124 lines
3.6 KiB
YAML
124 lines
3.6 KiB
YAML
{{/*
|
|
#
|
|
# Copyright (c) 2018 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
*/}}
|
|
|
|
{{- if .Values.global.job_ceph_mgr_provision }}
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: ceph-mgr-provision-bin
|
|
namespace: {{ .Release.Namespace }}
|
|
data:
|
|
provision.sh: |-
|
|
#!/bin/bash
|
|
|
|
# Check if ceph is accessible
|
|
echo "===================================="
|
|
ceph -s
|
|
if [ $? -ne 0 ]; then
|
|
echo "Error: Ceph cluster is not accessible, check Pod logs for details."
|
|
exit 1
|
|
fi
|
|
|
|
cat > /tmp/controller << EOF
|
|
[req]
|
|
req_extensions = v3_ca
|
|
distinguished_name = req_distinguished_name
|
|
[v3_ca]
|
|
subjectAltName= @alt_names
|
|
basicConstraints = CA:true
|
|
[req_distinguished_name]
|
|
0.organizationName = IT
|
|
commonName = ceph-restful
|
|
|
|
[alt_names]
|
|
DNS.1 = controller-0
|
|
DNS.2 = controller-1
|
|
EOF
|
|
openssl req -new -nodes -x509 -subj /O=IT/CN=controller -days 3650 -config /tmp/controller -out /tmp/controller.crt -keyout /tmp/controller.key -extensions v3_ca
|
|
|
|
for i in "a" "controller-0" "controller-1"
|
|
do
|
|
ceph config-key set mgr/restful/$i/crt -i /tmp/controller.crt
|
|
ceph config-key set mgr/restful/$i/key -i /tmp/controller.key
|
|
done
|
|
ceph config set mgr mgr/restful/server_port 7999
|
|
ceph mgr module disable restful
|
|
ceph mgr module enable restful
|
|
ceph restful create-key admin
|
|
|
|
rm -rf /tmp/conf /tmp/controller.crt /tmp/controller.key
|
|
---
|
|
apiVersion: batch/v1
|
|
kind: Job
|
|
metadata:
|
|
name: ceph-mgr-provision
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
heritage: {{ .Release.Service | quote }}
|
|
release: {{ .Release.Name | quote }}
|
|
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
|
|
spec:
|
|
backoffLimit: 5 # Limit the number of job restart in case of failure: ~5 minutes.
|
|
template:
|
|
metadata:
|
|
name: ceph-mgr-provision
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
heritage: {{ .Release.Service | quote }}
|
|
release: {{ .Release.Name | quote }}
|
|
chart: "{{.Chart.Name}}-{{.Chart.Version}}"
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
volumes:
|
|
- name: ceph-mgr-provision-bin
|
|
configMap:
|
|
name: ceph-mgr-provision-bin
|
|
- name: config-key-provision
|
|
configMap:
|
|
name: {{ .Values.global.configmap_key_init }}
|
|
- name: ceph-config
|
|
emptyDir: {}
|
|
initContainers:
|
|
- name: init
|
|
image: {{ .Values.images.tags.ceph_config_helper | quote }}
|
|
command: [ "/bin/bash", "/tmp/mount/provision.sh" ]
|
|
env:
|
|
- name: ADMIN_KEYRING
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: rook-ceph-admin-keyring
|
|
key: keyring
|
|
- name: ROOK_MONS
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: rook-ceph-mon-endpoints
|
|
key: data
|
|
volumeMounts:
|
|
- mountPath: /etc/ceph
|
|
name: ceph-config
|
|
- name: config-key-provision
|
|
mountPath: /tmp/mount
|
|
containers:
|
|
- name: provision
|
|
image: {{ .Values.images.tags.ceph_config_helper | quote }}
|
|
command: [ "/bin/bash", "/tmp/mount/provision.sh" ]
|
|
env:
|
|
- name: NAMESPACE
|
|
value: {{ .Release.Namespace }}
|
|
volumeMounts:
|
|
- mountPath: /etc/ceph
|
|
name: ceph-config
|
|
- name: ceph-mgr-provision-bin
|
|
mountPath: /tmp/mount/
|
|
{{- if .Values.global.nodeSelector }}
|
|
nodeSelector:
|
|
{{ .Values.global.nodeSelector | toYaml | trim | indent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|