diff --git a/centos_pkg_dirs b/centos_pkg_dirs index 55b5bd18..e7a3648f 100644 --- a/centos_pkg_dirs +++ b/centos_pkg_dirs @@ -50,3 +50,5 @@ openstack/python-wsme openstack/distributedcloud openstack/distributedcloud-client openstack/stx-ocf-scripts +openstack/openstack-helm +openstack/openstack-helm-infra diff --git a/openstack/openstack-helm-infra/Readme.rst b/openstack/openstack-helm-infra/Readme.rst new file mode 100644 index 00000000..a0413325 --- /dev/null +++ b/openstack/openstack-helm-infra/Readme.rst @@ -0,0 +1,8 @@ +This repo is for https://github.com/openstack/openstack-helm-infra + +Changes to this repo are needed for StarlingX and those changes are +not yet merged. +Rather than clone and diverge the repo, the repo is extracted at a particular +git SHA, and patches are applied on top. + +As those patches are merged, the SHA can be updated and the local patches removed. diff --git a/openstack/openstack-helm-infra/centos/build_srpm.data b/openstack/openstack-helm-infra/centos/build_srpm.data new file mode 100644 index 00000000..9eac3ec4 --- /dev/null +++ b/openstack/openstack-helm-infra/centos/build_srpm.data @@ -0,0 +1,8 @@ +TAR_NAME=openstack-helm-infra +SHA=5ec85a5d70fab468160d2fdafed1a2a7a5151405 +VERSION=1.0.0 +TAR="$TAR_NAME-$SHA.tar.gz" + +COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/*" + +TIS_PATCH_VER=3 diff --git a/openstack/openstack-helm-infra/centos/openstack-helm-infra.spec b/openstack/openstack-helm-infra/centos/openstack-helm-infra.spec new file mode 100644 index 00000000..9b152498 --- /dev/null +++ b/openstack/openstack-helm-infra/centos/openstack-helm-infra.spec @@ -0,0 +1,58 @@ +%global sha 5ec85a5d70fab468160d2fdafed1a2a7a5151405 +%global helm_folder /usr/lib/helm + +Summary: Openstack-Helm-Infra charts +Name: openstack-helm-infra +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: Wind River +URL: https://github.com/openstack/openstack-helm-infra + +Source0: %{name}-%{sha}.tar.gz + +BuildArch: noarch + +Patch01: 0001-gnocchi-remove-gnocchi-upgrade-option-and-set-coordi.patch +Patch02: 0002-Revert-Helm-Toolkit-Move-sensitive-config-data-to-se.patch +Patch03: 0003-Revert-gnocchi-use-of-k8s-secret-to-store-config.patch + +BuildRequires: helm + +%description +Openstack Helm Infra charts + +%prep +%setup -n openstack-helm-infra +%patch01 -p1 +%patch02 -p1 +%patch03 -p1 + +%build +# initialize helm and build the toolkit +helm init --client-only +make helm-toolkit + +# Host a server for the charts +helm serve /tmp/charts --address localhost:8879 --url http://localhost:8879/charts & +helm repo rm local +helm repo add local http://localhost:8879/charts + +# Make the charts. These produce tgz files +make gnocchi +make ingress +make libvirt +make mariadb +make memcached +make openvswitch +make rabbitmq + +%install +install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder} +install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder} + +%files +%dir %attr(0755,root,root) %{helm_folder} +%defattr(-,root,root,-) +%{helm_folder}/* diff --git a/openstack/openstack-helm-infra/files/0001-gnocchi-remove-gnocchi-upgrade-option-and-set-coordi.patch b/openstack/openstack-helm-infra/files/0001-gnocchi-remove-gnocchi-upgrade-option-and-set-coordi.patch new file mode 100644 index 00000000..d019eab9 --- /dev/null +++ b/openstack/openstack-helm-infra/files/0001-gnocchi-remove-gnocchi-upgrade-option-and-set-coordi.patch @@ -0,0 +1,44 @@ +From 5d78a8df854340225c32d025e921efd5c9dc2be1 Mon Sep 17 00:00:00 2001 +From: Angie Wang +Date: Wed, 26 Sep 2018 17:01:28 +0000 +Subject: [PATCH 1/3] gnocchi: remove gnocchi upgrade option and set + coordination_url + + - Remove the gnocchi upgrade option "--create-legacy-resource-types" as + it is deprecated since gnocchi 4.0.0 + - Set the default coordination driver of gnocchi to memcached +--- + gnocchi/templates/bin/_db-sync.sh.tpl | 2 +- + gnocchi/templates/configmap-etc.yaml | 6 ++++++ + 2 files changed, 7 insertions(+), 1 deletion(-) + +diff --git a/gnocchi/templates/bin/_db-sync.sh.tpl b/gnocchi/templates/bin/_db-sync.sh.tpl +index a32db4e..0693ee2 100644 +--- a/gnocchi/templates/bin/_db-sync.sh.tpl ++++ b/gnocchi/templates/bin/_db-sync.sh.tpl +@@ -18,4 +18,4 @@ limitations under the License. + + set -ex + +-exec gnocchi-upgrade --create-legacy-resource-types ++exec gnocchi-upgrade +diff --git a/gnocchi/templates/configmap-etc.yaml b/gnocchi/templates/configmap-etc.yaml +index 83d3f14..bdf6acc 100644 +--- a/gnocchi/templates/configmap-etc.yaml ++++ b/gnocchi/templates/configmap-etc.yaml +@@ -50,6 +50,12 @@ limitations under the License. + {{- $_ := set .Values.conf.gnocchi.keystone_authtoken "password" .Values.endpoints.identity.auth.gnocchi.password -}} + {{- end -}} + ++{{- if empty .Values.conf.gnocchi.DEFAULT.coordination_url -}} ++{{- $endpointUrl := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" }} ++{{- $driver := .Values.endpoints.oslo_cache.hosts.default -}} ++{{- $_ := printf "%s://%s" $driver $endpointUrl | set .Values.conf.gnocchi.DEFAULT "coordination_url" -}} ++{{- end -}} ++ + {{- if empty .Values.conf.gnocchi.database.connection -}} + {{- $_ := tuple "oslo_db" "internal" "gnocchi" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | set .Values.conf.gnocchi.database "connection" -}} + {{- end -}} +-- +1.8.3.1 + diff --git a/openstack/openstack-helm-infra/files/0002-Revert-Helm-Toolkit-Move-sensitive-config-data-to-se.patch b/openstack/openstack-helm-infra/files/0002-Revert-Helm-Toolkit-Move-sensitive-config-data-to-se.patch new file mode 100644 index 00000000..6afb0314 --- /dev/null +++ b/openstack/openstack-helm-infra/files/0002-Revert-Helm-Toolkit-Move-sensitive-config-data-to-se.patch @@ -0,0 +1,140 @@ +From 82c8a765764c034365ba487b3abbd1da542b0a4c Mon Sep 17 00:00:00 2001 +From: Gerry Kopec +Date: Tue, 2 Oct 2018 17:11:54 +0000 +Subject: [PATCH 2/3] Revert "Helm-Toolkit: Move sensitive config data to + secrets." + +This reverts commit 6186fb6675d57235c22b88d9b3b2215d4c06b082. + +Conflicts: + .zuul.yaml + +To allow per host overrides to work we need to temporarily revert this +commit. This should be put back once upstream has fixed the issue: +https://storyboard.openstack.org/#!/story/2003873 +--- + helm-toolkit/templates/manifests/_job-bootstrap.yaml | 4 ++-- + .../templates/manifests/_job-db-drop-mysql.yaml.tpl | 4 ++-- + .../templates/manifests/_job-db-init-mysql.yaml.tpl | 4 ++-- + helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl | 4 ++-- + .../templates/snippets/_values_template_renderer.tpl | 14 ++------------ + ldap/templates/configmap-etc.yaml | 7 +++---- + 6 files changed, 13 insertions(+), 24 deletions(-) + +diff --git a/helm-toolkit/templates/manifests/_job-bootstrap.yaml b/helm-toolkit/templates/manifests/_job-bootstrap.yaml +index 8afc50e..a3276d5 100644 +--- a/helm-toolkit/templates/manifests/_job-bootstrap.yaml ++++ b/helm-toolkit/templates/manifests/_job-bootstrap.yaml +@@ -92,8 +92,8 @@ spec: + - name: etc-service + emptyDir: {} + - name: bootstrap-conf +- secret: +- secretName: {{ $configMapEtc | quote }} ++ configMap: ++ name: {{ $configMapEtc | quote }} + defaultMode: 0444 + {{- if $podVols }} + {{ $podVols | toYaml | indent 8 }} +diff --git a/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl +index e813c32..27b347a 100644 +--- a/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl ++++ b/helm-toolkit/templates/manifests/_job-db-drop-mysql.yaml.tpl +@@ -118,8 +118,8 @@ spec: + - name: etc-service + emptyDir: {} + - name: db-drop-conf +- secret: +- secretName: {{ $configMapEtc | quote }} ++ configMap: ++ name: {{ $configMapEtc | quote }} + defaultMode: 0444 + {{- end -}} + {{- end -}} +diff --git a/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl +index dea5864..8e7e436 100644 +--- a/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl ++++ b/helm-toolkit/templates/manifests/_job-db-init-mysql.yaml.tpl +@@ -115,8 +115,8 @@ spec: + - name: etc-service + emptyDir: {} + - name: db-init-conf +- secret: +- secretName: {{ $configMapEtc | quote }} ++ configMap: ++ name: {{ $configMapEtc | quote }} + defaultMode: 0444 + {{- end -}} + {{- end -}} +diff --git a/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl b/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl +index 134e99b..df64ecf 100644 +--- a/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl ++++ b/helm-toolkit/templates/manifests/_job-db-sync.yaml.tpl +@@ -88,8 +88,8 @@ spec: + - name: etc-service + emptyDir: {} + - name: db-sync-conf +- secret: +- secretName: {{ $configMapEtc | quote }} ++ configMap: ++ name: {{ $configMapEtc | quote }} + defaultMode: 0444 + {{- if $podVols }} + {{ $podVols | toYaml | indent 8 }} +diff --git a/helm-toolkit/templates/snippets/_values_template_renderer.tpl b/helm-toolkit/templates/snippets/_values_template_renderer.tpl +index 88a279d..67f099d 100644 +--- a/helm-toolkit/templates/snippets/_values_template_renderer.tpl ++++ b/helm-toolkit/templates/snippets/_values_template_renderer.tpl +@@ -67,23 +67,13 @@ return: | + {{- $envAll := index . "envAll" -}} + {{- $template := index . "template" -}} + {{- $key := index . "key" -}} +-{{- $format := index . "format" | default "configMap" -}} + {{- with $envAll -}} + {{- $templateRendered := tpl ( $template | toYaml ) . }} +-{{- if eq $format "Secret" }} +-{{- if hasPrefix "|\n" $templateRendered }} +-{{ $key }}: {{ regexReplaceAllLiteral "\n " ( $templateRendered | trimPrefix "|\n" | trimPrefix " " ) "\n" | b64enc }} +-{{- else }} +-{{ $key }}: {{ $templateRendered | b64enc }} +-{{- end -}} +-{{- else }} +-{{- if hasPrefix "|\n" $templateRendered }} +-{{ $key }}: | +-{{ regexReplaceAllLiteral "\n " ( $templateRendered | trimPrefix "|\n" | trimPrefix " " ) "\n" | indent 2 }} ++{{- if hasPrefix "|\n" $templateRendered }} ++{{ $key }}: {{ $templateRendered }} + {{- else }} + {{ $key }}: | + {{ $templateRendered | indent 2 }} + {{- end -}} + {{- end -}} + {{- end -}} +-{{- end -}} +diff --git a/ldap/templates/configmap-etc.yaml b/ldap/templates/configmap-etc.yaml +index 3fa7c37..e724e6d 100644 +--- a/ldap/templates/configmap-etc.yaml ++++ b/ldap/templates/configmap-etc.yaml +@@ -13,16 +13,15 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + */}} +- + {{- if .Values.manifests.configmap_etc }} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: ldap-etc +-type: Opaque + data: + {{- if .Values.bootstrap.enabled }} +- sample_data.ldif: {{ .Values.data.sample | b64enc }} ++ sample_data.ldif: | ++{{ .Values.data.sample | indent 4 }} + {{- end }} + {{- end }} +-- +1.8.3.1 + diff --git a/openstack/openstack-helm-infra/files/0003-Revert-gnocchi-use-of-k8s-secret-to-store-config.patch b/openstack/openstack-helm-infra/files/0003-Revert-gnocchi-use-of-k8s-secret-to-store-config.patch new file mode 100644 index 00000000..048439d9 --- /dev/null +++ b/openstack/openstack-helm-infra/files/0003-Revert-gnocchi-use-of-k8s-secret-to-store-config.patch @@ -0,0 +1,144 @@ +From 4c2dd3b4e64a898613106c82dddaffd5e5ab09a0 Mon Sep 17 00:00:00 2001 +From: Gerry Kopec +Date: Wed, 3 Oct 2018 22:32:13 +0000 +Subject: [PATCH 3/3] Revert gnocchi use of k8s secret to store config + +To allow per host overrides to work we need to temporarily revert secrets +related changes. In the original secrets commit: +83b91e6e Openstack: Use k8s secret to store config +gnocchi was in openstack-helm, but was subsequently moved to +openstack-helm-infra. This commit reverts the gnocchi specific changes. + +This commit should be put back once upstream has fixed the issue: +https://storyboard.openstack.org/#!/story/2003873 + +Reviewed by Angie. +--- + gnocchi/templates/configmap-etc.yaml | 14 ++++++++------ + gnocchi/templates/daemonset-metricd.yaml | 4 ++-- + gnocchi/templates/daemonset-statsd.yaml | 4 ++-- + gnocchi/templates/deployment-api.yaml | 4 ++-- + gnocchi/templates/job-db-init-indexer.yaml | 4 ++-- + gnocchi/templates/job-db-sync.yaml | 4 ++-- + gnocchi/templates/pod-gnocchi-test.yaml | 4 ++-- + 7 files changed, 20 insertions(+), 18 deletions(-) + +diff --git a/gnocchi/templates/configmap-etc.yaml b/gnocchi/templates/configmap-etc.yaml +index bdf6acc..eb2fd1f 100644 +--- a/gnocchi/templates/configmap-etc.yaml ++++ b/gnocchi/templates/configmap-etc.yaml +@@ -91,13 +91,15 @@ limitations under the License. + {{- $envAll := . }} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: gnocchi-etc +-type: Opaque + data: +- gnocchi.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.gnocchi | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.apache "key" "wsgi-gnocchi.conf" "format" "Secret" ) | indent 2 }} ++ gnocchi.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.gnocchi | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.apache "key" "wsgi-gnocchi.conf") | indent 2 }} + {{- end }} +diff --git a/gnocchi/templates/daemonset-metricd.yaml b/gnocchi/templates/daemonset-metricd.yaml +index ccd6b0f..057fb95 100644 +--- a/gnocchi/templates/daemonset-metricd.yaml ++++ b/gnocchi/templates/daemonset-metricd.yaml +@@ -98,8 +98,8 @@ spec: + - name: pod-etc-gnocchi + emptyDir: {} + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: gnocchi-bin + configMap: +diff --git a/gnocchi/templates/daemonset-statsd.yaml b/gnocchi/templates/daemonset-statsd.yaml +index 343073e..9560a16 100644 +--- a/gnocchi/templates/daemonset-statsd.yaml ++++ b/gnocchi/templates/daemonset-statsd.yaml +@@ -104,8 +104,8 @@ spec: + - name: pod-etc-gnocchi + emptyDir: {} + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: gnocchi-bin + configMap: +diff --git a/gnocchi/templates/deployment-api.yaml b/gnocchi/templates/deployment-api.yaml +index 6425d46..b26a508 100644 +--- a/gnocchi/templates/deployment-api.yaml ++++ b/gnocchi/templates/deployment-api.yaml +@@ -123,8 +123,8 @@ spec: + - name: pod-etc-gnocchi + emptyDir: {} + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: gnocchi-bin + configMap: +diff --git a/gnocchi/templates/job-db-init-indexer.yaml b/gnocchi/templates/job-db-init-indexer.yaml +index ad47290..19abe9d 100644 +--- a/gnocchi/templates/job-db-init-indexer.yaml ++++ b/gnocchi/templates/job-db-init-indexer.yaml +@@ -66,8 +66,8 @@ spec: + readOnly: true + volumes: + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: pod-etc-gnocchi + emptyDir: {} +diff --git a/gnocchi/templates/job-db-sync.yaml b/gnocchi/templates/job-db-sync.yaml +index bdb0f95..5ee99ae 100644 +--- a/gnocchi/templates/job-db-sync.yaml ++++ b/gnocchi/templates/job-db-sync.yaml +@@ -76,8 +76,8 @@ spec: + readOnly: true + volumes: + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: gnocchi-bin + configMap: +diff --git a/gnocchi/templates/pod-gnocchi-test.yaml b/gnocchi/templates/pod-gnocchi-test.yaml +index df02983..2835c0e 100644 +--- a/gnocchi/templates/pod-gnocchi-test.yaml ++++ b/gnocchi/templates/pod-gnocchi-test.yaml +@@ -70,8 +70,8 @@ spec: + {{ if $mounts_gnocchi_tests.volumeMounts }}{{ toYaml $mounts_gnocchi_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: gnocchi-etc +- secret: +- secretName: gnocchi-etc ++ configMap: ++ name: gnocchi-etc + defaultMode: 0444 + - name: gnocchi-bin + configMap: +-- +1.8.3.1 + diff --git a/openstack/openstack-helm/Readme.rst b/openstack/openstack-helm/Readme.rst new file mode 100644 index 00000000..878edc91 --- /dev/null +++ b/openstack/openstack-helm/Readme.rst @@ -0,0 +1,8 @@ +This repo is for https://github.com/openstack/openstack-helm + +Changes to this repo are needed for StarlingX and those changes are +not yet merged. +Rather than clone and diverge the repo, the repo is extracted at a particular +git SHA, and patches are applied on top. + +As those patches are merged, the SHA can be updated and the local patches removed. diff --git a/openstack/openstack-helm/centos/build_srpm.data b/openstack/openstack-helm/centos/build_srpm.data new file mode 100644 index 00000000..35739351 --- /dev/null +++ b/openstack/openstack-helm/centos/build_srpm.data @@ -0,0 +1,8 @@ +TAR_NAME=openstack-helm +SHA=add7a9bc1175f6fafa8ea2918bc1d62209aaf243 +VERSION=1.0.0 +TAR="$TAR_NAME-$SHA.tar.gz" + +COPY_LIST="${CGCS_BASE}/downloads/$TAR $PKG_BASE/files/* " + +TIS_PATCH_VER=3 diff --git a/openstack/openstack-helm/centos/openstack-helm.spec b/openstack/openstack-helm/centos/openstack-helm.spec new file mode 100644 index 00000000..6d3cf984 --- /dev/null +++ b/openstack/openstack-helm/centos/openstack-helm.spec @@ -0,0 +1,70 @@ +%global sha add7a9bc1175f6fafa8ea2918bc1d62209aaf243 +%global helm_folder /usr/lib/helm +%global toolkit_version 0.1.0 +%global helmchart_version 0.1.0 + +Summary: Openstack-Helm charts +Name: openstack-helm +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: Wind River +URL: https://github.com/openstack/openstack-helm + +Source0: %{name}-%{sha}.tar.gz + +BuildArch: noarch + +Patch01: 0001-Revert-Neutron-TaaS-support-as-L2-Extension.patch +Patch02: 0002-Revert-Openstack-Use-k8s-secret-to-store-config.patch +Patch03: 0003-ceilometer-chart-updates.patch + +BuildRequires: helm +BuildRequires: openstack-helm-infra +Requires: openstack-helm-infra + +%description +Openstack Helm charts + +%prep +%setup -n openstack-helm +%patch01 -p1 +%patch02 -p1 +%patch03 -p1 + +%build +# initialize helm and stage the toolkit +helm init --client-only +# Host a server for the charts +cp %{helm_folder}/helm-toolkit-%{toolkit_version}.tgz . +helm serve --repo-path . & +helm repo rm local +helm repo add local http://localhost:8879/charts + +# Make the charts. These produce a tgz file +make barbican +make ceilometer +make cinder +make glance +make heat +make horizon +make ironic +make keystone +make magnum +make neutron +make nova + +# Remove the helm-toolkit tarball +rm helm-toolkit-%{toolkit_version}.tgz + +%install +# helm_folder is created by openstack-helm-infra +install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder} +install -p -D -m 755 *.tgz ${RPM_BUILD_ROOT}%{helm_folder} + +%files +#helm_folder is owned by openstack-helm-infra +%defattr(-,root,root,-) +%{helm_folder}/* + diff --git a/openstack/openstack-helm/files/0001-Revert-Neutron-TaaS-support-as-L2-Extension.patch b/openstack/openstack-helm/files/0001-Revert-Neutron-TaaS-support-as-L2-Extension.patch new file mode 100644 index 00000000..0f390f07 --- /dev/null +++ b/openstack/openstack-helm/files/0001-Revert-Neutron-TaaS-support-as-L2-Extension.patch @@ -0,0 +1,334 @@ +From c225120329e2d4c69e5ff1b150c88575258de1c8 Mon Sep 17 00:00:00 2001 +From: Gerry Kopec +Date: Tue, 2 Oct 2018 03:03:33 +0000 +Subject: [PATCH 1/3] Revert "Neutron TaaS support as L2 Extension" + +This reverts commit 2f5a1c0c7751ba340d493f3c6f08a23454a7cc38. + +To allow per host overrides to work we need to temporarily revert this +commit. This should be put back once upstream has fixed the issue: +https://storyboard.openstack.org/#!/story/2003873 +--- + neutron/templates/bin/_db-sync.sh.tpl | 5 +--- + .../bin/_neutron-openvswitch-agent.sh.tpl | 5 +--- + neutron/templates/bin/_neutron-server.sh.tpl | 5 +--- + neutron/templates/bin/_neutron-sriov-agent.sh.tpl | 5 +--- + neutron/templates/configmap-etc.yaml | 2 -- + neutron/templates/daemonset-ovs-agent.yaml | 20 ---------------- + neutron/templates/daemonset-sriov-agent.yaml | 20 ---------------- + neutron/templates/deployment-server.yaml | 6 ----- + neutron/values.yaml | 28 ---------------------- + 9 files changed, 4 insertions(+), 92 deletions(-) + +diff --git a/neutron/templates/bin/_db-sync.sh.tpl b/neutron/templates/bin/_db-sync.sh.tpl +index f8704c0..5bd137b 100644 +--- a/neutron/templates/bin/_db-sync.sh.tpl ++++ b/neutron/templates/bin/_db-sync.sh.tpl +@@ -1,7 +1,7 @@ + #!/bin/bash + + {{/* +-Copyright 2017 The Openstack-Helm Authors. ++Copyright 2017-2018 OpenStack Foundation. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. +@@ -21,7 +21,4 @@ set -ex + neutron-db-manage \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ +-{{- if .Values.conf.plugins.taas.taas.enabled }} +- --subproject tap-as-a-service \ +-{{- end }} + upgrade head +diff --git a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl +index a9b90d4..a91c929 100644 +--- a/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl ++++ b/neutron/templates/bin/_neutron-openvswitch-agent.sh.tpl +@@ -1,7 +1,7 @@ + #!/bin/bash + + {{/* +-Copyright 2017 The Openstack-Helm Authors. ++Copyright 2017-2018 OpenStack Foundation. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. +@@ -23,6 +23,3 @@ exec neutron-openvswitch-agent \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + --config-file /tmp/pod-shared/ml2-local-ip.ini \ + --config-file /etc/neutron/plugins/ml2/openvswitch_agent.ini +-{{- if .Values.conf.plugins.taas.taas.enabled }} \ +- --config-file /etc/neutron/plugins/ml2/taas.ini +-{{- end }} +diff --git a/neutron/templates/bin/_neutron-server.sh.tpl b/neutron/templates/bin/_neutron-server.sh.tpl +index a4de32d..cd24dd3 100644 +--- a/neutron/templates/bin/_neutron-server.sh.tpl ++++ b/neutron/templates/bin/_neutron-server.sh.tpl +@@ -1,7 +1,7 @@ + #!/bin/bash + + {{/* +-Copyright 2017 The Openstack-Helm Authors. ++Copyright 2017-2018 OpenStack Foundation. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. +@@ -23,9 +23,6 @@ function start () { + exec neutron-server \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini +-{{- if .Values.conf.plugins.taas.taas.enabled }} \ +- --config-file /etc/neutron/taas_plugin.ini +-{{- end }} + {{- if ( has "sriov" .Values.network.backend ) }} \ + --config-file /etc/neutron/plugins/ml2/sriov_agent.ini + {{- end }} +diff --git a/neutron/templates/bin/_neutron-sriov-agent.sh.tpl b/neutron/templates/bin/_neutron-sriov-agent.sh.tpl +index 98bf5e9..bf158d2 100644 +--- a/neutron/templates/bin/_neutron-sriov-agent.sh.tpl ++++ b/neutron/templates/bin/_neutron-sriov-agent.sh.tpl +@@ -1,7 +1,7 @@ + #!/bin/bash + + {{/* +-Copyright 2017 The Openstack-Helm Authors. ++Copyright 2017-2018 OpenStack Foundation. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. +@@ -22,6 +22,3 @@ exec neutron-sriov-nic-agent \ + --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini \ + --config-file /etc/neutron/plugins/ml2/sriov_agent.ini +-{{- if .Values.conf.plugins.taas.taas.enabled }} \ +- --config-file /etc/neutron/plugins/ml2/taas.ini +-{{- end }} +diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml +index 027602b..7293df0 100644 +--- a/neutron/templates/configmap-etc.yaml ++++ b/neutron/templates/configmap-etc.yaml +@@ -185,10 +185,8 @@ data: + l3_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.l3_agent | b64enc }} + metadata_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metadata_agent | b64enc }} + metering_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metering_agent | b64enc }} +- taas_plugin.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.taas_plugin | b64enc }} + ml2_conf.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf | b64enc }} + ml2_conf_sriov.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf_sriov | b64enc }} +- taas.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.taas | b64enc }} + macvtap_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.macvtap_agent | b64enc }} + linuxbridge_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.linuxbridge_agent | b64enc }} + openvswitch_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.openvswitch_agent | b64enc }} +diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml +index 34aba25..3ca1ca3 100644 +--- a/neutron/templates/daemonset-ovs-agent.yaml ++++ b/neutron/templates/daemonset-ovs-agent.yaml +@@ -102,12 +102,6 @@ spec: + mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini + subPath: openvswitch_agent.ini + readOnly: true +- {{- if .Values.conf.plugins.taas.taas.enabled }} +- - name: neutron-etc +- mountPath: /etc/neutron/plugins/ml2/taas.ini +- subPath: taas.ini +- readOnly: true +- {{- end }} + - name: neutron-etc + # NOTE (Portdirect): We mount here to override Kollas + # custom sudoers file when using Kolla images, this +@@ -121,9 +115,6 @@ spec: + readOnly: true + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- if ( has "ovs_agent" $value.pods ) }} +- {{- if and ( eq "taas" $key ) (not $envAll.Values.conf.plugins.taas.taas.enabled) }} +- ## if taas is not enabled, do not include taas.filters +- {{- else }} + {{- $filePrefix := replace "_" "-" $key }} + {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }} + - name: neutron-etc +@@ -132,7 +123,6 @@ spec: + readOnly: true + {{- end }} + {{- end }} +- {{- end }} + - name: run + mountPath: /run + {{ if $mounts_neutron_ovs_agent.volumeMounts }}{{ toYaml $mounts_neutron_ovs_agent.volumeMounts | indent 12 }}{{ end }} +@@ -176,12 +166,6 @@ spec: + mountPath: /etc/neutron/plugins/ml2/openvswitch_agent.ini + subPath: openvswitch_agent.ini + readOnly: true +- {{- if .Values.conf.plugins.taas.taas.enabled }} +- - name: neutron-etc +- mountPath: /etc/neutron/plugins/ml2/taas.ini +- subPath: taas.ini +- readOnly: true +- {{- end }} + - name: neutron-etc + # NOTE (Portdirect): We mount here to override Kollas + # custom sudoers file when using Kolla images, this +@@ -195,9 +179,6 @@ spec: + readOnly: true + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- if ( has "ovs_agent" $value.pods ) }} +- {{- if and ( eq "taas" $key ) (not $envAll.Values.conf.plugins.taas.taas.enabled) }} +- ## if taas is not enabled, do not include taas.filters +- {{- else }} + {{- $filePrefix := replace "_" "-" $key }} + {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }} + - name: neutron-etc +@@ -206,7 +187,6 @@ spec: + readOnly: true + {{- end }} + {{- end }} +- {{- end }} + - name: run + mountPath: /run + {{ if $mounts_neutron_ovs_agent.volumeMounts }}{{ toYaml $mounts_neutron_ovs_agent.volumeMounts | indent 12 }}{{ end }} +diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml +index 4b8b6e1..6130817 100644 +--- a/neutron/templates/daemonset-sriov-agent.yaml ++++ b/neutron/templates/daemonset-sriov-agent.yaml +@@ -85,12 +85,6 @@ spec: + mountPath: /etc/neutron/plugins/ml2/sriov_agent.ini + subPath: sriov_agent.ini + readOnly: true +- {{- if .Values.conf.plugins.taas.taas.enabled }} +- - name: neutron-etc +- mountPath: /etc/neutron/plugins/ml2/taas.ini +- subPath: taas.ini +- readOnly: true +- {{- end }} + - name: neutron-etc + # NOTE (Portdirect): We mount here to override Kollas + # custom sudoers file when using Kolla images, this +@@ -104,9 +98,6 @@ spec: + readOnly: true + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- if ( has "sriov_agent" $value.pods ) }} +- {{- if and ( eq "taas" $key ) (not $envAll.Values.conf.plugins.taas.taas.enabled) }} +- ## if taas is not enabled, do not include taas.filters +- {{- else }} + {{- $filePrefix := replace "_" "-" $key }} + {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }} + - name: neutron-etc +@@ -115,7 +106,6 @@ spec: + readOnly: true + {{- end }} + {{- end }} +- {{- end }} + - name: run + mountPath: /run + {{ if $mounts_neutron_sriov_agent.volumeMounts }}{{ toYaml $mounts_neutron_sriov_agent.volumeMounts | indent 12 }}{{ end }} +@@ -151,12 +141,6 @@ spec: + mountPath: /etc/neutron/plugins/ml2/sriov_agent.ini + subPath: sriov_agent.ini + readOnly: true +- {{- if .Values.conf.plugins.taas.taas.enabled }} +- - name: neutron-etc +- mountPath: /etc/neutron/plugins/ml2/taas.ini +- subPath: taas.ini +- readOnly: true +- {{- end }} + - name: neutron-etc + # NOTE (Portdirect): We mount here to override Kollas + # custom sudoers file when using Kolla images, this +@@ -170,9 +154,6 @@ spec: + readOnly: true + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- if ( has "sriov_agent" $value.pods ) }} +- {{- if and ( eq "taas" $key ) (not $envAll.Values.conf.plugins.taas.taas.enabled) }} +- ## if taas is not enabled, do not include taas.filters +- {{- else }} + {{- $filePrefix := replace "_" "-" $key }} + {{- $rootwrapFile := printf "/etc/neutron/rootwrap.d/%s.filters" $filePrefix }} + - name: neutron-etc +@@ -181,7 +162,6 @@ spec: + readOnly: true + {{- end }} + {{- end }} +- {{- end }} + - name: run + mountPath: /run + {{ if $mounts_neutron_sriov_agent.volumeMounts }}{{ toYaml $mounts_neutron_sriov_agent.volumeMounts | indent 12 }}{{ end }} +diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml +index b66467f..31dec3d 100644 +--- a/neutron/templates/deployment-server.yaml ++++ b/neutron/templates/deployment-server.yaml +@@ -100,12 +100,6 @@ spec: + subPath: sriov_agent.ini + readOnly: true + {{ end }} +- {{- if .Values.conf.plugins.taas.taas.enabled }} +- - name: neutron-etc +- mountPath: /etc/neutron/taas_plugin.ini +- subPath: taas_plugin.ini +- readOnly: true +- {{ end }} + - name: neutron-etc + mountPath: /etc/neutron/api-paste.ini + subPath: api-paste.ini +diff --git a/neutron/values.yaml b/neutron/values.yaml +index 64201be..e5bb6d8 100644 +--- a/neutron/values.yaml ++++ b/neutron/values.yaml +@@ -1433,23 +1433,6 @@ conf: + # NOTE: A second `--config-file` arg can also be added above. Since + # many neutron components are installed like that (eg: by devstack). + # Adjust to suit local requirements. +- taas: +- pods: +- - ovs_agent +- - sriov_agent +- content: | +- # neutron-rootwrap command filters for nodes on which neutron +- # tap-as-a-service(taas) is eanbled. Taas uses this command +- # as part of its flow control. +- +- # format seems to be +- # cmd-name: filter-name, raw-command, user, args +- +- [Filters] +- +- # This is needed to allow taas to insert/remove vlan id to the +- # target vf under /sys/class/net/[device-name]/device/sriov/[vf-index]/[mirror] +- i40e_sysfs_command: RegExpFilter, /opt/i40e_sysfs_command, root, /opt/i40e_sysfs_command, \w+, .+, .+ + neutron: + DEFAULT: + log_config_append: /etc/neutron/logging.conf +@@ -1495,7 +1478,6 @@ conf: + keys: + - root + - neutron +- - neutron_taas + handlers: + keys: + - stdout +@@ -1513,11 +1495,6 @@ conf: + handlers: + - stdout + qualname: neutron +- logger_neutron_taas: +- level: INFO +- handlers: +- - stdout +- qualname: neutron_taas + logger_amqp: + level: WARNING + handlers: stderr +@@ -1573,12 +1550,7 @@ conf: + # using ml2_type_vlan.network_vlan_ranges: + # ml2_type_vlan: + # network_vlan_ranges: "external:1100:1110" +- agent: +- extensions: "" + ml2_conf_sriov: null +- taas: +- taas: +- enabled: False + openvswitch_agent: + agent: + tunnel_types: vxlan +-- +1.8.3.1 + diff --git a/openstack/openstack-helm/files/0002-Revert-Openstack-Use-k8s-secret-to-store-config.patch b/openstack/openstack-helm/files/0002-Revert-Openstack-Use-k8s-secret-to-store-config.patch new file mode 100644 index 00000000..a84386f2 --- /dev/null +++ b/openstack/openstack-helm/files/0002-Revert-Openstack-Use-k8s-secret-to-store-config.patch @@ -0,0 +1,1811 @@ +From e9053d311e689e937bfdb451f872627073af4ac6 Mon Sep 17 00:00:00 2001 +From: Gerry Kopec +Date: Tue, 2 Oct 2018 03:04:26 +0000 +Subject: [PATCH 2/3] Revert "Openstack: Use k8s secret to store config" + +This reverts commit 83b91e6e1be4bcab83c333f993fdc9e6fa8fa4bc. + +Conflicts: + gnocchi/templates/configmap-etc.yaml + gnocchi/templates/daemonset-metricd.yaml + gnocchi/templates/daemonset-statsd.yaml + gnocchi/templates/deployment-api.yaml + gnocchi/templates/job-db-init-indexer.yaml + gnocchi/templates/job-db-sync.yaml + gnocchi/templates/pod-gnocchi-test.yaml + +To allow per host overrides to work we need to temporarily revert this +commit. This should be put back once upstream has fixed the issue: +https://storyboard.openstack.org/#!/story/2003873 +--- + barbican/templates/configmap-etc.yaml | 21 +++++--- + barbican/templates/deployment-api.yaml | 4 +- + ceilometer/templates/configmap-etc.yaml | 29 ++++++----- + ceilometer/templates/daemonset-compute.yaml | 4 +- + ceilometer/templates/deployment-api.yaml | 4 +- + ceilometer/templates/deployment-central.yaml | 4 +- + ceilometer/templates/deployment-collector.yaml | 4 +- + ceilometer/templates/deployment-notification.yaml | 4 +- + ceilometer/templates/pod-rally-test.yaml | 4 +- + cinder/templates/configmap-etc.yaml | 33 ++++++++----- + .../cron-job-cinder-volume-usage-audit.yaml | 4 +- + cinder/templates/deployment-api.yaml | 4 +- + cinder/templates/deployment-backup.yaml | 4 +- + cinder/templates/deployment-scheduler.yaml | 4 +- + cinder/templates/deployment-volume.yaml | 5 +- + cinder/templates/job-backup-storage-init.yaml | 4 +- + cinder/templates/pod-rally-test.yaml | 4 +- + congress/templates/configmap-etc.yaml | 15 +++--- + congress/templates/deployment-api.yaml | 4 +- + congress/templates/deployment-datasource.yaml | 4 +- + congress/templates/deployment-policy-engine.yaml | 4 +- + glance/templates/configmap-etc.yaml | 26 ++++++---- + glance/templates/deployment-api.yaml | 4 +- + glance/templates/deployment-registry.yaml | 4 +- + glance/templates/pod-rally-test.yaml | 4 +- + heat/templates/configmap-etc.yaml | 21 +++++--- + heat/templates/cron-job-engine-cleaner.yaml | 4 +- + heat/templates/deployment-api.yaml | 4 +- + heat/templates/deployment-cfn.yaml | 4 +- + heat/templates/deployment-cloudwatch.yaml | 4 +- + heat/templates/deployment-engine.yaml | 4 +- + heat/templates/pod-rally-test.yaml | 4 +- + horizon/templates/configmap-etc.yaml | 10 ++-- + horizon/templates/deployment.yaml | 4 +- + horizon/templates/job-db-sync.yaml | 4 +- + ironic/templates/configmap-etc.yaml | 16 +++--- + ironic/templates/deployment-api.yaml | 4 +- + ironic/templates/statefulset-conductor.yaml | 4 +- + keystone/templates/configmap-etc.yaml | 29 ++++++----- + keystone/templates/cron-job-credential-rotate.yaml | 4 +- + keystone/templates/cron-job-fernet-rotate.yaml | 4 +- + keystone/templates/deployment-api.yaml | 4 +- + keystone/templates/job-credential-setup.yaml | 8 +-- + keystone/templates/job-domain-manage.yaml | 4 +- + keystone/templates/job-fernet-setup.yaml | 8 +-- + keystone/templates/pod-rally-test.yaml | 4 +- + magnum/templates/configmap-etc.yaml | 15 +++--- + magnum/templates/deployment-api.yaml | 4 +- + magnum/templates/statefulset-conductor.yaml | 4 +- + mistral/templates/configmap-etc.yaml | 18 ++++--- + mistral/templates/deployment-api.yaml | 4 +- + mistral/templates/deployment-executor.yaml | 4 +- + mistral/templates/pod-rally-test.yaml | 4 +- + mistral/templates/statefulset-engine.yaml | 4 +- + mistral/templates/statefulset-event-engine.yaml | 4 +- + mistral/values.yaml | 2 +- + neutron/templates/configmap-etc.yaml | 57 ++++++++++++++-------- + neutron/templates/daemonset-dhcp-agent.yaml | 4 +- + neutron/templates/daemonset-l3-agent.yaml | 4 +- + neutron/templates/daemonset-lb-agent.yaml | 4 +- + neutron/templates/daemonset-metadata-agent.yaml | 4 +- + neutron/templates/daemonset-ovs-agent.yaml | 4 +- + neutron/templates/daemonset-sriov-agent.yaml | 4 +- + neutron/templates/deployment-server.yaml | 4 +- + neutron/templates/pod-rally-test.yaml | 4 +- + nova/templates/configmap-etc.yaml | 34 ++++++++----- + nova/templates/cron-job-cell-setup.yaml | 4 +- + nova/templates/cron-job-service-cleaner.yaml | 4 +- + nova/templates/daemonset-compute.yaml | 4 +- + nova/templates/deployment-api-metadata.yaml | 4 +- + nova/templates/deployment-api-osapi.yaml | 4 +- + nova/templates/deployment-conductor.yaml | 4 +- + nova/templates/deployment-consoleauth.yaml | 4 +- + nova/templates/deployment-novncproxy.yaml | 4 +- + nova/templates/deployment-placement.yaml | 4 +- + nova/templates/deployment-scheduler.yaml | 4 +- + nova/templates/deployment-spiceproxy.yaml | 4 +- + nova/templates/job-cell-setup.yaml | 4 +- + nova/templates/pod-rally-test.yaml | 4 +- + nova/templates/statefulset-compute-ironic.yaml | 4 +- + rally/templates/configmap-etc.yaml | 6 +-- + rally/templates/job-manage-db.yaml | 4 +- + rally/templates/job-run-task.yaml | 4 +- + senlin/templates/configmap-etc.yaml | 18 ++++--- + senlin/templates/cron-job-engine-cleaner.yaml | 4 +- + senlin/templates/deployment-api.yaml | 4 +- + senlin/templates/deployment-engine.yaml | 4 +- + tempest/templates/configmap-etc.yaml | 12 +++-- + tempest/templates/job-run-tests.yaml | 4 +- + 89 files changed, 365 insertions(+), 294 deletions(-) + +diff --git a/barbican/templates/configmap-etc.yaml b/barbican/templates/configmap-etc.yaml +index 18d5d37..b0bc113 100644 +--- a/barbican/templates/configmap-etc.yaml ++++ b/barbican/templates/configmap-etc.yaml +@@ -86,15 +86,20 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: barbican-etc +-type: Opaque + data: +- barbican.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.barbican | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- barbican-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- api_audit_map.conf: {{ include "helm-toolkit.utils.to_ini" .Values.conf.audit_map | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +- barbican-api.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.barbican_api | b64enc }} ++ barbican.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.barbican | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ barbican-api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ api_audit_map.conf: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.audit_map | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++ barbican-api.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.barbican_api | indent 4 }} + {{- end }} +diff --git a/barbican/templates/deployment-api.yaml b/barbican/templates/deployment-api.yaml +index 3187182..8270d36 100644 +--- a/barbican/templates/deployment-api.yaml ++++ b/barbican/templates/deployment-api.yaml +@@ -109,8 +109,8 @@ spec: + - name: etcbarbican + emptyDir: {} + - name: barbican-etc +- secret: +- secretName: barbican-etc ++ configMap: ++ name: barbican-etc + defaultMode: 0444 + - name: barbican-bin + configMap: +diff --git a/ceilometer/templates/configmap-etc.yaml b/ceilometer/templates/configmap-etc.yaml +index 17ddb1b..d7d9653 100644 +--- a/ceilometer/templates/configmap-etc.yaml ++++ b/ceilometer/templates/configmap-etc.yaml +@@ -107,18 +107,25 @@ limitations under the License. + + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: ceilometer-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests | b64enc }} +- ceilometer.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ceilometer | b64enc }} +- api_paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +- event_pipeline.yaml: {{ toYaml .Values.conf.event_pipeline | b64enc }} +- pipeline.yaml: {{ toYaml .Values.conf.pipeline | b64enc }} +- event_definitions.yaml: {{ toYaml .Values.conf.event_definitions | b64enc }} +- gnocchi_resources.yaml: {{ toYaml .Values.conf.gnocchi_resources | b64enc }} +-{{ include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_ceilometer "key" "wsgi-ceilometer.conf" "format" "Secret" ) | indent 2 }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests | indent 4 }} ++ ceilometer.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ceilometer | indent 4 }} ++ api_paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++ event_pipeline.yaml: | ++{{ toYaml .Values.conf.event_pipeline | indent 4 }} ++ pipeline.yaml: | ++{{ toYaml .Values.conf.pipeline | indent 4 }} ++ event_definitions.yaml: | ++{{ toYaml .Values.conf.event_definitions | indent 4 }} ++ gnocchi_resources.yaml: | ++{{ toYaml .Values.conf.gnocchi_resources | indent 4 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_ceilometer "key" "wsgi-ceilometer.conf" ) | indent 2 }} + {{- end }} +diff --git a/ceilometer/templates/daemonset-compute.yaml b/ceilometer/templates/daemonset-compute.yaml +index 686572a..cf31840 100644 +--- a/ceilometer/templates/daemonset-compute.yaml ++++ b/ceilometer/templates/daemonset-compute.yaml +@@ -111,8 +111,8 @@ spec: + - name: pod-etc-ceilometer + emptyDir: {} + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/ceilometer/templates/deployment-api.yaml b/ceilometer/templates/deployment-api.yaml +index 2a4c879..7ebc230 100644 +--- a/ceilometer/templates/deployment-api.yaml ++++ b/ceilometer/templates/deployment-api.yaml +@@ -116,8 +116,8 @@ spec: + - name: pod-etc-ceilometer + emptyDir: {} + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/ceilometer/templates/deployment-central.yaml b/ceilometer/templates/deployment-central.yaml +index b7a597b..2fe7ed3 100644 +--- a/ceilometer/templates/deployment-central.yaml ++++ b/ceilometer/templates/deployment-central.yaml +@@ -98,8 +98,8 @@ spec: + - name: pod-etc-ceilometer + emptyDir: {} + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/ceilometer/templates/deployment-collector.yaml b/ceilometer/templates/deployment-collector.yaml +index 07c761e..0fed543 100644 +--- a/ceilometer/templates/deployment-collector.yaml ++++ b/ceilometer/templates/deployment-collector.yaml +@@ -98,8 +98,8 @@ spec: + - name: pod-etc-ceilometer + emptyDir: {} + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/ceilometer/templates/deployment-notification.yaml b/ceilometer/templates/deployment-notification.yaml +index 06fda3d..2eeb571 100644 +--- a/ceilometer/templates/deployment-notification.yaml ++++ b/ceilometer/templates/deployment-notification.yaml +@@ -98,8 +98,8 @@ spec: + - name: pod-etc-ceilometer + emptyDir: {} + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/ceilometer/templates/pod-rally-test.yaml b/ceilometer/templates/pod-rally-test.yaml +index 9cbf2fd..f2dc212 100644 +--- a/ceilometer/templates/pod-rally-test.yaml ++++ b/ceilometer/templates/pod-rally-test.yaml +@@ -87,8 +87,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: ceilometer-etc +- secret: +- secretName: ceilometer-etc ++ configMap: ++ name: ceilometer-etc + defaultMode: 0444 + - name: ceilometer-bin + configMap: +diff --git a/cinder/templates/configmap-etc.yaml b/cinder/templates/configmap-etc.yaml +index 88d9fa0..e116bde 100644 +--- a/cinder/templates/configmap-etc.yaml ++++ b/cinder/templates/configmap-etc.yaml +@@ -108,24 +108,33 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: cinder-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- cinder.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.cinder | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- backends.conf: {{ include "helm-toolkit.utils.to_ini" .Values.conf.backends | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +- cinder_sudoers: {{ $envAll.Values.conf.cinder_sudoers | b64enc }} +- rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ cinder.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.cinder | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ backends.conf: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.backends | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++ cinder_sudoers: | ++{{ $envAll.Values.conf.cinder_sudoers | indent 4 }} ++ rootwrap.conf: | ++{{ $envAll.Values.conf.rootwrap | indent 4 }} + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- $filePrefix := replace "_" "-" $key }} +- {{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }} ++ {{ printf "%s.filters" $filePrefix }}: | ++{{ $value.content | indent 4 }} + {{- end }} + {{- if .Values.backup.external_ceph_rbd.enabled }} +- external-backup-ceph.conf: {{ include "helm-toolkit.utils.to_ini" .Values.backup.external_ceph_rbd.conf | b64enc }} ++ external-backup-ceph.conf: | ++{{ include "helm-toolkit.utils.to_ini" .Values.backup.external_ceph_rbd.conf | indent 4 }} + {{- end }} + {{- end }} +diff --git a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +index 5d7ed3c..42ea01d 100644 +--- a/cinder/templates/cron-job-cinder-volume-usage-audit.yaml ++++ b/cinder/templates/cron-job-cinder-volume-usage-audit.yaml +@@ -73,8 +73,8 @@ spec: + - name: etccinder + emptyDir: {} + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + - name: cinder-bin + configMap: +diff --git a/cinder/templates/deployment-api.yaml b/cinder/templates/deployment-api.yaml +index 9213d34..629dc6b 100644 +--- a/cinder/templates/deployment-api.yaml ++++ b/cinder/templates/deployment-api.yaml +@@ -120,8 +120,8 @@ spec: + name: cinder-bin + defaultMode: 0555 + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} + #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder +diff --git a/cinder/templates/deployment-backup.yaml b/cinder/templates/deployment-backup.yaml +index d978b3a..181f132 100644 +--- a/cinder/templates/deployment-backup.yaml ++++ b/cinder/templates/deployment-backup.yaml +@@ -197,8 +197,8 @@ spec: + {{ if $mounts_cinder_backup.volumeMounts }}{{ toYaml $mounts_cinder_backup.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + - name: cinder-bin + configMap: +diff --git a/cinder/templates/deployment-scheduler.yaml b/cinder/templates/deployment-scheduler.yaml +index c60e13b..fb8512f 100644 +--- a/cinder/templates/deployment-scheduler.yaml ++++ b/cinder/templates/deployment-scheduler.yaml +@@ -106,8 +106,8 @@ spec: + name: cinder-bin + defaultMode: 0555 + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + {{- if eq ( split "://" .Values.conf.cinder.coordination.backend_url )._0 "file" }} + #NOTE (portdirect): this will need to be set to a shared mount amongst all cinder +diff --git a/cinder/templates/deployment-volume.yaml b/cinder/templates/deployment-volume.yaml +index 46d13fd..7a1e7d5 100644 +--- a/cinder/templates/deployment-volume.yaml ++++ b/cinder/templates/deployment-volume.yaml +@@ -161,9 +161,8 @@ spec: + name: cinder-bin + defaultMode: 0555 + - name: cinder-etc +- secret: +- secretName: cinder-etc +- defaultMode: 0444 ++ configMap: ++ name: cinder-etc + {{- if include "cinder.utils.is_ceph_volume_configured" $envAll }} + - name: etcceph + emptyDir: {} +diff --git a/cinder/templates/job-backup-storage-init.yaml b/cinder/templates/job-backup-storage-init.yaml +index dcb756a..a2f7255 100644 +--- a/cinder/templates/job-backup-storage-init.yaml ++++ b/cinder/templates/job-backup-storage-init.yaml +@@ -161,8 +161,8 @@ spec: + defaultMode: 0444 + {{- if .Values.backup.external_ceph_rbd.enabled }} + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + {{- end }} + {{- if empty .Values.conf.ceph.admin_keyring }} +diff --git a/cinder/templates/pod-rally-test.yaml b/cinder/templates/pod-rally-test.yaml +index f24e5aa..630e97b 100644 +--- a/cinder/templates/pod-rally-test.yaml ++++ b/cinder/templates/pod-rally-test.yaml +@@ -89,8 +89,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: cinder-etc +- secret: +- secretName: cinder-etc ++ configMap: ++ name: cinder-etc + defaultMode: 0444 + - name: cinder-bin + configMap: +diff --git a/congress/templates/configmap-etc.yaml b/congress/templates/configmap-etc.yaml +index 4b4fd05..0996efd 100644 +--- a/congress/templates/configmap-etc.yaml ++++ b/congress/templates/configmap-etc.yaml +@@ -77,13 +77,16 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: congress-etc +-type: Opaque + data: +- congress.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.congress | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} ++ congress.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.congress | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} + {{- end }} +diff --git a/congress/templates/deployment-api.yaml b/congress/templates/deployment-api.yaml +index d635ce1..a78d9bc 100644 +--- a/congress/templates/deployment-api.yaml ++++ b/congress/templates/deployment-api.yaml +@@ -91,7 +91,7 @@ spec: + name: congress-bin + defaultMode: 0777 + - name: congress-etc +- secret: +- secretName: congress-etc ++ configMap: ++ name: congress-etc + defaultMode: 0444 + {{ end }} +diff --git a/congress/templates/deployment-datasource.yaml b/congress/templates/deployment-datasource.yaml +index 97cff78..5eeba89 100644 +--- a/congress/templates/deployment-datasource.yaml ++++ b/congress/templates/deployment-datasource.yaml +@@ -85,8 +85,8 @@ spec: + name: congress-bin + defaultMode: 0555 + - name: congress-etc +- secret: +- secretName: congress-etc ++ configMap: ++ name: congress-etc + defaultMode: 0444 + + {{ end }} +diff --git a/congress/templates/deployment-policy-engine.yaml b/congress/templates/deployment-policy-engine.yaml +index 77c233f..d3f1bd8 100644 +--- a/congress/templates/deployment-policy-engine.yaml ++++ b/congress/templates/deployment-policy-engine.yaml +@@ -85,8 +85,8 @@ spec: + name: congress-bin + defaultMode: 0555 + - name: congress-etc +- secret: +- secretName: congress-etc ++ configMap: ++ name: congress-etc + defaultMode: 0444 + + {{ end }} +diff --git a/glance/templates/configmap-etc.yaml b/glance/templates/configmap-etc.yaml +index 3c922db..c3d2f72 100644 +--- a/glance/templates/configmap-etc.yaml ++++ b/glance/templates/configmap-etc.yaml +@@ -158,17 +158,23 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: glance-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- glance-api.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- glance-api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- glance-registry.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance_registry | b64enc }} +- glance-registry-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste_registry | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +-{{- include "helm-toolkit.snippets.values_template_renderer" ( dict "envAll" $envAll "template" .Values.conf.swift_store "key" "swift-store.conf" "format" "Secret" ) | indent 2 }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ glance-api.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ glance-api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ glance-registry.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.glance_registry | indent 4 }} ++ glance-registry-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste_registry | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.swift_store "key" "swift-store.conf") | indent 2 }} + {{- end }} +diff --git a/glance/templates/deployment-api.yaml b/glance/templates/deployment-api.yaml +index 31316c7..634ceeb 100644 +--- a/glance/templates/deployment-api.yaml ++++ b/glance/templates/deployment-api.yaml +@@ -159,8 +159,8 @@ spec: + name: glance-bin + defaultMode: 0555 + - name: glance-etc +- secret: +- secretName: glance-etc ++ configMap: ++ name: glance-etc + defaultMode: 0444 + {{- if eq .Values.storage "pvc" }} + - name: glance-images +diff --git a/glance/templates/deployment-registry.yaml b/glance/templates/deployment-registry.yaml +index cf296e7..5a4f614 100644 +--- a/glance/templates/deployment-registry.yaml ++++ b/glance/templates/deployment-registry.yaml +@@ -106,8 +106,8 @@ spec: + name: glance-bin + defaultMode: 0555 + - name: glance-etc +- secret: +- secretName: glance-etc ++ configMap: ++ name: glance-etc + defaultMode: 0444 + {{ if $mounts_glance_registry.volumes }}{{ toYaml $mounts_glance_registry.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/glance/templates/pod-rally-test.yaml b/glance/templates/pod-rally-test.yaml +index a0f992f..a807b83 100644 +--- a/glance/templates/pod-rally-test.yaml ++++ b/glance/templates/pod-rally-test.yaml +@@ -88,8 +88,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: glance-etc +- secret: +- secretName: glance-etc ++ configMap: ++ name: glance-etc + defaultMode: 0444 + - name: glance-bin + configMap: +diff --git a/heat/templates/configmap-etc.yaml b/heat/templates/configmap-etc.yaml +index e89012d..7d56528 100644 +--- a/heat/templates/configmap-etc.yaml ++++ b/heat/templates/configmap-etc.yaml +@@ -134,17 +134,22 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: heat-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- heat.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ heat.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.heat | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} + {{- range $key, $value := $envAll.Values.conf.rally_tests.templates }} +- {{ printf "test_template_%d" $key }}: {{ $value.template | b64enc }} ++ {{ printf "test_template_%d" $key }}: | ++{{ $value.template | indent 4 }} + {{- end }} + {{- end }} +diff --git a/heat/templates/cron-job-engine-cleaner.yaml b/heat/templates/cron-job-engine-cleaner.yaml +index 986023f..77f8443 100644 +--- a/heat/templates/cron-job-engine-cleaner.yaml ++++ b/heat/templates/cron-job-engine-cleaner.yaml +@@ -73,8 +73,8 @@ spec: + - name: etcheat + emptyDir: {} + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + - name: heat-bin + configMap: +diff --git a/heat/templates/deployment-api.yaml b/heat/templates/deployment-api.yaml +index e4799b2..be4c13f 100644 +--- a/heat/templates/deployment-api.yaml ++++ b/heat/templates/deployment-api.yaml +@@ -106,8 +106,8 @@ spec: + name: heat-bin + defaultMode: 0555 + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + {{ if $mounts_heat_api.volumes }}{{ toYaml $mounts_heat_api.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/heat/templates/deployment-cfn.yaml b/heat/templates/deployment-cfn.yaml +index 81b165a..06fd278 100644 +--- a/heat/templates/deployment-cfn.yaml ++++ b/heat/templates/deployment-cfn.yaml +@@ -106,8 +106,8 @@ spec: + name: heat-bin + defaultMode: 0555 + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + {{ if $mounts_heat_cfn.volumes }}{{ toYaml $mounts_heat_cfn.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/heat/templates/deployment-cloudwatch.yaml b/heat/templates/deployment-cloudwatch.yaml +index a93baba..e452b97 100644 +--- a/heat/templates/deployment-cloudwatch.yaml ++++ b/heat/templates/deployment-cloudwatch.yaml +@@ -106,8 +106,8 @@ spec: + name: heat-bin + defaultMode: 0555 + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + {{ if $mounts_heat_cloudwatch.volumes }}{{ toYaml $mounts_heat_cloudwatch.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/heat/templates/deployment-engine.yaml b/heat/templates/deployment-engine.yaml +index a68939a..63d4543 100644 +--- a/heat/templates/deployment-engine.yaml ++++ b/heat/templates/deployment-engine.yaml +@@ -104,8 +104,8 @@ spec: + name: heat-bin + defaultMode: 0555 + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + {{ if $mounts_heat_engine.volumes }}{{ toYaml $mounts_heat_engine.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/heat/templates/pod-rally-test.yaml b/heat/templates/pod-rally-test.yaml +index 2db25a3..3ddc6d3 100644 +--- a/heat/templates/pod-rally-test.yaml ++++ b/heat/templates/pod-rally-test.yaml +@@ -95,8 +95,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: heat-etc +- secret: +- secretName: heat-etc ++ configMap: ++ name: heat-etc + defaultMode: 0444 + - name: heat-bin + configMap: +diff --git a/horizon/templates/configmap-etc.yaml b/horizon/templates/configmap-etc.yaml +index bfdfc18..dc695a1 100644 +--- a/horizon/templates/configmap-etc.yaml ++++ b/horizon/templates/configmap-etc.yaml +@@ -18,14 +18,14 @@ limitations under the License. + {{- $envAll := . }} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: horizon-etc +-type: Opaque + data: +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.horizon.apache "key" "horizon.conf" "format" "Secret" ) | indent 2 }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.horizon.local_settings.template "key" "local_settings" "format" "Secret" ) | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.horizon.apache "key" "horizon.conf") | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.horizon.local_settings.template "key" "local_settings") | indent 2 }} + {{- range $key, $value := .Values.conf.horizon.policy }} +- {{ printf "%s_policy.json" $key }}: {{ $value | toPrettyJson | b64enc }} ++ {{ printf "%s_policy.json" $key }}: | ++{{ $value | toPrettyJson | indent 4 }} + {{- end }} + {{- end }} +diff --git a/horizon/templates/deployment.yaml b/horizon/templates/deployment.yaml +index fe6b8da..2a76226 100644 +--- a/horizon/templates/deployment.yaml ++++ b/horizon/templates/deployment.yaml +@@ -119,8 +119,8 @@ spec: + name: horizon-bin + defaultMode: 0555 + - name: horizon-etc +- secret: +- secretName: horizon-etc ++ configMap: ++ name: horizon-etc + defaultMode: 0444 + {{ if $mounts_horizon.volumes }}{{ toYaml $mounts_horizon.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/horizon/templates/job-db-sync.yaml b/horizon/templates/job-db-sync.yaml +index 893428c..eefdb44 100644 +--- a/horizon/templates/job-db-sync.yaml ++++ b/horizon/templates/job-db-sync.yaml +@@ -63,8 +63,8 @@ spec: + {{ if $mounts_horizon_db_sync.volumeMounts }}{{ toYaml $mounts_horizon_db_sync.volumeMounts | indent 10 }}{{ end }} + volumes: + - name: horizon-etc +- secret: +- secretName: horizon-etc ++ configMap: ++ name: horizon-etc + defaultMode: 0444 + - name: horizon-bin + configMap: +diff --git a/ironic/templates/configmap-etc.yaml b/ironic/templates/configmap-etc.yaml +index 613e4bf..d0a62d5 100644 +--- a/ironic/templates/configmap-etc.yaml ++++ b/ironic/templates/configmap-etc.yaml +@@ -198,14 +198,16 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: ironic-etc +-type: Opaque + data: +- ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.tftp_map_file "key" "tftp-map-file" "format" "Secret" ) | indent 2 }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf" "format" "Secret" ) | indent 2 }} ++ ironic.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.ironic | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.tftp_map_file "key" "tftp-map-file") | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.nginx "key" "nginx.conf") | indent 2 }} + {{- end }} +diff --git a/ironic/templates/deployment-api.yaml b/ironic/templates/deployment-api.yaml +index 9498d58..2ef3631 100644 +--- a/ironic/templates/deployment-api.yaml ++++ b/ironic/templates/deployment-api.yaml +@@ -132,8 +132,8 @@ spec: + name: ironic-bin + defaultMode: 0555 + - name: ironic-etc +- secret: +- secretName: ironic-etc ++ configMap: ++ name: ironic-etc + defaultMode: 0444 + - name: pod-shared + emptyDir: {} +diff --git a/ironic/templates/statefulset-conductor.yaml b/ironic/templates/statefulset-conductor.yaml +index 073690f..1f3036e 100644 +--- a/ironic/templates/statefulset-conductor.yaml ++++ b/ironic/templates/statefulset-conductor.yaml +@@ -221,8 +221,8 @@ spec: + name: ironic-bin + defaultMode: 0555 + - name: ironic-etc +- secret: +- secretName: ironic-etc ++ configMap: ++ name: ironic-etc + defaultMode: 0444 + - name: host-var-lib-ironic + hostPath: +diff --git a/keystone/templates/configmap-etc.yaml b/keystone/templates/configmap-etc.yaml +index 5e7721b..edd97d9 100644 +--- a/keystone/templates/configmap-etc.yaml ++++ b/keystone/templates/configmap-etc.yaml +@@ -43,21 +43,26 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: keystone-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- keystone.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.logging | b64enc }} +- keystone-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} +- ports.conf: '' ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ keystone.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.keystone | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.logging | indent 4 }} ++ keystone-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} ++ ports.conf: "" + {{- range $k, $v := .Values.conf.ks_domains }} +- keystone.{{ $k }}.json: {{ toJson $v | b64enc }} ++ keystone.{{ $k }}.json: | ++{{ toJson $v | indent 4 }} + {{- end }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf" "format" "Secret" ) | indent 2 }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_keystone "key" "wsgi-keystone.conf" "format" "Secret" ) | indent 2 }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.sso_callback_template "key" "sso_callback_template.html" "format" "Secret" ) | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.mpm_event "key" "mpm_event.conf") | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_keystone "key" "wsgi-keystone.conf") | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.sso_callback_template "key" "sso_callback_template.html") | indent 2 }} + {{- end }} +diff --git a/keystone/templates/cron-job-credential-rotate.yaml b/keystone/templates/cron-job-credential-rotate.yaml +index 9249675..2dcd47a 100644 +--- a/keystone/templates/cron-job-credential-rotate.yaml ++++ b/keystone/templates/cron-job-credential-rotate.yaml +@@ -114,8 +114,8 @@ spec: + - name: etckeystone + emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/cron-job-fernet-rotate.yaml b/keystone/templates/cron-job-fernet-rotate.yaml +index a61339e..353dfc2 100644 +--- a/keystone/templates/cron-job-fernet-rotate.yaml ++++ b/keystone/templates/cron-job-fernet-rotate.yaml +@@ -113,8 +113,8 @@ spec: + - name: etckeystone + emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/deployment-api.yaml b/keystone/templates/deployment-api.yaml +index c985cad..927ace0 100644 +--- a/keystone/templates/deployment-api.yaml ++++ b/keystone/templates/deployment-api.yaml +@@ -147,8 +147,8 @@ spec: + - name: run-apache + emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/job-credential-setup.yaml b/keystone/templates/job-credential-setup.yaml +index 4a212dc..b177b95 100644 +--- a/keystone/templates/job-credential-setup.yaml ++++ b/keystone/templates/job-credential-setup.yaml +@@ -89,8 +89,6 @@ spec: + volumeMounts: + - name: etckeystone + mountPath: /etc/keystone +- - name: credential-keys +- mountPath: {{ .Values.conf.keystone.credential.key_repository | quote }} + - name: keystone-etc + mountPath: /etc/keystone/keystone.conf + subPath: keystone.conf +@@ -107,11 +105,9 @@ spec: + volumes: + - name: etckeystone + emptyDir: {} +- - name: credential-keys +- emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/job-domain-manage.yaml b/keystone/templates/job-domain-manage.yaml +index a2c8be8..df0bd03 100644 +--- a/keystone/templates/job-domain-manage.yaml ++++ b/keystone/templates/job-domain-manage.yaml +@@ -103,8 +103,8 @@ spec: + - name: etckeystonedomains + emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/job-fernet-setup.yaml b/keystone/templates/job-fernet-setup.yaml +index ebe9f21..58cd0a3 100644 +--- a/keystone/templates/job-fernet-setup.yaml ++++ b/keystone/templates/job-fernet-setup.yaml +@@ -88,8 +88,6 @@ spec: + volumeMounts: + - name: etckeystone + mountPath: /etc/keystone +- - name: fernet-keys +- mountPath: {{ .Values.conf.keystone.fernet_tokens.key_repository | quote }} + - name: keystone-etc + mountPath: /etc/keystone/keystone.conf + subPath: keystone.conf +@@ -106,11 +104,9 @@ spec: + volumes: + - name: etckeystone + emptyDir: {} +- - name: fernet-keys +- emptyDir: {} + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/keystone/templates/pod-rally-test.yaml b/keystone/templates/pod-rally-test.yaml +index d29bc0e..e68cef2 100644 +--- a/keystone/templates/pod-rally-test.yaml ++++ b/keystone/templates/pod-rally-test.yaml +@@ -87,8 +87,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: keystone-etc +- secret: +- secretName: keystone-etc ++ configMap: ++ name: keystone-etc + defaultMode: 0444 + - name: keystone-bin + configMap: +diff --git a/magnum/templates/configmap-etc.yaml b/magnum/templates/configmap-etc.yaml +index 7796fa0..677abfc 100644 +--- a/magnum/templates/configmap-etc.yaml ++++ b/magnum/templates/configmap-etc.yaml +@@ -87,13 +87,16 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: magnum-etc +-type: Opaque + data: +- magnum.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.magnum | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} ++ magnum.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.magnum | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} + {{- end }} +diff --git a/magnum/templates/deployment-api.yaml b/magnum/templates/deployment-api.yaml +index 8015927..eb70e63 100644 +--- a/magnum/templates/deployment-api.yaml ++++ b/magnum/templates/deployment-api.yaml +@@ -116,8 +116,8 @@ spec: + name: magnum-bin + defaultMode: 0555 + - name: magnum-etc +- secret: +- secretName: magnum-etc ++ configMap: ++ name: magnum-etc + defaultMode: 0444 + - name: magnum-lock-path + emptyDir: {} +diff --git a/magnum/templates/statefulset-conductor.yaml b/magnum/templates/statefulset-conductor.yaml +index 2c6f094..b8de04f 100644 +--- a/magnum/templates/statefulset-conductor.yaml ++++ b/magnum/templates/statefulset-conductor.yaml +@@ -111,8 +111,8 @@ spec: + name: magnum-bin + defaultMode: 0555 + - name: magnum-etc +- secret: +- secretName: magnum-etc ++ configMap: ++ name: magnum-etc + defaultMode: 0444 + - name: magnum-lock-path + emptyDir: {} +diff --git a/mistral/templates/configmap-etc.yaml b/mistral/templates/configmap-etc.yaml +index 2e24c76..133cce3 100644 +--- a/mistral/templates/configmap-etc.yaml ++++ b/mistral/templates/configmap-etc.yaml +@@ -77,16 +77,20 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: mistral-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- mistral.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.mistral | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ mistral.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.mistral | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} + {{- range $key, $value := $envAll.Values.conf.rally_tests.templates }} +- {{ printf "test_template_%d" $key }}: {{ $value.template | b64enc }} ++ {{ printf "test_template_%d" $key }}: | ++{{ $value.template | indent 4 }} + {{- end }} + {{- end }} +diff --git a/mistral/templates/deployment-api.yaml b/mistral/templates/deployment-api.yaml +index 0b5087c..d3b361d 100644 +--- a/mistral/templates/deployment-api.yaml ++++ b/mistral/templates/deployment-api.yaml +@@ -102,8 +102,8 @@ spec: + name: mistral-bin + defaultMode: 0555 + - name: mistral-etc +- secret: +- secretName: mistral-etc ++ configMap: ++ name: mistral-etc + defaultMode: 0444 + {{ if $mounts_mistral_api.volumes }}{{ toYaml $mounts_mistral_api.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/mistral/templates/deployment-executor.yaml b/mistral/templates/deployment-executor.yaml +index c66d22f..53234ab 100644 +--- a/mistral/templates/deployment-executor.yaml ++++ b/mistral/templates/deployment-executor.yaml +@@ -84,8 +84,8 @@ spec: + name: mistral-bin + defaultMode: 0555 + - name: mistral-etc +- secret: +- secretName: mistral-etc ++ configMap: ++ name: mistral-etc + defaultMode: 0444 + {{ if $mounts_mistral_executor.volumes }}{{ toYaml $mounts_mistral_executor.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/mistral/templates/pod-rally-test.yaml b/mistral/templates/pod-rally-test.yaml +index 70f85d9..2968c70 100644 +--- a/mistral/templates/pod-rally-test.yaml ++++ b/mistral/templates/pod-rally-test.yaml +@@ -95,8 +95,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: mistral-etc +- secret: +- secretName: mistral-etc ++ configMap: ++ name: mistral-etc + defaultMode: 0444 + - name: mistral-bin + configMap: +diff --git a/mistral/templates/statefulset-engine.yaml b/mistral/templates/statefulset-engine.yaml +index 2b8e105..13def09 100644 +--- a/mistral/templates/statefulset-engine.yaml ++++ b/mistral/templates/statefulset-engine.yaml +@@ -81,8 +81,8 @@ spec: + name: mistral-bin + defaultMode: 0555 + - name: mistral-etc +- secret: +- secretName: mistral-etc ++ configMap: ++ name: mistral-etc + defaultMode: 0444 + {{ if $mounts_mistral_engine.volumes }}{{ toYaml $mounts_mistral_engine.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/mistral/templates/statefulset-event-engine.yaml b/mistral/templates/statefulset-event-engine.yaml +index bb2acb3..b9576c5 100644 +--- a/mistral/templates/statefulset-event-engine.yaml ++++ b/mistral/templates/statefulset-event-engine.yaml +@@ -81,8 +81,8 @@ spec: + name: mistral-bin + defaultMode: 0555 + - name: mistral-etc +- secret: +- secretName: mistral-etc ++ configMap: ++ name: mistral-etc + defaultMode: 0444 + {{ if $mounts_mistral_event_engine.volumes }}{{ toYaml $mounts_mistral_event_engine.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/mistral/values.yaml b/mistral/values.yaml +index d9e461e..9634c11 100644 +--- a/mistral/values.yaml ++++ b/mistral/values.yaml +@@ -459,7 +459,7 @@ conf: + port: null + api_workers: 8 + coordination: +- backend_url: "" ++ backend_url: null + database: + max_retries: -1 + keystone_authtoken: +diff --git a/neutron/templates/configmap-etc.yaml b/neutron/templates/configmap-etc.yaml +index 7293df0..ffed59c 100644 +--- a/neutron/templates/configmap-etc.yaml ++++ b/neutron/templates/configmap-etc.yaml +@@ -171,32 +171,49 @@ just set it along with nova_metadata_host. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: {{ $configMapName }} +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml $envAll.Values.conf.rally_tests.tests | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" $envAll.Values.conf.paste | b64enc }} +- policy.json: {{ toJson $envAll.Values.conf.policy | b64enc }} +- neutron.conf: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.neutron | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- dhcp_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.dhcp_agent | b64enc }} +- l3_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.l3_agent | b64enc }} +- metadata_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metadata_agent | b64enc }} +- metering_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metering_agent | b64enc }} +- ml2_conf.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf | b64enc }} +- ml2_conf_sriov.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf_sriov | b64enc }} +- macvtap_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.macvtap_agent | b64enc }} +- linuxbridge_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.linuxbridge_agent | b64enc }} +- openvswitch_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.openvswitch_agent | b64enc }} +- sriov_agent.ini: {{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.sriov_agent | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml $envAll.Values.conf.rally_tests.tests | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" $envAll.Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson $envAll.Values.conf.policy | indent 4 }} ++ neutron.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.neutron | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ dhcp_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.dhcp_agent | indent 4 }} ++ l3_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.l3_agent | indent 4 }} ++ metadata_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metadata_agent | indent 4 }} ++ metering_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.metering_agent | indent 4 }} ++ ml2_conf.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf | indent 4 }} ++ ml2_conf_sriov.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.ml2_conf_sriov | indent 4 }} ++ macvtap_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.macvtap_agent | indent 4 }} ++ linuxbridge_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.linuxbridge_agent | indent 4 }} ++ openvswitch_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.openvswitch_agent | indent 4 }} ++ sriov_agent.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" $envAll.Values.conf.plugins.sriov_agent | indent 4 }} + dnsmasq.conf: "" +- neutron_sudoers: {{ $envAll.Values.conf.neutron_sudoers | b64enc }} +- rootwrap.conf: {{ $envAll.Values.conf.rootwrap | b64enc }} ++ neutron_sudoers: | ++{{ $envAll.Values.conf.neutron_sudoers | indent 4 }} ++ rootwrap.conf: | ++{{ $envAll.Values.conf.rootwrap | indent 4 }} + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- $filePrefix := replace "_" "-" $key }} +- {{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }} ++ {{ printf "%s.filters" $filePrefix }}: | ++{{ $value.content | indent 4 }} + {{- end }} + {{- end }} + {{- end }} +diff --git a/neutron/templates/daemonset-dhcp-agent.yaml b/neutron/templates/daemonset-dhcp-agent.yaml +index e7d84aa..a45c08b 100644 +--- a/neutron/templates/daemonset-dhcp-agent.yaml ++++ b/neutron/templates/daemonset-dhcp-agent.yaml +@@ -137,8 +137,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: socket + hostPath: +diff --git a/neutron/templates/daemonset-l3-agent.yaml b/neutron/templates/daemonset-l3-agent.yaml +index ac0a3f7..d91bef3 100644 +--- a/neutron/templates/daemonset-l3-agent.yaml ++++ b/neutron/templates/daemonset-l3-agent.yaml +@@ -136,8 +136,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: libmodules + hostPath: +diff --git a/neutron/templates/daemonset-lb-agent.yaml b/neutron/templates/daemonset-lb-agent.yaml +index 7730ab4..bf209a6 100644 +--- a/neutron/templates/daemonset-lb-agent.yaml ++++ b/neutron/templates/daemonset-lb-agent.yaml +@@ -196,8 +196,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: run + hostPath: +diff --git a/neutron/templates/daemonset-metadata-agent.yaml b/neutron/templates/daemonset-metadata-agent.yaml +index 2a24aa6..c5e65d8 100644 +--- a/neutron/templates/daemonset-metadata-agent.yaml ++++ b/neutron/templates/daemonset-metadata-agent.yaml +@@ -150,8 +150,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: socket + hostPath: +diff --git a/neutron/templates/daemonset-ovs-agent.yaml b/neutron/templates/daemonset-ovs-agent.yaml +index 3ca1ca3..04a29e1 100644 +--- a/neutron/templates/daemonset-ovs-agent.yaml ++++ b/neutron/templates/daemonset-ovs-agent.yaml +@@ -200,8 +200,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: run + hostPath: +diff --git a/neutron/templates/daemonset-sriov-agent.yaml b/neutron/templates/daemonset-sriov-agent.yaml +index 6130817..e1213a7 100644 +--- a/neutron/templates/daemonset-sriov-agent.yaml ++++ b/neutron/templates/daemonset-sriov-agent.yaml +@@ -173,8 +173,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + - name: run + hostPath: +diff --git a/neutron/templates/deployment-server.yaml b/neutron/templates/deployment-server.yaml +index 31dec3d..628937b 100644 +--- a/neutron/templates/deployment-server.yaml ++++ b/neutron/templates/deployment-server.yaml +@@ -115,8 +115,8 @@ spec: + name: neutron-bin + defaultMode: 0555 + - name: neutron-etc +- secret: +- secretName: neutron-etc ++ configMap: ++ name: neutron-etc + defaultMode: 0444 + {{ if $mounts_neutron_server.volumes }}{{ toYaml $mounts_neutron_server.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/neutron/templates/pod-rally-test.yaml b/neutron/templates/pod-rally-test.yaml +index 15633d1..16ced6e 100644 +--- a/neutron/templates/pod-rally-test.yaml ++++ b/neutron/templates/pod-rally-test.yaml +@@ -90,8 +90,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: neutron-etc +- secret: +- secretName: neutron-etc ++ configMap: ++ name: neutron-etc + defaultMode: 0444 + - name: neutron-bin + configMap: +diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml +index d1a55f5..cbd69ee 100644 +--- a/nova/templates/configmap-etc.yaml ++++ b/nova/templates/configmap-etc.yaml +@@ -214,26 +214,34 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: {{ $configMapName }} +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | b64enc }} +- policy.yaml: {{ toYaml .Values.conf.policy | b64enc }} +- nova_sudoers: {{ $envAll.Values.conf.nova_sudoers | b64enc }} +- rootwrap.conf: {{ .Values.conf.rootwrap | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.paste | indent 4 }} ++ policy.yaml: | ++{{ toYaml .Values.conf.policy | indent 4 }} ++ nova_sudoers: | ++{{ $envAll.Values.conf.nova_sudoers | indent 4 }} ++ rootwrap.conf: | ++{{- .Values.conf.rootwrap | indent 4 }} + {{- range $key, $value := $envAll.Values.conf.rootwrap_filters }} + {{- $filePrefix := replace "_" "-" $key }} +- {{ printf "%s.filters" $filePrefix }}: {{ $value.content | b64enc }} ++ {{ printf "%s.filters" $filePrefix }}: | ++{{ $value.content | indent 4 }} + {{- end }} +- nova.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- nova-ironic.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_ironic | b64enc }} +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_placement "key" "wsgi-nova-placement.conf" "format" "Secret" ) | indent 2 }} ++ nova.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ nova-ironic.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.nova_ironic | indent 4 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_placement "key" "wsgi-nova-placement.conf" ) | indent 2 }} + # FIXME(portdirect): why is this file suffixed .sh? +-{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.ssh "key" "ssh-config.sh" "format" "Secret" ) | indent 2 }} ++{{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.ssh "key" "ssh-config.sh" ) | indent 2 }} + {{- end }} + {{- end }} + {{- if .Values.manifests.configmap_etc }} +diff --git a/nova/templates/cron-job-cell-setup.yaml b/nova/templates/cron-job-cell-setup.yaml +index 66df4df..dd71748 100644 +--- a/nova/templates/cron-job-cell-setup.yaml ++++ b/nova/templates/cron-job-cell-setup.yaml +@@ -76,8 +76,8 @@ spec: + - name: etcnova + emptyDir: {} + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: nova-bin + configMap: +diff --git a/nova/templates/cron-job-service-cleaner.yaml b/nova/templates/cron-job-service-cleaner.yaml +index 889cfc4..db36ae6 100644 +--- a/nova/templates/cron-job-service-cleaner.yaml ++++ b/nova/templates/cron-job-service-cleaner.yaml +@@ -65,8 +65,8 @@ spec: + - name: etcnova + emptyDir: {} + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: nova-bin + configMap: +diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml +index 850f0b0..ae681bb 100644 +--- a/nova/templates/daemonset-compute.yaml ++++ b/nova/templates/daemonset-compute.yaml +@@ -292,8 +292,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: {{ $configMapName }} ++ configMap: ++ name: {{ $configMapName }} + defaultMode: 0444 + {{- if .Values.conf.ceph.enabled }} + - name: etcceph +diff --git a/nova/templates/deployment-api-metadata.yaml b/nova/templates/deployment-api-metadata.yaml +index dfc9947..5b55950 100644 +--- a/nova/templates/deployment-api-metadata.yaml ++++ b/nova/templates/deployment-api-metadata.yaml +@@ -155,8 +155,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: pod-shared + emptyDir: {} +diff --git a/nova/templates/deployment-api-osapi.yaml b/nova/templates/deployment-api-osapi.yaml +index f0aa805..263d3a8 100644 +--- a/nova/templates/deployment-api-osapi.yaml ++++ b/nova/templates/deployment-api-osapi.yaml +@@ -102,8 +102,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + {{ if $mounts_nova_api_osapi.volumes}}{{ toYaml $mounts_nova_api_osapi.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/nova/templates/deployment-conductor.yaml b/nova/templates/deployment-conductor.yaml +index 7bf0841..36c326f 100644 +--- a/nova/templates/deployment-conductor.yaml ++++ b/nova/templates/deployment-conductor.yaml +@@ -84,8 +84,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + {{ if $mounts_nova_conductor.volumes }}{{ toYaml $mounts_nova_conductor.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/nova/templates/deployment-consoleauth.yaml b/nova/templates/deployment-consoleauth.yaml +index 10de3fc..2a42917 100644 +--- a/nova/templates/deployment-consoleauth.yaml ++++ b/nova/templates/deployment-consoleauth.yaml +@@ -84,8 +84,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + {{ if $mounts_nova_consoleauth.volumes }}{{ toYaml $mounts_nova_consoleauth.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/nova/templates/deployment-novncproxy.yaml b/nova/templates/deployment-novncproxy.yaml +index 85e0e11..992650b 100644 +--- a/nova/templates/deployment-novncproxy.yaml ++++ b/nova/templates/deployment-novncproxy.yaml +@@ -122,8 +122,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: pod-usr-share-novnc + emptyDir: {} +diff --git a/nova/templates/deployment-placement.yaml b/nova/templates/deployment-placement.yaml +index db62d75..4838f93 100644 +--- a/nova/templates/deployment-placement.yaml ++++ b/nova/templates/deployment-placement.yaml +@@ -111,8 +111,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + {{- if $mounts_nova_placement.volumes }}{{ toYaml $mounts_nova_placement.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/nova/templates/deployment-scheduler.yaml b/nova/templates/deployment-scheduler.yaml +index dc8b0d3..018566f 100644 +--- a/nova/templates/deployment-scheduler.yaml ++++ b/nova/templates/deployment-scheduler.yaml +@@ -84,8 +84,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + {{ if $mounts_nova_scheduler.volumes }}{{ toYaml $mounts_nova_scheduler.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/nova/templates/deployment-spiceproxy.yaml b/nova/templates/deployment-spiceproxy.yaml +index 65fa900..351d54f 100644 +--- a/nova/templates/deployment-spiceproxy.yaml ++++ b/nova/templates/deployment-spiceproxy.yaml +@@ -122,8 +122,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: pod-usr-share-spice-html5 + emptyDir: {} +diff --git a/nova/templates/job-cell-setup.yaml b/nova/templates/job-cell-setup.yaml +index 4ad9509..ffabd1f 100644 +--- a/nova/templates/job-cell-setup.yaml ++++ b/nova/templates/job-cell-setup.yaml +@@ -81,8 +81,8 @@ spec: + - name: etcnova + emptyDir: {} + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: nova-bin + configMap: +diff --git a/nova/templates/pod-rally-test.yaml b/nova/templates/pod-rally-test.yaml +index f7b2e1b..05e0558 100644 +--- a/nova/templates/pod-rally-test.yaml ++++ b/nova/templates/pod-rally-test.yaml +@@ -89,8 +89,8 @@ spec: + {{ if $mounts_tests.volumeMounts }}{{ toYaml $mounts_tests.volumeMounts | indent 8 }}{{ end }} + volumes: + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: nova-bin + configMap: +diff --git a/nova/templates/statefulset-compute-ironic.yaml b/nova/templates/statefulset-compute-ironic.yaml +index eb39dd8..19cd9fe 100644 +--- a/nova/templates/statefulset-compute-ironic.yaml ++++ b/nova/templates/statefulset-compute-ironic.yaml +@@ -97,8 +97,8 @@ spec: + name: nova-bin + defaultMode: 0555 + - name: nova-etc +- secret: +- secretName: nova-etc ++ configMap: ++ name: nova-etc + defaultMode: 0444 + - name: varlibironic + hostPath: +diff --git a/rally/templates/configmap-etc.yaml b/rally/templates/configmap-etc.yaml +index 2bbe5fe..afa651f 100644 +--- a/rally/templates/configmap-etc.yaml ++++ b/rally/templates/configmap-etc.yaml +@@ -54,10 +54,10 @@ limitations under the License. + + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: rally-etc +-type: Opaque + data: +- rally.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.rally | b64enc }} ++ rally.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.rally | indent 4 }} + {{- end }} +diff --git a/rally/templates/job-manage-db.yaml b/rally/templates/job-manage-db.yaml +index 7510e69..82a2188 100644 +--- a/rally/templates/job-manage-db.yaml ++++ b/rally/templates/job-manage-db.yaml +@@ -59,8 +59,8 @@ spec: + - name: etcrally + emptyDir: {} + - name: rally-etc +- secret: +- secretName: rally-etc ++ configMap: ++ name: rally-etc + defaultMode: 0444 + - name: rally-bin + configMap: +diff --git a/rally/templates/job-run-task.yaml b/rally/templates/job-run-task.yaml +index ed14757..2b091d5 100644 +--- a/rally/templates/job-run-task.yaml ++++ b/rally/templates/job-run-task.yaml +@@ -86,8 +86,8 @@ spec: + - name: etcrally + emptyDir: {} + - name: rally-etc +- secret: +- secretName: rally-etc ++ configMap: ++ name: rally-etc + defaultMode: 0444 + - name: rally-tasks + configMap: +diff --git a/senlin/templates/configmap-etc.yaml b/senlin/templates/configmap-etc.yaml +index 027b468..cf9477a 100644 +--- a/senlin/templates/configmap-etc.yaml ++++ b/senlin/templates/configmap-etc.yaml +@@ -97,14 +97,18 @@ limitations under the License. + {{- end -}} + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: senlin-etc +-type: Opaque + data: +- rally_tests.yaml: {{ toYaml .Values.conf.rally_tests.tests | b64enc }} +- senlin.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.senlin | b64enc }} +- logging.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | b64enc }} +- api-paste.ini: {{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | b64enc }} +- policy.json: {{ toJson .Values.conf.policy | b64enc }} ++ rally_tests.yaml: | ++{{ toYaml .Values.conf.rally_tests.tests | indent 4 }} ++ senlin.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.senlin | indent 4 }} ++ logging.conf: | ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.logging | indent 4 }} ++ api-paste.ini: | ++{{ include "helm-toolkit.utils.to_ini" .Values.conf.paste | indent 4 }} ++ policy.json: | ++{{ toJson .Values.conf.policy | indent 4 }} + {{- end }} +diff --git a/senlin/templates/cron-job-engine-cleaner.yaml b/senlin/templates/cron-job-engine-cleaner.yaml +index 18883e4..ce0dd3b 100644 +--- a/senlin/templates/cron-job-engine-cleaner.yaml ++++ b/senlin/templates/cron-job-engine-cleaner.yaml +@@ -76,8 +76,8 @@ spec: + - name: etcsenlin + emptyDir: {} + - name: senlin-etc +- secret: +- secretName: senlin-etc ++ configMap: ++ name: senlin-etc + defaultMode: 0444 + - name: senlin-bin + configMap: +diff --git a/senlin/templates/deployment-api.yaml b/senlin/templates/deployment-api.yaml +index 93eb9b8..0eca3d3 100644 +--- a/senlin/templates/deployment-api.yaml ++++ b/senlin/templates/deployment-api.yaml +@@ -114,8 +114,8 @@ spec: + name: senlin-bin + defaultMode: 0555 + - name: senlin-etc +- secret: +- secretName: senlin-etc ++ configMap: ++ name: senlin-etc + defaultMode: 0444 + {{ if $mounts_senlin_api.volumes }}{{ toYaml $mounts_senlin_api.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/senlin/templates/deployment-engine.yaml b/senlin/templates/deployment-engine.yaml +index fd54515..5c0714b 100644 +--- a/senlin/templates/deployment-engine.yaml ++++ b/senlin/templates/deployment-engine.yaml +@@ -87,8 +87,8 @@ spec: + name: senlin-bin + defaultMode: 0555 + - name: senlin-etc +- secret: +- secretName: senlin-etc ++ configMap: ++ name: senlin-etc + defaultMode: 0444 + {{ if $mounts_senlin_engine.volumes }}{{ toYaml $mounts_senlin_engine.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/tempest/templates/configmap-etc.yaml b/tempest/templates/configmap-etc.yaml +index 855c460..bd44108 100644 +--- a/tempest/templates/configmap-etc.yaml ++++ b/tempest/templates/configmap-etc.yaml +@@ -43,16 +43,18 @@ limitations under the License. + + --- + apiVersion: v1 +-kind: Secret ++kind: ConfigMap + metadata: + name: tempest-etc +-type: Opaque + data: +- tempest.conf: {{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.tempest | b64enc }} ++ tempest.conf: |+ ++{{ include "helm-toolkit.utils.to_oslo_conf" .Values.conf.tempest | indent 4 }} + {{ if not (empty .Values.conf.blacklist) }} +- test-blacklist: {{ include "tempest.utils.to_regex_file" .Values.conf.blacklist | b64enc }} ++ test-blacklist: |+ ++{{ include "tempest.utils.to_regex_file" .Values.conf.blacklist | indent 4 }} + {{ end }} + {{ if not (empty .Values.conf.whitelist) }} +- test-whitelist: {{ include "tempest.utils.to_regex_file" .Values.conf.whitelist | b64enc }} ++ test-whitelist: |+ ++{{ include "tempest.utils.to_regex_file" .Values.conf.whitelist | indent 4 }} + {{ end }} + {{- end }} +diff --git a/tempest/templates/job-run-tests.yaml b/tempest/templates/job-run-tests.yaml +index 6f29e1a..1865aa5 100644 +--- a/tempest/templates/job-run-tests.yaml ++++ b/tempest/templates/job-run-tests.yaml +@@ -91,8 +91,8 @@ spec: + - name: etctempest + emptyDir: {} + - name: tempest-etc +- secret: +- secretName: tempest-etc ++ configMap: ++ name: tempest-etc + defaultMode: 0444 + - name: tempest-bin + configMap: +-- +1.8.3.1 + diff --git a/openstack/openstack-helm/files/0003-ceilometer-chart-updates.patch b/openstack/openstack-helm/files/0003-ceilometer-chart-updates.patch new file mode 100644 index 00000000..e9cac139 --- /dev/null +++ b/openstack/openstack-helm/files/0003-ceilometer-chart-updates.patch @@ -0,0 +1,2113 @@ +From f45bfe9ea150965c011560b500ed6e01886bada3 Mon Sep 17 00:00:00 2001 +From: Angie Wang +Date: Fri, 19 Oct 2018 14:46:27 -0400 +Subject: [PATCH 3/3] ceilometer chart updates + +This commit includes the following changes: +- add polling process with ipmi function +- run ceilometer-upgrade instead of the obsolete command ceilometer-dbsync +- set ceilometer cache server +- update event_definitions.yaml in values.yaml +- add missing defintion yaml files for meter (meters.yaml, polling.yaml) +- configure messaging_urls option to listen to each rabbitmq vhost +- add the ability to push events to panko + +We should try to upstream above changes. + +We need to rework a bit once the commit "Openstack: Use k8s secret to store config" is put back. +--- + ceilometer/templates/bin/_ceilometer-ipmi.sh.tpl | 13 + + ceilometer/templates/bin/_db-sync.sh.tpl | 2 +- + ceilometer/templates/configmap-bin.yaml | 2 + + ceilometer/templates/configmap-etc.yaml | 8 + + ceilometer/templates/daemonset-compute.yaml | 4 + + ceilometer/templates/daemonset-ipmi.yaml | 105 ++ + ceilometer/templates/deployment-central.yaml | 4 + + ceilometer/templates/deployment-notification.yaml | 20 + + ceilometer/values.yaml | 1530 ++++++++++----------- + 9 files changed, 902 insertions(+), 786 deletions(-) + create mode 100644 ceilometer/templates/bin/_ceilometer-ipmi.sh.tpl + create mode 100644 ceilometer/templates/daemonset-ipmi.yaml + +diff --git a/ceilometer/templates/bin/_ceilometer-ipmi.sh.tpl b/ceilometer/templates/bin/_ceilometer-ipmi.sh.tpl +new file mode 100644 +index 0000000..ad280c3 +--- /dev/null ++++ b/ceilometer/templates/bin/_ceilometer-ipmi.sh.tpl +@@ -0,0 +1,13 @@ ++#!/bin/bash ++ ++{{/* ++Copyright (c) 2018 Wind River Systems, Inc. ++ ++SPDX-License-Identifier: Apache-2.0 ++*/}} ++ ++set -ex ++ ++exec ceilometer-polling \ ++ --polling-namespaces ipmi \ ++ --config-file /etc/ceilometer/ceilometer.conf +diff --git a/ceilometer/templates/bin/_db-sync.sh.tpl b/ceilometer/templates/bin/_db-sync.sh.tpl +index 02f6f5d..ba7c1d8 100644 +--- a/ceilometer/templates/bin/_db-sync.sh.tpl ++++ b/ceilometer/templates/bin/_db-sync.sh.tpl +@@ -18,4 +18,4 @@ limitations under the License. + + set -ex + +-exec ceilometer-dbsync ++exec ceilometer-upgrade --skip-metering-database +diff --git a/ceilometer/templates/configmap-bin.yaml b/ceilometer/templates/configmap-bin.yaml +index 6c7d59a..558f24e 100644 +--- a/ceilometer/templates/configmap-bin.yaml ++++ b/ceilometer/templates/configmap-bin.yaml +@@ -53,6 +53,8 @@ data: + {{ tuple "bin/_ceilometer-collector.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + ceilometer-compute.sh: | + {{ tuple "bin/_ceilometer-compute.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} ++ ceilometer-ipmi.sh: | ++{{ tuple "bin/_ceilometer-ipmi.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + ceilometer-notification.sh: | + {{ tuple "bin/_ceilometer-notification.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + rabbit-init.sh: | +diff --git a/ceilometer/templates/configmap-etc.yaml b/ceilometer/templates/configmap-etc.yaml +index d7d9653..14105f5 100644 +--- a/ceilometer/templates/configmap-etc.yaml ++++ b/ceilometer/templates/configmap-etc.yaml +@@ -32,6 +32,10 @@ limitations under the License. + {{- $_ := set .Values.conf.ceilometer.keystone_authtoken "memcache_secret_key" ( default ( randAlphaNum 64 ) .Values.endpoints.oslo_cache.auth.memcache_secret_key ) -}} + {{- end -}} + ++{{- if empty .Values.conf.ceilometer.cache.memcache_servers -}} ++{{- $_ := tuple "oslo_cache" "internal" "memcache" . | include "helm-toolkit.endpoints.host_and_port_endpoint_uri_lookup" | set .Values.conf.ceilometer.cache "memcache_servers" -}} ++{{- end -}} ++ + {{- if empty .Values.conf.ceilometer.database.connection -}} + {{- $_ := tuple "oslo_db" "internal" "ceilometer" "mysql" . | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup"| set .Values.conf.ceilometer.database "connection" -}} + {{- end -}} +@@ -127,5 +131,9 @@ data: + {{ toYaml .Values.conf.event_definitions | indent 4 }} + gnocchi_resources.yaml: | + {{ toYaml .Values.conf.gnocchi_resources | indent 4 }} ++ meters.yaml: | ++{{ toYaml .Values.conf.meters | indent 4 }} ++ polling.yaml: | ++{{ toYaml .Values.conf.polling | indent 4 }} + {{- include "helm-toolkit.snippets.values_template_renderer" (dict "envAll" $envAll "template" .Values.conf.wsgi_ceilometer "key" "wsgi-ceilometer.conf" ) | indent 2 }} + {{- end }} +diff --git a/ceilometer/templates/daemonset-compute.yaml b/ceilometer/templates/daemonset-compute.yaml +index cf31840..d2fd9ea 100644 +--- a/ceilometer/templates/daemonset-compute.yaml ++++ b/ceilometer/templates/daemonset-compute.yaml +@@ -91,6 +91,10 @@ spec: + mountPath: /etc/ceilometer/gnocchi_resources.yaml + subPath: gnocchi_resources.yaml + readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/polling.yaml ++ subPath: polling.yaml ++ readOnly: true + - name: ceilometer-bin + mountPath: /tmp/ceilometer-compute.sh + subPath: ceilometer-compute.sh +diff --git a/ceilometer/templates/daemonset-ipmi.yaml b/ceilometer/templates/daemonset-ipmi.yaml +new file mode 100644 +index 0000000..9a7d72b +--- /dev/null ++++ b/ceilometer/templates/daemonset-ipmi.yaml +@@ -0,0 +1,105 @@ ++{{/* ++Copyright (c) 2018 Wind River Systems, Inc. ++ ++SPDX-License-Identifier: Apache-2.0 ++*/}} ++ ++{{- if .Values.manifests.daemonset_ipmi }} ++{{- $envAll := . }} ++ ++{{- $mounts_ceilometer_ipmi := .Values.pod.mounts.ceilometer_ipmi.ceilometer_ipmi }} ++{{- $mounts_ceilometer_ipmi_init := .Values.pod.mounts.ceilometer_ipmi.init_container }} ++ ++{{- $serviceAccountName := "ceilometer-ipmi" }} ++{{ tuple $envAll "ipmi" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} ++--- ++apiVersion: apps/v1 ++kind: DaemonSet ++metadata: ++ name: ceilometer-ipmi ++ annotations: ++ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }} ++ labels: ++{{ tuple $envAll "ceilometer" "ipmi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} ++spec: ++ selector: ++ matchLabels: ++{{ tuple $envAll "ceilometer" "ipmi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} ++{{ tuple $envAll "ipmi" | include "helm-toolkit.snippets.kubernetes_upgrades_daemonset" | indent 2 }} ++ template: ++ metadata: ++ labels: ++{{ tuple $envAll "ceilometer" "ipmi" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} ++ annotations: ++ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} ++ configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} ++ spec: ++ serviceAccountName: {{ $serviceAccountName }} ++ affinity: ++{{ tuple $envAll "ceilometer" "ipmi" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} ++ hostNetwork: true ++ hostPID: true ++ dnsPolicy: ClusterFirstWithHostNet ++ nodeSelector: ++ {{ .Values.labels.ipmi.node_selector_key }}: {{ .Values.labels.ipmi.node_selector_value }} ++ initContainers: ++{{ tuple $envAll "ipmi" $mounts_ceilometer_ipmi_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} ++ containers: ++ - name: ceilometer-ipmi ++{{ tuple $envAll "ceilometer_ipmi" | include "helm-toolkit.snippets.image" | indent 10 }} ++{{ tuple $envAll $envAll.Values.pod.resources.ipmi | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} ++ command: ++ - /tmp/ceilometer-ipmi.sh ++ volumeMounts: ++ - name: pod-etc-ceilometer ++ mountPath: /etc/ceilometer ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/ceilometer.conf ++ subPath: ceilometer.conf ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/api_paste.ini ++ subPath: api_paste.ini ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/policy.json ++ subPath: policy.json ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/event_definitions.yaml ++ subPath: event_definitions.yaml ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/event_pipeline.yaml ++ subPath: event_pipeline.yaml ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/pipeline.yaml ++ subPath: pipeline.yaml ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/gnocchi_resources.yaml ++ subPath: gnocchi_resources.yaml ++ readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/polling.yaml ++ subPath: polling.yaml ++ readOnly: true ++ - name: ceilometer-bin ++ mountPath: /tmp/ceilometer-ipmi.sh ++ subPath: ceilometer-ipmi.sh ++ readOnly: true ++{{ if $mounts_ceilometer_ipmi.volumeMounts }}{{ toYaml $mounts_ceilometer_ipmi.volumeMounts | indent 12 }}{{ end }} ++ volumes: ++ - name: pod-etc-ceilometer ++ emptyDir: {} ++ - name: ceilometer-etc ++ configMap: ++ name: ceilometer-etc ++ defaultMode: 0444 ++ - name: ceilometer-bin ++ configMap: ++ name: ceilometer-bin ++ defaultMode: 0555 ++{{ if $mounts_ceilometer_ipmi.volumes }}{{ toYaml $mounts_ceilometer_ipmi.volumes | indent 8 }}{{ end }} ++{{- end }} +diff --git a/ceilometer/templates/deployment-central.yaml b/ceilometer/templates/deployment-central.yaml +index 2fe7ed3..06121f2 100644 +--- a/ceilometer/templates/deployment-central.yaml ++++ b/ceilometer/templates/deployment-central.yaml +@@ -89,6 +89,10 @@ spec: + mountPath: /etc/ceilometer/gnocchi_resources.yaml + subPath: gnocchi_resources.yaml + readOnly: true ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/polling.yaml ++ subPath: polling.yaml ++ readOnly: true + - name: ceilometer-bin + mountPath: /tmp/ceilometer-central.sh + subPath: ceilometer-central.sh +diff --git a/ceilometer/templates/deployment-notification.yaml b/ceilometer/templates/deployment-notification.yaml +index 2eeb571..f61c5e8 100644 +--- a/ceilometer/templates/deployment-notification.yaml ++++ b/ceilometer/templates/deployment-notification.yaml +@@ -89,14 +89,30 @@ spec: + mountPath: /etc/ceilometer/gnocchi_resources.yaml + subPath: gnocchi_resources.yaml + readOnly: true ++ - name: etc-ceilometer-meters ++ mountPath: /etc/ceilometer/meters.d ++ - name: ceilometer-etc ++ mountPath: /etc/ceilometer/meters.d/meters.yaml ++ subPath: meters.yaml ++ readOnly: true + - name: ceilometer-bin + mountPath: /tmp/ceilometer-notification.sh + subPath: ceilometer-notification.sh + readOnly: true ++ - name: etcpanko ++ mountPath: /etc/panko ++ - name: panko-etc ++ mountPath: /etc/panko/panko.conf ++ subPath: panko.conf ++ readOnly: true + {{ if $mounts_ceilometer_notification.volumeMounts }}{{ toYaml $mounts_ceilometer_notification.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: pod-etc-ceilometer + emptyDir: {} ++ - name: etc-ceilometer-meters ++ emptyDir: {} ++ - name: etcpanko ++ emptyDir: {} + - name: ceilometer-etc + configMap: + name: ceilometer-etc +@@ -105,5 +121,9 @@ spec: + configMap: + name: ceilometer-bin + defaultMode: 0555 ++ - name: panko-etc ++ configMap: ++ name: panko-etc ++ defaultMode: 0444 + {{ if $mounts_ceilometer_notification.volumes }}{{ toYaml $mounts_ceilometer_notification.volumes | indent 8 }}{{ end }} + {{- end }} +diff --git a/ceilometer/values.yaml b/ceilometer/values.yaml +index 4e7f104..54d1e5a 100644 +--- a/ceilometer/values.yaml ++++ b/ceilometer/values.yaml +@@ -29,6 +29,9 @@ labels: + central: + node_selector_key: openstack-control-plane + node_selector_value: enabled ++ ipmi: ++ node_selector_key: openstack-node ++ node_selector_value: enabled + collector: + node_selector_key: openstack-control-plane + node_selector_value: enabled +@@ -113,1041 +116,971 @@ conf: + auth_type: password + interface: internal + notification: +- messaging_urls: null ++ messaging_urls: ++ type: multistring ++ values: ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/ceilometer ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/cinder ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/glance ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/nova ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/keystone ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/neutron ++ - rabbit://rabbitmq:password@rabbitmq.openstack.svc.cluster.local:5672/heat + oslo_messaging_notifications: + driver: messagingv2 + topics: + - notifications + - profiler ++ cache: ++ enabled: true ++ backend: dogpile.cache.memcached + event_definitions: +- - event_type: compute.instance.* +- traits: +- deleted_at: +- fields: payload.deleted_at +- type: datetime ++ - event_type: 'compute.instance.*' ++ traits: &instance_traits ++ tenant_id: ++ fields: payload.tenant_id ++ user_id: ++ fields: payload.user_id ++ instance_id: ++ fields: payload.instance_id ++ resource_id: ++ fields: payload.instance_id ++ host: ++ fields: publisher_id.`split(., 1, 1)` ++ service: ++ fields: publisher_id.`split(., 0, -1)` ++ memory_mb: ++ type: int ++ fields: payload.memory_mb + disk_gb: ++ type: int + fields: payload.disk_gb ++ root_gb: + type: int ++ fields: payload.root_gb + ephemeral_gb: ++ type: int + fields: payload.ephemeral_gb ++ vcpus: + type: int +- host: +- fields: 'publisher_id.`split(., 1, 1)`' +- instance_id: +- fields: payload.instance_id +- instance_type: +- fields: payload.instance_type ++ fields: payload.vcpus + instance_type_id: +- fields: payload.instance_type_id +- type: int +- launched_at: +- fields: payload.launched_at +- type: datetime +- memory_mb: +- fields: payload.memory_mb + type: int ++ fields: payload.instance_type_id ++ instance_type: ++ fields: payload.instance_type ++ state: ++ fields: payload.state + os_architecture: + fields: payload.image_meta.'org.openstack__1__architecture' +- os_distro: +- fields: payload.image_meta.'org.openstack__1__os_distro' + os_version: + fields: payload.image_meta.'org.openstack__1__os_version' +- root_gb: +- fields: payload.root_gb +- type: int +- service: +- fields: 'publisher_id.`split(., 0, -1)`' +- state: +- fields: payload.state +- tenant_id: +- fields: payload.tenant_id +- user_id: +- fields: payload.user_id +- vcpus: +- fields: payload.vcpus +- type: int ++ os_distro: ++ fields: payload.image_meta.'org.openstack__1__os_distro' ++ launched_at: ++ type: datetime ++ fields: payload.launched_at ++ deleted_at: ++ type: datetime ++ fields: payload.deleted_at ++ - event_type: compute.instance.update ++ traits: ++ <<: *instance_traits ++ old_state: ++ fields: payload.old_state + - event_type: compute.instance.exists + traits: ++ <<: *instance_traits + audit_period_beginning: +- fields: payload.audit_period_beginning + type: datetime ++ fields: payload.audit_period_beginning + audit_period_ending: +- fields: payload.audit_period_ending +- type: datetime +- deleted_at: +- fields: payload.deleted_at +- type: datetime +- disk_gb: +- fields: payload.disk_gb +- type: int +- ephemeral_gb: +- fields: payload.ephemeral_gb +- type: int +- host: +- fields: 'publisher_id.`split(., 1, 1)`' +- instance_id: +- fields: payload.instance_id +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- type: int +- launched_at: +- fields: payload.launched_at + type: datetime +- memory_mb: +- fields: payload.memory_mb +- type: int +- os_architecture: +- fields: payload.image_meta.'org.openstack__1__architecture' +- os_distro: +- fields: payload.image_meta.'org.openstack__1__os_distro' +- os_version: +- fields: payload.image_meta.'org.openstack__1__os_version' +- root_gb: +- fields: payload.root_gb +- type: int +- service: +- fields: 'publisher_id.`split(., 0, -1)`' +- state: +- fields: payload.state +- tenant_id: +- fields: payload.tenant_id ++ fields: payload.audit_period_ending ++ - event_type: ['volume.exists', 'volume.create.*', 'volume.delete.*', 'volume.resize.*', 'volume.attach.*', 'volume.detach.*', 'volume.update.*', 'snapshot.exists', 'snapshot.create.*', 'snapshot.delete.*', 'snapshot.update.*'] ++ traits: &cinder_traits + user_id: + fields: payload.user_id +- vcpus: +- fields: payload.vcpus +- type: int +- - event_type: +- - volume.exists +- - volume.create.* +- - volume.delete.* +- - volume.resize.* +- - volume.attach.* +- - volume.detach.* +- - volume.update.* +- - snapshot.exists +- - snapshot.create.* +- - snapshot.delete.* +- - snapshot.update.* +- traits: ++ project_id: ++ fields: payload.tenant_id + availability_zone: + fields: payload.availability_zone +- created_at: +- fields: payload.created_at + display_name: + fields: payload.display_name +- project_id: +- fields: payload.tenant_id + replication_status: + fields: payload.replication_status + status: + fields: payload.status +- user_id: +- fields: payload.user_id +- - event_type: +- - volume.exists +- - volume.create.* +- - volume.delete.* +- - volume.resize.* +- - volume.attach.* +- - volume.detach.* +- - volume.update.* +- traits: +- availability_zone: +- fields: payload.availability_zone + created_at: + fields: payload.created_at +- display_name: +- fields: payload.display_name +- host: +- fields: payload.host +- project_id: +- fields: payload.tenant_id +- replication_status: +- fields: payload.replication_status ++ - event_type: ['volume.exists', 'volume.create.*', 'volume.delete.*', 'volume.resize.*', 'volume.attach.*', 'volume.detach.*', 'volume.update.*'] ++ traits: ++ <<: *cinder_traits + resource_id: + fields: payload.volume_id ++ host: ++ fields: payload.host + size: + fields: payload.size +- status: +- fields: payload.status + type: + fields: payload.volume_type ++ replication_status: ++ fields: payload.replication_status ++ - event_type: ['share.create.*', 'share.delete.*', 'share.extend.*', 'share.shrink.*'] ++ traits: &share_traits ++ share_id: ++ fields: payload.share_id + user_id: + fields: payload.user_id +- - event_type: +- - snapshot.exists +- - snapshot.create.* +- - snapshot.delete.* +- - snapshot.update.* +- traits: ++ project_id: ++ fields: payload.tenant_id ++ snapshot_id: ++ fields: payload.snapshot_id + availability_zone: + fields: payload.availability_zone ++ status: ++ fields: payload.status + created_at: + fields: payload.created_at +- display_name: +- fields: payload.display_name +- project_id: +- fields: payload.tenant_id +- replication_status: +- fields: payload.replication_status ++ share_group_id: ++ fields: payload.share_group_id ++ size: ++ fields: payload.size ++ name: ++ fields: payload.name ++ proto: ++ fields: payload.proto ++ is_public: ++ fields: payload.is_public ++ description: ++ fields: payload.description ++ host: ++ fields: payload.host ++ - event_type: ['snapshot.exists', 'snapshot.create.*', 'snapshot.delete.*', 'snapshot.update.*'] ++ traits: ++ <<: *cinder_traits + resource_id: + fields: payload.snapshot_id +- status: +- fields: payload.status +- user_id: +- fields: payload.user_id + volume_id: + fields: payload.volume_id +- - event_type: +- - image_volume_cache.* ++ - event_type: ['image_volume_cache.*'] + traits: +- host: +- fields: payload.host + image_id: + fields: payload.image_id +- - event_type: +- - image.create +- - image.update +- - image.upload +- - image.delete +- traits: +- created_at: +- fields: payload.created_at +- deleted_at: +- fields: payload.deleted_at +- name: +- fields: payload.name ++ host: ++ fields: payload.host ++ - event_type: ['image.create', 'image.update', 'image.upload', 'image.delete'] ++ traits: &glance_crud + project_id: + fields: payload.owner + resource_id: + fields: payload.id +- size: +- fields: payload.size ++ name: ++ fields: payload.name + status: + fields: payload.status ++ created_at: ++ fields: payload.created_at + user_id: + fields: payload.owner ++ deleted_at: ++ fields: payload.deleted_at ++ size: ++ fields: payload.size + - event_type: image.send +- traits: +- bytes_sent: +- fields: payload.bytes_sent +- type: int +- destination_ip: +- fields: payload.destination_ip +- image_id: +- fields: payload.image_id ++ traits: &glance_send + receiver_project: + fields: payload.receiver_tenant_id + receiver_user: + fields: payload.receiver_user_id + user_id: + fields: payload.owner_id ++ image_id: ++ fields: payload.image_id ++ destination_ip: ++ fields: payload.destination_ip ++ bytes_sent: ++ type: int ++ fields: payload.bytes_sent + - event_type: orchestration.stack.* +- traits: ++ traits: &orchestration_crud + project_id: + fields: payload.tenant_id ++ user_id: ++ fields: ['ctxt.trustor_user_id', 'ctxt.user_id'] + resource_id: + fields: payload.stack_identity +- user_id: +- fields: +- - _context_trustor_user_id +- - _context_user_id + - event_type: sahara.cluster.* +- traits: ++ traits: &sahara_crud + project_id: + fields: payload.project_id ++ user_id: ++ fields: ctxt.user_id + resource_id: + fields: payload.cluster_id +- user_id: +- fields: _context_user_id + - event_type: sahara.cluster.health +- traits: +- created_at: +- fields: payload.created_at +- type: datetime +- health_check_description: +- fields: payload.health_check_description +- health_check_name: +- fields: payload.health_check_name ++ traits: &sahara_health ++ <<: *sahara_crud ++ verification_id: ++ fields: payload.verification_id + health_check_status: + fields: payload.health_check_status +- project_id: +- fields: payload.project_id +- resource_id: +- fields: payload.cluster_id ++ health_check_name: ++ fields: payload.health_check_name ++ health_check_description: ++ fields: payload.health_check_description ++ created_at: ++ type: datetime ++ fields: payload.created_at + updated_at: +- fields: payload.updated_at + type: datetime +- user_id: +- fields: _context_user_id +- verification_id: +- fields: payload.verification_id +- - event_type: +- - identity.user.* +- - identity.project.* +- - identity.group.* +- - identity.role.* +- - 'identity.OS-TRUST:trust.*' +- - identity.region.* +- - identity.service.* +- - identity.endpoint.* +- - identity.policy.* +- traits: +- domain_id: +- fields: payload.initiator.domain_id ++ fields: payload.updated_at ++ - event_type: ['identity.user.*', 'identity.project.*', 'identity.group.*', 'identity.role.*', 'identity.OS-TRUST:trust.*', ++ 'identity.region.*', 'identity.service.*', 'identity.endpoint.*', 'identity.policy.*'] ++ traits: &identity_crud ++ resource_id: ++ fields: payload.resource_info + initiator_id: + fields: payload.initiator.id + project_id: + fields: payload.initiator.project_id +- resource_id: +- fields: payload.resource_info ++ domain_id: ++ fields: payload.initiator.domain_id + - event_type: identity.role_assignment.* +- traits: +- domain: +- fields: payload.domain +- group: +- fields: payload.group +- project: +- fields: payload.project ++ traits: &identity_role_assignment + role: + fields: payload.role ++ group: ++ fields: payload.group ++ domain: ++ fields: payload.domain + user: + fields: payload.user ++ project: ++ fields: payload.project + - event_type: identity.authenticate +- traits: +- action: +- fields: payload.action +- eventTime: +- fields: payload.eventTime +- eventType: +- fields: payload.eventType ++ traits: &identity_authenticate ++ typeURI: ++ fields: payload.typeURI + id: + fields: payload.id +- initiator_host_addr: +- fields: payload.initiator.host.address +- initiator_host_agent: +- fields: payload.initiator.host.agent ++ action: ++ fields: payload.action ++ eventType: ++ fields: payload.eventType ++ eventTime: ++ fields: payload.eventTime ++ outcome: ++ fields: payload.outcome ++ initiator_typeURI: ++ fields: payload.initiator.typeURI + initiator_id: + fields: payload.initiator.id + initiator_name: + fields: payload.initiator.name +- initiator_typeURI: +- fields: payload.initiator.typeURI +- observer_id: +- fields: payload.observer.id +- observer_typeURI: +- fields: payload.observer.typeURI +- outcome: +- fields: payload.outcome +- target_id: +- fields: payload.target.id ++ initiator_host_agent: ++ fields: payload.initiator.host.agent ++ initiator_host_addr: ++ fields: payload.initiator.host.address + target_typeURI: + fields: payload.target.typeURI ++ target_id: ++ fields: payload.target.id ++ observer_typeURI: ++ fields: payload.observer.typeURI ++ observer_id: ++ fields: payload.observer.id ++ - event_type: objectstore.http.request ++ traits: &objectstore_request + typeURI: + fields: payload.typeURI +- - event_type: objectstore.http.request +- traits: ++ id: ++ fields: payload.id + action: + fields: payload.action +- eventTime: +- fields: payload.eventTime + eventType: + fields: payload.eventType +- id: +- fields: payload.id ++ eventTime: ++ fields: payload.eventTime ++ outcome: ++ fields: payload.outcome ++ initiator_typeURI: ++ fields: payload.initiator.typeURI + initiator_id: + fields: payload.initiator.id + initiator_project_id: + fields: payload.initiator.project_id +- initiator_typeURI: +- fields: payload.initiator.typeURI +- observer_id: +- fields: payload.observer.id +- outcome: +- fields: payload.outcome +- target_action: +- fields: payload.target.action ++ target_typeURI: ++ fields: payload.target.typeURI + target_id: + fields: payload.target.id +- target_metadata_container: +- fields: payload.target.metadata.container +- target_metadata_object: +- fields: payload.target.metadata.object ++ target_action: ++ fields: payload.target.action + target_metadata_path: + fields: payload.target.metadata.path + target_metadata_version: + fields: payload.target.metadata.version +- target_typeURI: +- fields: payload.target.typeURI +- typeURI: +- fields: payload.typeURI +- - event_type: +- - network.* +- - subnet.* +- - port.* +- - router.* +- - floatingip.* +- - pool.* +- - vip.* +- - member.* +- - health_monitor.* +- - healthmonitor.* +- - listener.* +- - loadbalancer.* +- - firewall.* +- - firewall_policy.* +- - firewall_rule.* +- - vpnservice.* +- - ipsecpolicy.* +- - ikepolicy.* +- - ipsec_site_connection.* +- traits: +- project_id: +- fields: _context_tenant_id ++ target_metadata_container: ++ fields: payload.target.metadata.container ++ target_metadata_object: ++ fields: payload.target.metadata.object ++ observer_id: ++ fields: payload.observer.id ++ - event_type: ['network.*', 'subnet.*', 'port.*', 'router.*', 'floatingip.*', 'pool.*', 'vip.*', 'member.*', 'health_monitor.*', 'healthmonitor.*', 'listener.*', 'loadbalancer.*', 'firewall.*', 'firewall_policy.*', 'firewall_rule.*', 'vpnservice.*', 'ipsecpolicy.*', 'ikepolicy.*', 'ipsec_site_connection.*'] ++ traits: &network_traits + user_id: +- fields: _context_user_id ++ fields: ctxt.user_id ++ project_id: ++ fields: ctxt.tenant_id + - event_type: network.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.network.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.network.id', 'payload.id'] + - event_type: subnet.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.subnet.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.subnet.id', 'payload.id'] + - event_type: port.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.port.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.port.id', 'payload.id'] + - event_type: router.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.router.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.router.id', 'payload.id'] + - event_type: floatingip.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.floatingip.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.floatingip.id', 'payload.id'] + - event_type: pool.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.pool.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.pool.id', 'payload.id'] + - event_type: vip.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.vip.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.vip.id', 'payload.id'] + - event_type: member.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.member.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.member.id', 'payload.id'] + - event_type: health_monitor.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.health_monitor.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.health_monitor.id', 'payload.id'] + - event_type: healthmonitor.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.healthmonitor.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.healthmonitor.id', 'payload.id'] + - event_type: listener.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.listener.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.listener.id', 'payload.id'] + - event_type: loadbalancer.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.loadbalancer.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.loadbalancer.id', 'payload.id'] + - event_type: firewall.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.firewall.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.firewall.id', 'payload.id'] + - event_type: firewall_policy.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.firewall_policy.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.firewall_policy.id', 'payload.id'] + - event_type: firewall_rule.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.firewall_rule.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.firewall_rule.id', 'payload.id'] + - event_type: vpnservice.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.vpnservice.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.vpnservice.id', 'payload.id'] + - event_type: ipsecpolicy.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.ipsecpolicy.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.ipsecpolicy.id', 'payload.id'] + - event_type: ikepolicy.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.ikepolicy.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.ikepolicy.id', 'payload.id'] + - event_type: ipsec_site_connection.* + traits: +- project_id: +- fields: _context_tenant_id ++ <<: *network_traits + resource_id: +- fields: +- - payload.ipsec_site_connection.id +- - payload.id +- user_id: +- fields: _context_user_id ++ fields: ['payload.ipsec_site_connection.id', 'payload.id'] + - event_type: '*http.*' +- traits: +- action: +- fields: payload.action +- eventTime: +- fields: payload.eventTime +- eventType: +- fields: payload.eventType +- id: +- fields: payload.id +- initiator_host_address: +- fields: payload.initiator.host.address +- initiator_id: +- fields: payload.initiator.id +- initiator_name: +- fields: payload.initiator.name +- initiator_typeURI: +- fields: payload.initiator.typeURI +- observer_id: +- fields: payload.observer.id +- outcome: +- fields: payload.outcome ++ traits: &http_audit + project_id: + fields: payload.initiator.project_id +- requestPath: +- fields: payload.requestPath +- target_id: +- fields: payload.target.id +- target_name: +- fields: payload.target.name +- target_typeURI: +- fields: payload.target.typeURI +- typeURI: +- fields: payload.typeURI + user_id: + fields: payload.initiator.id +- - event_type: '*http.response' +- traits: +- action: +- fields: payload.action +- eventTime: +- fields: payload.eventTime ++ typeURI: ++ fields: payload.typeURI + eventType: + fields: payload.eventType +- id: +- fields: payload.id +- initiator_host_address: +- fields: payload.initiator.host.address +- initiator_id: +- fields: payload.initiator.id +- initiator_name: +- fields: payload.initiator.name +- initiator_typeURI: +- fields: payload.initiator.typeURI +- observer_id: +- fields: payload.observer.id ++ action: ++ fields: payload.action + outcome: + fields: payload.outcome +- project_id: +- fields: payload.initiator.project_id +- reason_code: +- fields: payload.reason.reasonCode ++ id: ++ fields: payload.id ++ eventTime: ++ fields: payload.eventTime + requestPath: + fields: payload.requestPath ++ observer_id: ++ fields: payload.observer.id + target_id: + fields: payload.target.id +- target_name: +- fields: payload.target.name + target_typeURI: + fields: payload.target.typeURI +- typeURI: +- fields: payload.typeURI +- user_id: ++ target_name: ++ fields: payload.target.name ++ initiator_typeURI: ++ fields: payload.initiator.typeURI ++ initiator_id: + fields: payload.initiator.id +- - event_type: +- - dns.domain.create +- - dns.domain.update +- - dns.domain.delete ++ initiator_name: ++ fields: payload.initiator.name ++ initiator_host_address: ++ fields: payload.initiator.host.address ++ - event_type: '*http.response' + traits: +- action: +- fields: payload.action +- created_at: +- fields: payload.created_at +- description: +- fields: payload.description +- email: +- fields: payload.email +- expire: +- fields: payload.expire +- name: +- fields: payload.name +- parent_domain_id: +- fields: parent_domain_id +- resource_id: +- fields: payload.id +- retry: +- fields: payload.retry +- serial: +- fields: payload.serial ++ <<: *http_audit ++ reason_code: ++ fields: payload.reason.reasonCode ++ - event_type: ['dns.domain.create', 'dns.domain.update', 'dns.domain.delete'] ++ traits: &dns_domain_traits + status: + fields: payload.status +- ttl: +- fields: payload.ttl +- updated_at: +- fields: payload.updated_at +- version: +- fields: payload.version +- - event_type: dns.domain.exists +- traits: +- action: +- fields: payload.action +- audit_period_beginning: +- fields: payload.audit_period_beginning +- type: datetime +- audit_period_ending: +- fields: payload.audit_period_ending +- type: datetime +- created_at: +- fields: payload.created_at ++ retry: ++ fields: payload.retry + description: + fields: payload.description +- email: +- fields: payload.email + expire: + fields: payload.expire +- name: +- fields: payload.name +- parent_domain_id: +- fields: parent_domain_id +- resource_id: +- fields: payload.id +- retry: +- fields: payload.retry +- serial: +- fields: payload.serial +- status: +- fields: payload.status ++ email: ++ fields: payload.email + ttl: +- fields: payload.ttl +- updated_at: +- fields: payload.updated_at +- version: +- fields: payload.version +- - event_type: trove.* +- traits: +- created_at: +- fields: payload.created_at +- type: datetime +- instance_name: +- fields: payload.instance_name +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- launched_at: +- fields: payload.launched_at +- type: datetime +- nova_instance_id: +- fields: payload.nova_instance_id +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id +- service_id: +- fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id +- - event_type: +- - trove.instance.create +- - trove.instance.modify_volume +- - trove.instance.modify_flavor +- - trove.instance.delete +- traits: +- availability_zone: +- fields: payload.availability_zone +- instance_size: +- fields: payload.instance_size +- type: int +- name: +- fields: payload.name +- nova_volume_id: +- fields: payload.nova_volume_id +- volume_size: +- fields: payload.volume_size +- type: int +- - event_type: trove.instance.create +- traits: +- availability_zone: +- fields: payload.availability_zone +- created_at: +- fields: payload.created_at +- type: datetime +- instance_name: +- fields: payload.instance_name +- instance_size: +- fields: payload.instance_size +- type: int +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- launched_at: +- fields: payload.launched_at +- type: datetime +- name: +- fields: payload.name +- nova_instance_id: +- fields: payload.nova_instance_id +- nova_volume_id: +- fields: payload.nova_volume_id +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id +- service_id: +- fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id +- volume_size: +- fields: payload.volume_size +- type: int +- - event_type: trove.instance.modify_volume +- traits: +- availability_zone: +- fields: payload.availability_zone +- created_at: +- fields: payload.created_at +- type: datetime +- instance_name: +- fields: payload.instance_name +- instance_size: +- fields: payload.instance_size +- type: int +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- launched_at: +- fields: payload.launched_at +- type: datetime +- modify_at: +- fields: payload.modify_at +- type: datetime +- name: +- fields: payload.name +- nova_instance_id: +- fields: payload.nova_instance_id +- nova_volume_id: +- fields: payload.nova_volume_id +- old_volume_size: +- fields: payload.old_volume_size +- type: int +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id +- service_id: +- fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id +- volume_size: +- fields: payload.volume_size +- type: int +- - event_type: trove.instance.modify_flavor +- traits: +- availability_zone: +- fields: payload.availability_zone ++ fields: payload.ttl ++ action: ++ fields: payload.action ++ name: ++ fields: payload.name ++ resource_id: ++ fields: payload.id + created_at: + fields: payload.created_at ++ updated_at: ++ fields: payload.updated_at ++ version: ++ fields: payload.version ++ parent_domain_id: ++ fields: parent_domain_id ++ serial: ++ fields: payload.serial ++ - event_type: dns.domain.exists ++ traits: ++ <<: *dns_domain_traits ++ audit_period_beginning: + type: datetime +- instance_name: +- fields: payload.instance_name +- instance_size: +- fields: payload.instance_size +- type: int ++ fields: payload.audit_period_beginning ++ audit_period_ending: ++ type: datetime ++ fields: payload.audit_period_ending ++ - event_type: trove.* ++ traits: &trove_base_traits ++ state: ++ fields: payload.state_description + instance_type: + fields: payload.instance_type ++ user_id: ++ fields: payload.user_id ++ resource_id: ++ fields: payload.instance_id + instance_type_id: + fields: payload.instance_type_id + launched_at: +- fields: payload.launched_at +- type: datetime +- modify_at: +- fields: payload.modify_at + type: datetime +- name: +- fields: payload.name ++ fields: payload.launched_at ++ instance_name: ++ fields: payload.instance_name ++ state: ++ fields: payload.state + nova_instance_id: + fields: payload.nova_instance_id +- nova_volume_id: +- fields: payload.nova_volume_id +- old_instance_size: +- fields: payload.old_instance_size +- type: int +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id + service_id: + fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id +- volume_size: +- fields: payload.volume_size +- type: int +- - event_type: trove.instance.delete +- traits: +- availability_zone: +- fields: payload.availability_zone + created_at: +- fields: payload.created_at +- type: datetime +- deleted_at: +- fields: payload.deleted_at + type: datetime +- instance_name: +- fields: payload.instance_name ++ fields: payload.created_at ++ region: ++ fields: payload.region ++ - event_type: ['trove.instance.create', 'trove.instance.modify_volume', 'trove.instance.modify_flavor', 'trove.instance.delete'] ++ traits: &trove_common_traits ++ name: ++ fields: payload.name ++ availability_zone: ++ fields: payload.availability_zone + instance_size: ++ type: int + fields: payload.instance_size ++ volume_size: + type: int +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- launched_at: +- fields: payload.launched_at +- type: datetime +- name: +- fields: payload.name +- nova_instance_id: +- fields: payload.nova_instance_id ++ fields: payload.volume_size + nova_volume_id: + fields: payload.nova_volume_id +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id +- service_id: +- fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id +- volume_size: +- fields: payload.volume_size +- type: int +- - event_type: trove.instance.exists ++ - event_type: trove.instance.create + traits: +- audit_period_beginning: +- fields: payload.audit_period_beginning ++ <<: [*trove_base_traits, *trove_common_traits] ++ - event_type: trove.instance.modify_volume ++ traits: ++ <<: [*trove_base_traits, *trove_common_traits] ++ old_volume_size: ++ type: int ++ fields: payload.old_volume_size ++ modify_at: + type: datetime +- audit_period_ending: +- fields: payload.audit_period_ending ++ fields: payload.modify_at ++ - event_type: trove.instance.modify_flavor ++ traits: ++ <<: [*trove_base_traits, *trove_common_traits] ++ old_instance_size: ++ type: int ++ fields: payload.old_instance_size ++ modify_at: + type: datetime +- created_at: +- fields: payload.created_at ++ fields: payload.modify_at ++ - event_type: trove.instance.delete ++ traits: ++ <<: [*trove_base_traits, *trove_common_traits] ++ deleted_at: + type: datetime ++ fields: payload.deleted_at ++ - event_type: trove.instance.exists ++ traits: ++ <<: *trove_base_traits + display_name: + fields: payload.display_name +- instance_name: +- fields: payload.instance_name +- instance_type: +- fields: payload.instance_type +- instance_type_id: +- fields: payload.instance_type_id +- launched_at: +- fields: payload.launched_at ++ audit_period_beginning: + type: datetime +- nova_instance_id: +- fields: payload.nova_instance_id +- region: +- fields: payload.region +- resource_id: +- fields: payload.instance_id +- service_id: +- fields: payload.service_id +- state: +- fields: payload.state +- user_id: +- fields: payload.user_id ++ fields: payload.audit_period_beginning ++ audit_period_ending: ++ type: datetime ++ fields: payload.audit_period_ending + - event_type: profiler.* + traits: +- base_id: +- fields: payload.base_id +- db.params: +- fields: payload.info.db.params +- db.statement: +- fields: payload.info.db.statement +- host: +- fields: payload.info.host +- method: +- fields: payload.info.request.method ++ project: ++ fields: payload.project ++ service: ++ fields: payload.service + name: + fields: payload.name ++ base_id: ++ fields: payload.base_id ++ trace_id: ++ fields: payload.trace_id + parent_id: + fields: payload.parent_id ++ timestamp: ++ fields: payload.timestamp ++ host: ++ fields: payload.info.host + path: + fields: payload.info.request.path +- project: +- fields: payload.project + query: + fields: payload.info.request.query ++ method: ++ fields: payload.info.request.method + scheme: + fields: payload.info.request.scheme +- service: +- fields: payload.service +- timestamp: +- fields: payload.timestamp +- trace_id: +- fields: payload.trace_id +- - event_type: magnum.bay.* +- traits: +- action: +- fields: payload.action +- eventTime: +- fields: payload.eventTime +- eventType: +- fields: payload.eventType ++ db.statement: ++ fields: payload.info.db.statement ++ db.params: ++ fields: payload.info.db.params ++ - event_type: 'magnum.bay.*' ++ traits: &magnum_bay_crud + id: + fields: payload.id +- initiator_host_address: +- fields: payload.initiator.host.address +- initiator_host_agent: +- fields: payload.initiator.host.agent ++ typeURI: ++ fields: payload.typeURI ++ eventType: ++ fields: payload.eventType ++ eventTime: ++ fields: payload.eventTime ++ action: ++ fields: payload.action ++ outcome: ++ fields: payload.outcome + initiator_id: + fields: payload.initiator.id +- initiator_name: +- fields: payload.initiator.name + initiator_typeURI: + fields: payload.initiator.typeURI +- observer_id: +- fields: payload.observer.id +- observer_typeURI: +- fields: payload.observer.typeURI +- outcome: +- fields: payload.outcome ++ initiator_name: ++ fields: payload.initiator.name ++ initiator_host_agent: ++ fields: payload.initiator.host.agent ++ initiator_host_address: ++ fields: payload.initiator.host.address + target_id: + fields: payload.target.id + target_typeURI: + fields: payload.target.typeURI +- typeURI: +- fields: payload.typeURI ++ observer_id: ++ fields: payload.observer.id ++ observer_typeURI: ++ fields: payload.observer.typeURI ++ meters: ++ metric: ++ # Image ++ - name: "image.size" ++ event_type: ++ - "image.upload" ++ - "image.delete" ++ - "image.update" ++ type: "gauge" ++ unit: B ++ volume: $.payload.size ++ resource_id: $.payload.id ++ project_id: $.payload.owner ++ - name: "image.download" ++ event_type: "image.send" ++ type: "delta" ++ unit: "B" ++ volume: $.payload.bytes_sent ++ resource_id: $.payload.image_id ++ user_id: $.payload.receiver_user_id ++ project_id: $.payload.receiver_tenant_id ++ - name: "image.serve" ++ event_type: "image.send" ++ type: "delta" ++ unit: "B" ++ volume: $.payload.bytes_sent ++ resource_id: $.payload.image_id ++ project_id: $.payload.owner_id ++ - name: 'volume.size' ++ event_type: ++ - 'volume.exists' ++ - 'volume.create.*' ++ - 'volume.delete.*' ++ - 'volume.resize.*' ++ - 'volume.attach.*' ++ - 'volume.detach.*' ++ - 'volume.update.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.size ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.volume_id ++ metadata: ++ display_name: $.payload.display_name ++ volume_type: $.payload.volume_type ++ - name: 'snapshot.size' ++ event_type: ++ - 'snapshot.exists' ++ - 'snapshot.create.*' ++ - 'snapshot.delete.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.volume_size ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.snapshot_id ++ metadata: ++ display_name: $.payload.display_name ++ - name: 'backup.size' ++ event_type: ++ - 'backup.exists' ++ - 'backup.create.*' ++ - 'backup.delete.*' ++ - 'backup.restore.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.size ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.backup_id ++ metadata: ++ display_name: $.payload.display_name ++ # Magnum ++ - name: $.payload.metrics.[*].name ++ event_type: 'magnum.bay.metrics.*' ++ type: 'gauge' ++ unit: $.payload.metrics.[*].unit ++ volume: $.payload.metrics.[*].value ++ user_id: $.payload.user_id ++ project_id: $.payload.project_id ++ resource_id: $.payload.resource_id ++ lookup: ['name', 'unit', 'volume'] ++ # Swift ++ - name: $.payload.measurements.[*].metric.[*].name ++ event_type: 'objectstore.http.request' ++ type: 'delta' ++ unit: $.payload.measurements.[*].metric.[*].unit ++ volume: $.payload.measurements.[*].result ++ resource_id: $.payload.target.id ++ user_id: $.payload.initiator.id ++ project_id: $.payload.initiator.project_id ++ lookup: ['name', 'unit', 'volume'] ++ - name: 'memory' ++ event_type: 'compute.instance.*' ++ type: 'gauge' ++ unit: 'MB' ++ volume: $.payload.memory_mb ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_metadata: $.payload.metadata ++ metadata: &instance_meta ++ host: $.payload.host ++ flavor_id: $.payload.instance_flavor_id ++ flavor_name: $.payload.instance_type ++ display_name: $.payload.display_name ++ host: $.payload.host ++ image_ref: $.payload.image_meta.base_image_ref ++ - name: 'vcpus' ++ event_type: 'compute.instance.*' ++ type: 'gauge' ++ unit: 'vcpu' ++ volume: $.payload.vcpus ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_metadata: $.payload.metadata ++ metadata: ++ <<: *instance_meta ++ - name: 'compute.instance.booting.time' ++ event_type: 'compute.instance.create.end' ++ type: 'gauge' ++ unit: 'sec' ++ volume: ++ fields: [$.payload.created_at, $.payload.launched_at] ++ plugin: 'timedelta' ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_metadata: $.payload.metadata ++ metadata: ++ <<: *instance_meta ++ - name: 'disk.root.size' ++ event_type: 'compute.instance.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.root_gb ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_metadata: $.payload.metadata ++ metadata: ++ <<: *instance_meta ++ - name: 'disk.ephemeral.size' ++ event_type: 'compute.instance.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.ephemeral_gb ++ user_id: $.payload.user_id ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_metadata: $.payload.metadata ++ metadata: ++ <<: *instance_meta ++ - name: 'bandwidth' ++ event_type: 'l3.meter' ++ type: 'delta' ++ unit: 'B' ++ volume: $.payload.bytes ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.label_id ++ - name: 'compute.node.cpu.frequency' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'MHz' ++ volume: $.payload.metrics[?(@.name='cpu.frequency')].value ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.frequency')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.frequency')].source ++ - name: 'compute.node.cpu.user.time' ++ event_type: 'compute.metrics.update' ++ type: 'cumulative' ++ unit: 'ns' ++ volume: $.payload.metrics[?(@.name='cpu.user.time')].value ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.user.time')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.user.time')].source ++ - name: 'compute.node.cpu.kernel.time' ++ event_type: 'compute.metrics.update' ++ type: 'cumulative' ++ unit: 'ns' ++ volume: $.payload.metrics[?(@.name='cpu.kernel.time')].value ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.kernel.time')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.kernel.time')].source ++ - name: 'compute.node.cpu.idle.time' ++ event_type: 'compute.metrics.update' ++ type: 'cumulative' ++ unit: 'ns' ++ volume: $.payload.metrics[?(@.name='cpu.idle.time')].value ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.idle.time')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.idle.time')].source ++ - name: 'compute.node.cpu.iowait.time' ++ event_type: 'compute.metrics.update' ++ type: 'cumulative' ++ unit: 'ns' ++ volume: $.payload.metrics[?(@.name='cpu.iowait.time')].value ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.iowait.time')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.iowait.time')].source ++ - name: 'compute.node.cpu.kernel.percent' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'percent' ++ volume: $.payload.metrics[?(@.name='cpu.kernel.percent')].value * 100 ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.kernel.percent')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.kernel.percent')].source ++ - name: 'compute.node.cpu.idle.percent' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'percent' ++ volume: $.payload.metrics[?(@.name='cpu.idle.percent')].value * 100 ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.idle.percent')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.idle.percent')].source ++ - name: 'compute.node.cpu.user.percent' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'percent' ++ volume: $.payload.metrics[?(@.name='cpu.user.percent')].value * 100 ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.user.percent')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.user.percent')].source ++ - name: 'compute.node.cpu.iowait.percent' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'percent' ++ volume: $.payload.metrics[?(@.name='cpu.iowait.percent')].value * 100 ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.iowait.percent')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.iowait.percent')].source ++ - name: 'compute.node.cpu.percent' ++ event_type: 'compute.metrics.update' ++ type: 'gauge' ++ unit: 'percent' ++ volume: $.payload.metrics[?(@.name='cpu.percent')].value * 100 ++ resource_id: $.payload.host + "_" + $.payload.nodename ++ timestamp: $.payload.metrics[?(@.name='cpu.percent')].timestamp ++ metadata: ++ event_type: $.event_type ++ host: $.publisher_id ++ source: $.payload.metrics[?(@.name='cpu.percent')].source ++ # Identity ++ # NOTE(gordc): hack because jsonpath-rw-ext can't concat starting with string. ++ - name: $.payload.outcome - $.payload.outcome + 'identity.authenticate.' + $.payload.outcome ++ type: 'delta' ++ unit: 'user' ++ volume: 1 ++ event_type: ++ - 'identity.authenticate' ++ resource_id: $.payload.initiator.id ++ user_id: $.payload.initiator.id ++ # DNS ++ - name: 'dns.domain.exists' ++ event_type: 'dns.domain.exists' ++ type: 'cumulative' ++ unit: 's' ++ volume: ++ fields: [$.payload.audit_period_beginning, $.payload.audit_period_ending] ++ plugin: 'timedelta' ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.id ++ user_id: $.ctxt.user ++ metadata: ++ status: $.payload.status ++ pool_id: $.payload.pool_id ++ host: $.publisher_id ++ # Trove ++ - name: 'trove.instance.exists' ++ event_type: 'trove.instance.exists' ++ type: 'cumulative' ++ unit: 's' ++ volume: ++ fields: [$.payload.audit_period_beginning, $.payload.audit_period_ending] ++ plugin: 'timedelta' ++ project_id: $.payload.tenant_id ++ resource_id: $.payload.instance_id ++ user_id: $.payload.user_id ++ metadata: ++ nova_instance_id: $.payload.nova_instance_id ++ state: $.payload.state ++ service_id: $.payload.service_id ++ instance_type: $.payload.instance_type ++ instance_type_id: $.payload.instance_type_id ++ # Manila ++ - name: 'manila.share.size' ++ event_type: ++ - 'share.create.*' ++ - 'share.delete.*' ++ - 'share.extend.*' ++ - 'share.shrink.*' ++ type: 'gauge' ++ unit: 'GB' ++ volume: $.payload.size ++ user_id: $.payload.user_id ++ project_id: $.payload.project_id ++ resource_id: $.payload.share_id ++ metadata: ++ name: $.payload.name ++ host: $.payload.host ++ status: $.payload.status ++ availability_zone: $.payload.availability_zone ++ protocol: $.payload.proto + event_pipeline: + sinks: + - name: event_sink +@@ -1620,6 +1553,22 @@ dependencies: + service: mongodb + - endpoint: internal + service: metric ++ ipmi: ++ jobs: ++ - ceilometer-db-init-mongodb ++ - ceilometer-db-sync ++ - ceilometer-rabbit-init ++ - ceilometer-ks-user ++ - ceilometer-ks-endpoints ++ services: ++ - endpoint: internal ++ service: identity ++ - endpoint: internal ++ service: oslo_db ++ - endpoint: internal ++ service: mongodb ++ - endpoint: internal ++ service: metric + collector: + jobs: + - ceilometer-db-init-mongodb +@@ -1928,6 +1877,9 @@ pod: + ceilometer_central: + init_container: null + ceilometer_central: ++ ceilometer_ipmi: ++ init_container: null ++ ceilometer_ipmi: + ceilometer_collector: + init_container: null + ceilometer_collector: +@@ -1996,6 +1948,13 @@ pod: + limits: + memory: "1024Mi" + cpu: "2000m" ++ ipmi: ++ requests: ++ memory: "124Mi" ++ cpu: "100m" ++ limits: ++ memory: "1024Mi" ++ cpu: "2000m" + jobs: + db_init: + requests: +@@ -2068,6 +2027,7 @@ manifests: + deployment_central: true + deployment_collector: true + daemonset_compute: true ++ daemonset_ipmi: true + deployment_notification: true + ingress_api: true + job_bootstrap: true +-- +1.8.3.1 +