[cinder] Add some features and fix some bugs

1、Map log file to host directory 2、Auto create volume type 3、Fix some typos. 4、Add related privileges about ceph.rook.io and cephclients to cinder serviceaccount.
kungze · Jul 22, 2022 · c38f43d · c38f43d
1 parent 09e2ffd
commit c38f43d
Show file tree

Hide file tree

Showing 14 changed files with 186 additions and 38 deletions.
diff --git a/charts/cinder/Chart.yaml b/charts/cinder/Chart.yaml
@@ -13,7 +13,7 @@
 apiVersion: v2
 description: Openstack cinder service
 name: cinder
-version: 1.0.1
+version: 1.0.2
 home: https://github.com/kungze/kolla-helm
 maintainers:
   - name: Kungze

diff --git a/charts/cinder/templates/bin/_lvm_clean.sh.tpl b/charts/cinder/templates/bin/_lvm_clean.sh.tpl
@@ -1,7 +1,7 @@
 #!/bin/bash
 set -ex
 vgremove -y {{ .Values.lvm.vg_name }}
-pvremove {{ .Values.lvm.loop_device_name }}
+pvremove {{ .Values.lvm.loop_device_name }} --force --force
 {{- if .Values.lvm.create_loop_device }}
 losetup -d {{ .Values.lvm.loop_device_name }}
 {{- end }}
diff --git a/charts/cinder/templates/bin/_volume_type_create.sh.tpl b/charts/cinder/templates/bin/_volume_type_create.sh.tpl
@@ -0,0 +1,11 @@
+#!/bin/bash
+set -ex
+{{- if .Values.ceph.enabled }}
+openstack volume type create {{ .Values.ceph.volume_type }}
+openstack volume type set --property volume_backend_name='{{ .Values.ceph.volume_type }}' {{ .Values.ceph.volume_type }}
+{{- end }}
+
+{{- if .Values.lvm.enabled }}
+openstack volume type create {{ .Values.lvm.volume_type }}
+openstack volume type set --property volume_backend_name='{{ .Values.lvm.volume_type }}' {{ .Values.lvm.volume_type }}
+{{- end }}
diff --git a/charts/cinder/templates/cephclient-cinder.yaml b/charts/cinder/templates/cephclient-cinder.yaml
@@ -11,4 +11,4 @@
 {{ $cephClient := dict "cephClusterNamespace" .Values.ceph.cephClusterNamespace "cephUserName" .Values.ceph.cephClientName "prvileges" $prvileges }}
 {{- $cephClient | include "common.manifests.cephclient" -}}
 {{- end -}}
-{{- end -}}
+{{- end -}}
diff --git a/charts/cinder/templates/cephpool-backup.yaml b/charts/cinder/templates/cephpool-backup.yaml
@@ -1,4 +1,4 @@
 {{- if and .Values.ceph.enabled .Values.ceph.backup.enabled -}}
 {{- $cephPool := dict "poolName" .Values.ceph.backup.poolName "cephClusterNamespace" .Values.ceph.cephClusterNamespace "replicated" .Values.ceph.backup.replicatedSize "failureDomain" .Values.ceph.backup.failureDomain -}}
 {{- $cephPool | include "common.manifests.cephpool" -}}
-{{- end -}}
+{{- end -}}
diff --git a/charts/cinder/templates/cephpool-volumes.yaml b/charts/cinder/templates/cephpool-volumes.yaml
@@ -1,4 +1,4 @@
 {{- if .Values.ceph.enabled -}}
 {{- $cephPool := dict "poolName" .Values.ceph.poolName "cephClusterNamespace" .Values.ceph.cephClusterNamespace "replicated" .Values.ceph.replicatedSize "failureDomain" .Values.ceph.failureDomain -}}
 {{- $cephPool | include "common.manifests.cephpool" -}}
-{{- end -}}
+{{- end -}}
diff --git a/charts/cinder/templates/cinder-rbac.yaml b/charts/cinder/templates/cinder-rbac.yaml
@@ -1,15 +1,15 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
 
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
 rules:
@@ -35,34 +35,36 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
 subjects:
 - kind: ServiceAccount
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
 
 {{- if .Values.ceph.enabled }}
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
 rules:
   - apiGroups:
       - ""
       - apps
       - extensions
+      - ceph.rook.io
     resources:
       - secrets
       - configmaps
+      - cephclients
     verbs:
       - get
       - list
@@ -76,15 +78,15 @@ rules:
 kind: ClusterRoleBinding
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
   namespace: {{ .Release.Namespace | quote }}
   labels: {{- include "common.labels.standard" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: {{ .Values.serviceAccountName}}
+  name: {{ .Values.serviceAccountName }}
 subjects:
   - kind: ServiceAccount
-    name: {{ .Values.serviceAccountName}}
+    name: {{ .Values.serviceAccountName }}
     namespace: {{ .Release.Namespace | quote }}
 {{- end }}
diff --git a/charts/cinder/templates/conf/_cinder.conf.tpl b/charts/cinder/templates/conf/_cinder.conf.tpl
@@ -2,6 +2,7 @@
 debug = False
 use_forwarded_for = true
 use_stderr = False
+log_dir = /var/log/kolla/cinder
 osapi_volume_workers = 5
 volume_name_template = volume-%s
 volumes_dir = /var/lib/cinder/volumes
@@ -18,7 +19,7 @@ enabled_backends = {{ .Values.ceph.volume_type }}
 default_volume_type = {{ .Values.ceph.volume_type }}
 {{- end }}
 
