(Equal(1)) - Expect(ss.Spec.Template.Spec.Volumes).To(HaveLen(4)) + Expect(ss.Spec.Template.Spec.Volumes).To(HaveLen(3)) Expect(ss.Spec.Template.Spec.Containers).To(HaveLen(1)) container := ss.Spec.Template.Spec.Containers[0] @@ -153,7 +152,7 @@ var _ = Describe("Glanceapi controller", func() { ss := th.GetDeployment(glanceTest.GlanceExternalAPI) // Check the resulting deployment fields Expect(int(*ss.Spec.Replicas)).To(Equal(1)) - Expect(ss.Spec.Template.Spec.Volumes).To(HaveLen(4)) + Expect(ss.Spec.Template.Spec.Volumes).To(HaveLen(3)) Expect(ss.Spec.Template.Spec.Containers).To(HaveLen(1)) container := ss.Spec.Template.Spec.Containers[0] diff --git a/tests/kuttl/tests/glance_scale/01-assert.yaml b/tests/kuttl/tests/glance_scale/01-assert.yaml index 193d803c4..d2953ce5d 100644 --- a/tests/kuttl/tests/glance_scale/01-assert.yaml +++ b/tests/kuttl/tests/glance_scale/01-assert.yaml @@ -99,14 +99,6 @@ spec: - /bin/bash image: quay.io/podified-antelope-centos9/openstack-glance-api:current-podified name: glance-api - initContainers: - - args: - - -c - - /usr/local/bin/container-scripts/init.sh - command: - - /bin/bash - image: quay.io/podified-antelope-centos9/openstack-glance-api:current-podified - name: init serviceAccount: glance-glance serviceAccountName: glance-glance status: @@ -135,14 +127,6 @@ spec: - /bin/bash image: quay.io/podified-antelope-centos9/openstack-glance-api:current-podified name: glance-api - initContainers: - - args: - - -c - - /usr/local/bin/container-scripts/init.sh - command: - - /bin/bash - image: quay.io/podified-antelope-centos9/openstack-glance-api:current-podified - name: init serviceAccount: glance-glance serviceAccountName: glance-glance status: