Skip to content

Commit

Permalink
Merge pull request #183 from beagles/fix-missing-transport-url
Browse files Browse the repository at this point in the history
Fix missing transport URL config
  • Loading branch information
openshift-ci[bot] authored Oct 10, 2023
2 parents 018e5cc + eeaf9ed commit 821dd87
Show file tree
Hide file tree
Showing 15 changed files with 90 additions and 4 deletions.
3 changes: 3 additions & 0 deletions api/bases/octavia.openstack.org_octaviaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -372,6 +372,9 @@ spec:
default: octavia
description: ServiceUser - service user name
type: string
transportURLSecret:
description: TransportURLSecret - Secret containing RabbitMQ transportURL
type: string
required:
- containerImage
- databaseInstance
Expand Down
3 changes: 3 additions & 0 deletions api/bases/octavia.openstack.org_octavias.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -428,6 +428,9 @@ spec:
default: octavia
description: ServiceUser - service user name
type: string
transportURLSecret:
description: TransportURLSecret - Secret containing RabbitMQ transportURL
type: string
required:
- containerImage
- databaseInstance
Expand Down
4 changes: 4 additions & 0 deletions api/v1beta1/octaviaapi_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,10 @@ type OctaviaAPISpec struct {
// TODO: -> implement
DefaultConfigOverwrite map[string]string `json:"defaultConfigOverwrite,omitempty"`

// +kubebuilder:validation:Optional
// TransportURLSecret - Secret containing RabbitMQ transportURL
TransportURLSecret string `json:"transportURLSecret,omitempty"`

// +kubebuilder:validation:Optional
// Resources - Compute Resources required by this service (Limits/Requests).
// https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
Expand Down
3 changes: 3 additions & 0 deletions config/crd/bases/octavia.openstack.org_octaviaapis.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -372,6 +372,9 @@ spec:
default: octavia
description: ServiceUser - service user name
type: string
transportURLSecret:
description: TransportURLSecret - Secret containing RabbitMQ transportURL
type: string
required:
- containerImage
- databaseInstance
Expand Down
3 changes: 3 additions & 0 deletions config/crd/bases/octavia.openstack.org_octavias.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -428,6 +428,9 @@ spec:
default: octavia
description: ServiceUser - service user name
type: string
transportURLSecret:
description: TransportURLSecret - Secret containing RabbitMQ transportURL
type: string
required:
- containerImage
- databaseInstance
Expand Down
9 changes: 9 additions & 0 deletions config/rbac/role.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -269,6 +269,15 @@ rules:
- patch
- update
- watch
- apiGroups:
- security.openshift.io
resourceNames:
- anyuid
- hostmount-anyuid
resources:
- securitycontextconstraints
verbs:
- use
- apiGroups:
- security.openshift.io
resourceNames:
Expand Down
25 changes: 24 additions & 1 deletion controllers/amphoracontroller_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ import (
"github.com/openstack-k8s-operators/lib-common/modules/common/util"

keystonev1 "github.com/openstack-k8s-operators/keystone-operator/api/v1beta1"
oko_secret "github.com/openstack-k8s-operators/lib-common/modules/common/secret"
octaviav1 "github.com/openstack-k8s-operators/octavia-operator/api/v1beta1"
"github.com/openstack-k8s-operators/octavia-operator/pkg/amphoracontrollers"
"github.com/openstack-k8s-operators/octavia-operator/pkg/octavia"
Expand Down Expand Up @@ -188,7 +189,27 @@ func (r *OctaviaAmphoraControllerReconciler) reconcileNormal(ctx context.Context

// Handle config map
configMapVars := make(map[string]env.Setter)
err := r.generateServiceConfigMaps(ctx, instance, helper, &configMapVars)
transportURLSecret, hash, err := oko_secret.GetSecret(ctx, helper, instance.Spec.TransportURLSecret, instance.Namespace)
if err != nil {
if k8s_errors.IsNotFound(err) {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.InputReadyCondition,
condition.RequestedReason,
condition.SeverityInfo,
condition.InputReadyWaitingMessage))
return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("TransportURL secret %s not found", instance.Spec.TransportURLSecret)
}
instance.Status.Conditions.Set(condition.FalseCondition(
condition.InputReadyCondition,
condition.ErrorReason,
condition.SeverityWarning,
condition.InputReadyErrorMessage,
err.Error()))
return ctrl.Result{}, err
}
configMapVars[transportURLSecret.Name] = env.SetValue(hash)

err = r.generateServiceConfigMaps(ctx, instance, helper, &configMapVars)
if err != nil {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.ServiceConfigReadyCondition,
Expand All @@ -199,6 +220,8 @@ func (r *OctaviaAmphoraControllerReconciler) reconcileNormal(ctx context.Context
return ctrl.Result{}, err
}

instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)

//
// create hash over all the different input resources to identify if any those changed
// and a restart/recreate is required.
Expand Down
1 change: 1 addition & 0 deletions controllers/octavia_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -748,6 +748,7 @@ func (r *OctaviaReconciler) apiDeploymentCreateOrUpdate(instance *octaviav1.Octa
deployment.Spec.DatabaseHostname = instance.Status.DatabaseHostname
deployment.Spec.DatabaseUser = instance.Spec.DatabaseUser
deployment.Spec.ServiceUser = instance.Spec.ServiceUser
deployment.Spec.TransportURLSecret = instance.Status.TransportURLSecret
deployment.Spec.Secret = instance.Spec.Secret
deployment.Spec.ServiceAccount = instance.RbacResourceName()
if len(deployment.Spec.NodeSelector) == 0 {
Expand Down
22 changes: 22 additions & 0 deletions controllers/octaviaapi_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ type OctaviaAPIReconciler struct {
// +kubebuilder:rbac:groups=keystone.openstack.org,resources=keystoneendpoints,verbs=get;list;watch;create;update;patch;delete;
// +kubebuilder:rbac:groups=ovn.openstack.org,resources=ovndbclusters,verbs=get;list;watch;
// +kubebuilder:rbac:groups=k8s.cni.cncf.io,resources=network-attachment-definitions,verbs=get;list;watch
// +kubebuilder:rbac:groups="security.openshift.io",resourceNames=anyuid;hostmount-anyuid,resources=securitycontextconstraints,verbs=use
// +kubebuilder:rbac:groups="",resources=pods,verbs=create;delete;get;list;patch;update;watch

// Reconcile is part of the main kubernetes reconciliation loop which aims to
// move the current state of the cluster closer to the desired state.
Expand Down Expand Up @@ -450,6 +452,26 @@ func (r *OctaviaAPIReconciler) reconcileNormal(ctx context.Context, instance *oc
}
configMapVars[ospSecret.Name] = env.SetValue(hash)

transportURLSecret, hash, err := oko_secret.GetSecret(ctx, helper, instance.Spec.TransportURLSecret, instance.Namespace)
if err != nil {
if k8s_errors.IsNotFound(err) {
instance.Status.Conditions.Set(condition.FalseCondition(
condition.InputReadyCondition,
condition.RequestedReason,
condition.SeverityInfo,
condition.InputReadyWaitingMessage))
return ctrl.Result{RequeueAfter: time.Duration(10) * time.Second}, fmt.Errorf("TransportURL secret %s not found", instance.Spec.TransportURLSecret)
}
instance.Status.Conditions.Set(condition.FalseCondition(
condition.InputReadyCondition,
condition.ErrorReason,
condition.SeverityWarning,
condition.InputReadyErrorMessage,
err.Error()))
return ctrl.Result{}, err
}
configMapVars[transportURLSecret.Name] = env.SetValue(hash)

instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)

// run check OpenStack secret - end
Expand Down
1 change: 1 addition & 0 deletions pkg/amphoracontrollers/deployment.go
Original file line number Diff line number Diff line change
Expand Up @@ -131,6 +131,7 @@ func Deployment(
DatabaseUser: instance.Spec.DatabaseUser,
DatabaseName: octavia.DatabaseName,
OSPSecret: instance.Spec.Secret,
TransportURLSecret: instance.Spec.TransportURLSecret,
DBPasswordSelector: instance.Spec.PasswordSelectors.Database,
UserPasswordSelector: instance.Spec.PasswordSelectors.Service,
VolumeMounts: octavia.GetInitVolumeMounts(),
Expand Down
1 change: 1 addition & 0 deletions pkg/octaviaapi/deployment.go
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,7 @@ func Deployment(
DatabaseUser: instance.Spec.DatabaseUser,
DatabaseName: octavia.DatabaseName,
OSPSecret: instance.Spec.Secret,
TransportURLSecret: instance.Spec.TransportURLSecret,
DBPasswordSelector: instance.Spec.PasswordSelectors.Database,
UserPasswordSelector: instance.Spec.PasswordSelectors.Service,
VolumeMounts: initVolumeMounts,
Expand Down
4 changes: 1 addition & 3 deletions templates/octavia/bin/init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,9 @@ for dir in /var/lib/config-data/default; do
merge_config_dir ${dir}
done

# set secrets

# set secrets
if [ -n "$TRANSPORTURL" ]; then
crudini --set /var/lib/config-data/merged/neutron.conf DEFAULT transport_url $TRANSPORTURL
crudini --set /var/lib/config-data/merged/octavia.conf DEFAULT transport_url $TRANSPORTURL
fi
crudini --set ${SVC_CFG_MERGED} database connection mysql+pymysql://${DBUSER}:${DBPASSWORD}@${DBHOST}/${DB}
crudini --set ${SVC_CFG_MERGED} keystone_authtoken password $PASSWORD
5 changes: 5 additions & 0 deletions templates/octaviaamphoracontroller/bin/init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ export DBHOST=${DatabaseHost:?"Please specify a DatabaseHost variable."}
export DBUSER=${DatabaseUser:?"Please specify a DatabaseUser variable."}
export DBPASSWORD=${DatabasePassword:?"Please specify a DatabasePassword variable."}
export DB=${DatabaseName:-"octavia"}
export TRANSPORTURL=${TransportURL:-""}

SVC_CFG=/etc/octavia/octavia.conf
SVC_CFG_MERGED=/var/lib/config-data/merged/octavia.conf
Expand All @@ -40,6 +41,10 @@ for dir in /var/lib/config-data/default; do
merge_config_dir ${dir}
done

# set secrets
if [ -n "$TRANSPORTURL" ]; then
crudini --set /var/lib/config-data/merged/octavia.conf DEFAULT transport_url $TRANSPORTURL
fi
# set secrets
crudini --set ${SVC_CFG_MERGED} database connection mysql+pymysql://${DBUSER}:${DBPASSWORD}@${DBHOST}/${DB}
crudini --set ${SVC_CFG_MERGED} keystone_authtoken password $PASSWORD
Expand Down
5 changes: 5 additions & 0 deletions templates/octaviaapi/bin/init.sh
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ export DBHOST=${DatabaseHost:?"Please specify a DatabaseHost variable."}
export DBUSER=${DatabaseUser:?"Please specify a DatabaseUser variable."}
export DBPASSWORD=${DatabasePassword:?"Please specify a DatabasePassword variable."}
export DB=${DatabaseName:-"octavia"}
export TRANSPORTURL=${TransportURL:-""}

SVC_CFG=/etc/octavia/octavia.conf
SVC_CFG_MERGED=/var/lib/config-data/merged/octavia.conf
Expand All @@ -40,6 +41,10 @@ for dir in /var/lib/config-data/default; do
merge_config_dir ${dir}
done

# set secrets
if [ -n "$TRANSPORTURL" ]; then
crudini --set /var/lib/config-data/merged/octavia.conf DEFAULT transport_url $TRANSPORTURL
fi
# set secrets
crudini --set ${SVC_CFG_MERGED} database connection mysql+pymysql://${DBUSER}:${DBPASSWORD}@${DBHOST}/${DB}
crudini --set ${SVC_CFG_MERGED} keystone_authtoken password $PASSWORD
Expand Down
5 changes: 5 additions & 0 deletions tests/kuttl/common/assert_sample_deployment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,11 @@ spec:
secretKeyRef:
key: OctaviaPassword
name: osp-secret
- name: TransportURL
valueFrom:
secretKeyRef:
key: transport_url
name: rabbitmq-transport-url-octavia-octavia-transport
- name: DatabaseHost
value: openstack
- name: DatabaseName
Expand Down

0 comments on commit 821dd87

Please sign in to comment.