-{{- if .Values.ceph.backup.anabled }}
+{{- if and .Values.ceph.enabled .Values.ceph.backup.enabled }}
 backup_driver = cinder.backup.drivers.ceph.CephBackupDriver
 backup_ceph_conf = /etc/ceph/ceph.conf
 backup_ceph_user = {{ .Values.ceph.cephClientName }}
@@ -99,4 +100,5 @@ volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
 volume_backend_name = {{ .Values.lvm.volume_type }}
 target_helper = {{ .Values.lvm.lvm_target_helper }}
 target_protocol = iscsi
+lvm_type = default
 {{- end }}
diff --git a/charts/cinder/templates/configmap-bin.yaml b/charts/cinder/templates/configmap-bin.yaml
@@ -28,3 +28,5 @@ data:
   sync-ceph-cm-secrets.py: |
 {{- include "common.scripts.sync_ceph_cm_secret" . | indent 4 }}
   {{- end }}
+  volume-type-create.sh: |
+{{ tuple "bin/_volume_type_create.sh.tpl" . | include "common.utils.template" | indent 4 }}
diff --git a/charts/cinder/templates/daemonset-volume.yaml b/charts/cinder/templates/daemonset-volume.yaml
@@ -13,6 +13,7 @@ spec:
         app.kubernetes.io/component: cinder-volume
     spec:
       hostNetwork: true
+      dnsPolicy: ClusterFirstWithHostNet
       initContainers:
         - name: init
           command:
@@ -34,7 +35,7 @@ spec:
             value: eth0
           - name: DEPENDENCY_SERVICE
             value: "cinder-api"
-        {{- if .Values.lvm.create_loop_device }}
+        {{- if and .Values.lvm.enabled .Values.lvm.create_loop_device }}
         - name: loop
           image: {{ template "cinder.loop.image" . }}
           imagePullPolicy: {{ .Values.pullPolicy }}
@@ -106,6 +107,8 @@ spec:
                   key: {{ .Values.ceph.cephClientName }}
             {{- end }}
           volumeMounts:
+            - mountPath: /var/log/kolla/cinder
+              name: cinderlog
             - mountPath: /tmp
               name: pod-tmp
             - mountPath: /dev
@@ -129,7 +132,6 @@ spec:
             - mountPath: /tmp/lvm-clean.sh
               name: cinder-bin
               subPath: lvm-clean.sh
-            {{- end }}
             {{- if eq .Values.lvm.lvm_target_helper "tgtadm" }}
             - mountPath: /var/lib/cinder/volumes
               name: cinderlib
@@ -140,6 +142,7 @@ spec:
               mountPath: /etc/multipath
               mountPropagation: Bidirectional
             {{- end }}
+            {{- end }}
             {{- if .Values.ceph.enabled }}
             - mountPath: /etc/ceph
               name: etc-ceph
@@ -149,7 +152,7 @@ spec:
             - mountPath: /etc/rook
               name: mon-endpoint-volume
             {{- end }}
-        {{- if eq .Values.lvm.lvm_target_helper "tgtadm" }}
+        {{- if and .Values.lvm.enabled (eq .Values.lvm.lvm_target_helper "tgtadm") }}
         - name: tgtd
           image: {{ template "kolla.tgtd.image" . }}
           imagePullPolicy: {{ .Values.pullPolicy }}
@@ -182,17 +185,31 @@ spec:
             - mountPath: /var/lib/kolla/config_files/config.json
               name: cinder-etc
               subPath: tgtd.json
-      {{- end }}
-      serviceAccount: {{ .Values.serviceAccountName}}
-      serviceAccountName: {{ .Values.serviceAccountName}}
+        {{- end }}
+      serviceAccount: {{ .Values.serviceAccountName }}
+      serviceAccountName: {{ .Values.serviceAccountName }}
       volumes:
+        - hostPath:
+            path: /var/log/kolla/cinder
+            type: DirectoryOrCreate
+          name: cinderlog
         - emptyDir: {}
           name: pod-tmp
-        {{- if and .Values.lvm.enabled }}
+        {{- if .Values.lvm.create_loop_device }}
         - name: loop-device-dir
           hostPath:
             path: {{ .Values.lvm.loop_device_directory | quote }}
             type: DirectoryOrCreate
+        {{- end }}
+        {{- if and .Values.lvm.enabled (eq .Values.lvm.lvm_target_helper "tgtadm") }}
+        - emptyDir: {}
+          name: cinderlib
+        - name: etciscsi
+          hostPath:
+            path: /etc/iscsi
+        - name: etcmultipath
+          hostPath:
+            path: /etc/multipath
         {{- end -}}
         {{- if .Values.ceph.enabled }}
         - emptyDir: {}
@@ -228,13 +245,3 @@ spec:
           hostPath:
             path: /sys
             type: DirectoryOrCreate
-        {{- if eq .Values.lvm.lvm_target_helper "tgtadm" }}
-        - emptyDir: {}
-          name: cinderlib
-        - name: etciscsi
-          hostPath:
-            path: /etc/iscsi
-        - name: etcmultipath
-          hostPath:
-            path: /etc/multipath
-        {{- end }}
diff --git a/charts/cinder/templates/deployment-api.yaml b/charts/cinder/templates/deployment-api.yaml
@@ -70,6 +70,8 @@ spec:
               containerPort: 8776
               protocol: TCP
           volumeMounts:
+            - mountPath: /var/log/kolla/cinder
+              name: cinderlog
             - mountPath: /tmp
               name: pod-tmp
             - mountPath: /var/lib/kolla/config_files/cinder.conf
@@ -81,9 +83,13 @@ spec:
             - mountPath: /var/lib/kolla/config_files/cinder-wsgi.conf
               name: cinder-etc
               subPath: cinder-wsgi.conf
-      serviceAccount: {{ .Values.serviceAccountName}}
-      serviceAccountName: {{ .Values.serviceAccountName}}
+      serviceAccount: {{ .Values.serviceAccountName }}
+      serviceAccountName: {{ .Values.serviceAccountName }}
       volumes:
+        - hostPath:
+            path: /var/log/kolla/cinder
+            type: DirectoryOrCreate
+          name: cinderlog
         - emptyDir: {}
           name: pod-tmp
         - configMap:

diff --git a/charts/cinder/templates/deployment-backup.yaml b/charts/cinder/templates/deployment-backup.yaml
@@ -46,12 +46,25 @@ spec:
               exec:
                 command:
                 - /tmp/gen-ceph-conf.sh
+          securityContext:
+            privileged: true
           env:
             - name: KOLLA_CONFIG_STRATEGY
               value: "COPY_ALWAYS"
             - name: KOLLA_SERVICE_NAME
               value: "cinder-backup"
+            {{- if .Values.ceph.enabled }}
+            - name: ROOK_CEPH_USERNAME
+              value: {{ .Values.ceph.cephClientName | quote }}
+            - name: ROOK_CEPH_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: {{ printf "ceph-%s" .Values.ceph.cephClientName | quote }}
+                  key: {{ .Values.ceph.cephClientName }}
+            {{- end }}
           volumeMounts:
+            - mountPath: /var/log/kolla/cinder
+              name: cinderlog
             - mountPath: /tmp
               name: pod-tmp
             - mountPath: /var/lib/kolla/config_files/cinder.conf
@@ -67,9 +80,13 @@ spec:
               subPath: gen-ceph-conf.sh
             - mountPath: /etc/rook
               name: mon-endpoint-volume
-      serviceAccount: {{ .Values.serviceAccountName}}
-      serviceAccountName: {{ .Values.serviceAccountName}}
+      serviceAccount: {{ .Values.serviceAccountName }}
+      serviceAccountName: {{ .Values.serviceAccountName }}
       volumes:
+        - hostPath:
+            path: /var/log/kolla/cinder
+            type: DirectoryOrCreate
+          name: cinderlog
         - emptyDir: {}
           name: pod-tmp
         - emptyDir: {}

diff --git a/charts/cinder/templates/deployment-scheduler.yaml b/charts/cinder/templates/deployment-scheduler.yaml
@@ -46,6 +46,8 @@ spec:
             - name: KOLLA_SERVICE_NAME
               value: "cinder-scheduler"
           volumeMounts:
+            - mountPath: /var/log/kolla/cinder
+              name: cinderlog
             - mountPath: /tmp
               name: pod-tmp
             - mountPath: /var/lib/kolla/config_files/cinder.conf
@@ -54,9 +56,13 @@ spec:
             - mountPath: /var/lib/kolla/config_files/config.json
               name: cinder-etc
               subPath: cinder-scheduler.json
-      serviceAccount: {{ .Values.serviceAccountName}}
-      serviceAccountName: {{ .Values.serviceAccountName}}
+      serviceAccount: {{ .Values.serviceAccountName }}
+      serviceAccountName: {{ .Values.serviceAccountName }}
       volumes:
+        - hostPath:
+            path: /var/log/kolla/cinder
+            type: DirectoryOrCreate
+          name: cinderlog
         - emptyDir: {}
           name: pod-tmp
         - configMap: