diff --git a/openstack/masakari/Chart.lock b/openstack/masakari/Chart.lock index bb01b72292f..7d70e623fa8 100644 --- a/openstack/masakari/Chart.lock +++ b/openstack/masakari/Chart.lock @@ -1,4 +1,7 @@ dependencies: +- name: mariadb + repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm + version: 0.15.3 - name: rabbitmq repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm version: 0.7.2 @@ -14,5 +17,5 @@ dependencies: - name: linkerd-support repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm version: 1.0.0 -digest: sha256:8b0fc0c4a2031222b1fa58eb4ede43691cebb346385fd4088feaad6832b34516 -generated: "2024-11-25T14:04:10.703690807+01:00" +digest: sha256:addcf2e141f96cc5c3205b67ca798909c8b1621b019b7f6d86607a4885139a19 +generated: "2025-02-07T16:16:40.623851441+01:00" diff --git a/openstack/masakari/Chart.yaml b/openstack/masakari/Chart.yaml index cf12f59c01a..2e534938aab 100644 --- a/openstack/masakari/Chart.yaml +++ b/openstack/masakari/Chart.yaml @@ -4,6 +4,9 @@ name: masakari version: 0.1.0 appVersion: "bobcat" dependencies: + - name: mariadb + repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm + version: 0.15.3 - name: rabbitmq repository: oci://keppel.eu-de-1.cloud.sap/ccloud-helm version: 0.7.2 diff --git a/openstack/masakari/templates/_helpers.tpl b/openstack/masakari/templates/_helpers.tpl index a84cb90032e..665667922a5 100644 --- a/openstack/masakari/templates/_helpers.tpl +++ b/openstack/masakari/templates/_helpers.tpl @@ -1,13 +1,3 @@ -{{- define "job_name" }} - {{- $name := index . 1 }} - {{- with index . 0 }} - {{- $all := list (include "utils.proxysql.job_pod_settings" . ) (include "utils.proxysql.volume_mount" . ) (include "utils.proxysql.container" . ) (include "utils.proxysql.volumes" .) (tuple . (dict) | include "utils.snippets.kubernetes_entrypoint_init_container") (include "utils.trust_bundle.volume_mount" . ) (include "utils.trust_bundle.volumes" .) | join "\n" }} - {{- $hash := empty .Values.proxysql.mode | ternary "" $all | sha256sum }} -{{- .Release.Name }}-{{ $name }}-{{ substr 0 4 $hash }}-{{ .Values.imageVersion | required "Please set .imageVersion or similar"}} - {{- end }} -{{- end }} - - {{- define "db_name" -}} "{{ .Values.mariadb.name }}-mariadb" {{- end }} diff --git a/openstack/masakari/templates/api-deployment.yaml b/openstack/masakari/templates/api-deployment.yaml index 1c5e9e5d1fc..9edc26d023c 100644 --- a/openstack/masakari/templates/api-deployment.yaml +++ b/openstack/masakari/templates/api-deployment.yaml @@ -34,24 +34,19 @@ spec: kubectl.kubernetes.io/default-container: {{ .Chart.Name }}-api configmap-etc-hash: {{ include (print $.Template.BasePath "/etc-configmap.yaml") . | sha256sum }} secrets-hash: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} - {{- if .Values.proxysql.mode }} prometheus.io/scrape: "true" prometheus.io/targets: {{ required ".Values.alerts.prometheus missing" .Values.alerts.prometheus | quote }} - {{- end }} {{- include "utils.linkerd.pod_and_service_annotation" . | indent 8 }} spec: {{ tuple . "masakari" "api" | include "kubernetes_pod_anti_affinity" | indent 6 }} - {{- include "utils.proxysql.pod_settings" . | indent 6 }} initContainers: - name: masakari-init-database image: {{ required ".Values.global.registry is missing" .Values.global.registry}}/loci-masakari:{{.Values.imageVersion | required "Please set .imageVersion or similar" }} command: - - masakari-manage - - db + - masakari-manage + - db - sync volumeMounts: - - name: masakari-database - mountPath: /database - mountPath: /etc/masakari name: masakari-etc - mountPath: /etc/masakari/masakari.conf.d @@ -83,24 +78,16 @@ spec: - name: masakari-api containerPort: {{.Values.masakariApiPortInternal}} volumeMounts: - - name: masakari-database - mountPath: /database - mountPath: /etc/masakari name: masakari-etc - mountPath: /etc/masakari/masakari.conf.d name: masakari-etc-confd - {{- include "utils.proxysql.volume_mount" . | indent 8 }} {{- include "utils.trust_bundle.volume_mount" . | indent 8 }} - {{- include "utils.proxysql.container" . | indent 6 }} volumes: - - name: masakari-database - persistentVolumeClaim: - claimName: masakari-database - name: masakari-etc configMap: name: masakari-etc - name: masakari-etc-confd secret: secretName: masakari-etc - {{- include "utils.proxysql.volumes" . | indent 6 }} {{- include "utils.trust_bundle.volumes" . | indent 6 }} diff --git a/openstack/masakari/templates/api-service.yaml b/openstack/masakari/templates/api-service.yaml index 3639e946b96..6923eb14a8e 100644 --- a/openstack/masakari/templates/api-service.yaml +++ b/openstack/masakari/templates/api-service.yaml @@ -7,6 +7,7 @@ metadata: system: openstack type: api component: {{ .Chart.Name }} + app: {{ template "fullname" . }} annotations: {{- include "utils.linkerd.pod_and_service_annotation" . | indent 4 }} spec: diff --git a/openstack/masakari/templates/configmap-backup.yaml b/openstack/masakari/templates/configmap-backup.yaml deleted file mode 100644 index 6f7168e3d39..00000000000 --- a/openstack/masakari/templates/configmap-backup.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-backup-script - labels: - system: openstack - type: configuration - component: {{ .Release.Name }} -data: - backup.sh: | - #!/bin/bash - set -e - - # Define variables - DB_PATH="${DB_PATH:-/database/masakari.sqlite}" - BACKUP_ROOT_PATH="${BACKUP_PATH:-/backup}" - BACKUP_PATH="$BACKUP_ROOT_PATH/$(date +"%Y%m%d")" - TIMESTAMP=$(date +"%Y%m%d%H%M%S") - BACKUP_FILE="$BACKUP_PATH/database_backup_$TIMESTAMP.db" - COMPRESSED_BACKUP_FILE="$BACKUP_FILE.gz" - - # Function to handle errors - error_exit() { - echo "$1" 1>&2 - exit 1 - } - - echo "Clear the backup directory" - rm -rf "$BACKUP_ROOT_PATH"/* || error_exit "Failed to clear backup directory: $BACKUP_ROOT_PATH" - - echo "Create a backup" - mkdir -p "$BACKUP_PATH" || error_exit "Failed to create backup directory: $BACKUP_PATH" - sqlite3 "$DB_PATH" ".backup '$BACKUP_FILE'" || error_exit "Failed to create database backup: $BACKUP_FILE" - masakari-engine --version > "$BACKUP_PATH/masakari-engine-version.txt" || error_exit "Failed to get masakari-engine version" - - echo "Compress the backup" - gzip "$BACKUP_FILE" || error_exit "Failed to compress backup file: $BACKUP_FILE" - - echo "Verify if backup exists and is not empty" - if [ -s "$COMPRESSED_BACKUP_FILE" ]; then - echo "Backup successful: $COMPRESSED_BACKUP_FILE" - else - error_exit "Backup failed: Compressed backup file not created or is empty." - fi diff --git a/openstack/masakari/templates/configmap-upload.yaml b/openstack/masakari/templates/configmap-upload.yaml deleted file mode 100644 index d69d8c6438b..00000000000 --- a/openstack/masakari/templates/configmap-upload.yaml +++ /dev/null @@ -1,28 +0,0 @@ -# ConfigMap which handles upload to Swift Obeject storage -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-upload-script - labels: - system: openstack - type: configuration - component: {{ .Release.Name }} -data: - upload.sh: | - #!/bin/bash - # Define BackupPath - BACKUP_PATH="${BACKUP_PATH:-/backup}" - OBJECT_NAME="${OBJECT_NAME:-masakari}" - EXPIRATION_TIME="${EXPIRATION_TIME:-5260032}" - echo "List Expiration Time: $EXPIRATION_TIME" - MASAKARI_ENGINE_VERSION=$(cat "$BACKUP_PATH/$(date +"%Y%m%d")/masakari-engine-version.txt") - echo "Masakari-Engine-Version: $MASAKARI_ENGINE_VERSION" - # Upload the backup to Swift if path is not empty - if [ -n "$(ls -A "$BACKUP_PATH")" ]; then - swift upload --object-name "$OBJECT_NAME" db_backup "$BACKUP_PATH" \ - -m "Masakari-Engine-Version:$MASAKARI_ENGINE_VERSION" \ - -H "X-Delete-After":$EXPIRATION_TIME - else - echo "No files to upload in $BACKUP_PATH" - exit 1 - fi diff --git a/openstack/masakari/templates/cronjob-backup.yml b/openstack/masakari/templates/cronjob-backup.yml deleted file mode 100644 index 1f75351d049..00000000000 --- a/openstack/masakari/templates/cronjob-backup.yml +++ /dev/null @@ -1,84 +0,0 @@ -apiVersion: batch/v1 -kind: CronJob -metadata: - name: {{ .Release.Name }}-backup - labels: - system: openstack - type: api - component: {{ .Chart.Name }} -spec: - schedule: "0 2 * * *" # Runs every day at 2 AM - jobTemplate: - spec: - template: - spec: - initContainers: - - name: {{ .Chart.Name }}-backup - image: {{ required ".Values.global.registry is missing" .Values.global.registry}}/loci-masakari:{{.Values.imageVersion | required "Please set .imageVersion or similar" }} - imagePullPolicy: IfNotPresent - env: - - name: DB_PATH - value: "/database/masakari.sqlite" - - name: BACKUP_PATH - value: "/backup" - volumeMounts: - - name: masakari-database - mountPath: /database - - name: masakari-backup - mountPath: /backup - - name: backup-script - mountPath: /script - command: ["/bin/bash", "-c", "/script/backup.sh"] - containers: - - name: {{ .Chart.Name }}-upload-backup - image: "keppel.eu-de-1.cloud.sap/ccloud/swift:2023.1-latest" - imagePullPolicy: IfNotPresent - env: - - name: BACKUP_PATH - value: "/backup" - - name: "OBJECT_NAME" - value: "{{.Values.global.region}}/masakari" - - name: OS_AUTH_URL - value: "https://identity-3.{{.Values.global.region}}.cloud.sap/v3" - - name: OS_REGION_NAME - value: "{{.Values.global.region}}" - - name: OS_PROJECT_NAME - value: "{{ .Values.backup.OS_PROJECT_NAME }}" - - name: OS_PROJECT_DOMAIN_NAME - value: "{{ .Values.backup.OS_PROJECT_DOMAIN_NAME }}" - - name: OS_USER_DOMAIN_NAME - value: "{{ .Values.backup.OS_USER_DOMAIN_NAME }}" - - name: OS_USERNAME - value: "{{ .Values.backup.OS_USERNAME }}" - - name: OS_PASSWORD - valueFrom: - secretKeyRef: - name: {{ .Release.Name }}-etc - key: db_password - - name: EXPIRATION_TIME - value: "{{ .Values.backup.EXPIRATION_TIME }}" - volumeMounts: - - name: upload-script - mountPath: /script - - name: masakari-backup - mountPath: /backup - command: ["/bin/bash", "-c", "/script/upload.sh"] - restartPolicy: OnFailure - volumes: - - name: backup-script - configMap: - name: {{ .Release.Name }}-backup-script - defaultMode: 0744 - - name: upload-script - configMap: - name: {{ .Release.Name }}-upload-script - defaultMode: 0744 - - name: masakari-database - persistentVolumeClaim: - claimName: masakari-database - - name: masakari-backup - persistentVolumeClaim: - claimName: masakari-backup - - name: masakari-etc-confd - secret: - secretName: masakari-etc diff --git a/openstack/masakari/templates/database-pvc.yaml b/openstack/masakari/templates/database-pvc.yaml deleted file mode 100644 index b88ec7713c1..00000000000 --- a/openstack/masakari/templates/database-pvc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: masakari-database -spec: - storageClassName: - accessModes: - - ReadWriteMany - volumeMode: Filesystem - resources: - requests: - storage: {{ .Values.sqlite.pvc_size }} diff --git a/openstack/masakari/templates/db-migrate-job.yaml b/openstack/masakari/templates/db-migrate-job.yaml new file mode 100644 index 00000000000..2cfe0e4dd07 --- /dev/null +++ b/openstack/masakari/templates/db-migrate-job.yaml @@ -0,0 +1,65 @@ +apiVersion: batch/v1 +kind: Job +metadata: + # since this name changes with every image change, removal and creation of + # this Job happens on nearly every deployment. Check the helm-chart changes + # to see if this needs more review. + name: {{ .Release.Name }}-db-migrate-{{ .Values.imageVersion | required "Please set .imageVersion or similar" }} + labels: + system: openstack + type: configuration + component: {{ .Chart.Name }} +spec: + template: + metadata: + labels: + alert-tier: os + alert-service: {{ .Chart.Name }} +{{ tuple . .Release.Name "db-migrate" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: + {{- include "utils.linkerd.pod_and_service_annotation" . | indent 8 }} + spec: + restartPolicy: OnFailure + initContainers: + {{- tuple . (dict "service" (include "db_name" .)) | include "utils.snippets.kubernetes_entrypoint_init_container" | indent 6 }} + containers: + - name: db-migrate + image: {{ required ".Values.global.registry is missing" .Values.global.registry}}/loci-masakari:{{.Values.imageVersion | required "Please set .imageVersion or similar" }} + imagePullPolicy: IfNotPresent +{{ toYaml .Values.securityContext | indent 8 }} + command: + - dumb-init + - bash + - -c + - | + set -euo pipefail + if which masakari-manage; then + masakari-manage db sync + else + sleep 5 + fi + {{- include "utils.script.job_finished_hook" . | nindent 10 }} + env: + {{- if .Values.sentry.enabled }} + - name: SENTRY_DSN + valueFrom: + secretKeyRef: + name: sentry + key: {{ .Chart.Name }}.DSN.python + {{- end }} + - name: PYTHONWARNINGS + value: {{ .Values.python_warnings | quote }} + volumeMounts: + - mountPath: /etc/masakari + name: masakari-etc + - mountPath: /etc/masakari/masakari.conf.d + name: masakari-etc-confd + {{- include "utils.trust_bundle.volume_mount" . | indent 8 }} + volumes: + - name: masakari-etc + configMap: + name: masakari-etc + - name: masakari-etc-confd + secret: + secretName: masakari-etc + {{- include "utils.trust_bundle.volumes" . | indent 6 }} diff --git a/openstack/masakari/templates/engine-deployment.yaml b/openstack/masakari/templates/engine-deployment.yaml index cabff74c8a8..1be45d6ede0 100644 --- a/openstack/masakari/templates/engine-deployment.yaml +++ b/openstack/masakari/templates/engine-deployment.yaml @@ -34,14 +34,11 @@ spec: kubectl.kubernetes.io/default-container: {{ .Chart.Name }}-engine configmap-etc-hash: {{ include (print $.Template.BasePath "/etc-configmap.yaml") . | sha256sum }} secrets-hash: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} - {{- if .Values.proxysql.mode }} prometheus.io/scrape: "true" prometheus.io/targets: {{ required ".Values.alerts.prometheus missing" .Values.alerts.prometheus | quote }} - {{- end }} {{- include "utils.linkerd.pod_and_service_annotation" . | indent 8 }} spec: {{ tuple . "masakari" "engine" | include "kubernetes_pod_anti_affinity" | indent 6 }} - {{- include "utils.proxysql.pod_settings" . | indent 6 }} containers: - name: {{ .Chart.Name }}-engine image: {{ required ".Values.global.registry is missing" .Values.global.registry}}/loci-masakari:{{.Values.imageVersion | required "Please set .imageVersion or similar" }} @@ -82,22 +79,16 @@ spec: resources: {{ toYaml .Values.pod.resources.masakari | indent 10 }} volumeMounts: - - name: masakari-database - mountPath: /database - mountPath: /etc/masakari name: masakari-etc - mountPath: /etc/masakari/masakari.conf.d name: masakari-etc-confd {{- include "utils.trust_bundle.volume_mount" . | indent 8 }} volumes: - - name: masakari-database - persistentVolumeClaim: - claimName: masakari-database - name: masakari-etc configMap: name: masakari-etc - name: masakari-etc-confd secret: secretName: masakari-etc - {{- include "utils.proxysql.volumes" . | indent 6 }} {{- include "utils.trust_bundle.volumes" . | indent 6 }} diff --git a/openstack/masakari/templates/etc/_secrets.conf.tpl b/openstack/masakari/templates/etc/_secrets.conf.tpl index c81f62ba554..088d0324b3e 100644 --- a/openstack/masakari/templates/etc/_secrets.conf.tpl +++ b/openstack/masakari/templates/etc/_secrets.conf.tpl @@ -2,11 +2,11 @@ {{- include "ini_sections.default_transport_url" . }} [database] -connection = {{ .Values.sqlite.connection }} +connection = {{ tuple . .Values.mariadb.name .Values.mariadb.users.masakari.name .Values.mariadb.users.masakari.password | include "db_url_mysql" }} [keystone_authtoken] username = masakari password = {{ .Values.global.masakari_service_password }} [taskflow] -connection = {{ .Values.sqlite.connection }} +connection = {{ tuple . .Values.mariadb.name .Values.mariadb.users.masakari.name .Values.mariadb.users.masakari.password | include "db_url_mysql" }} diff --git a/openstack/masakari/templates/etc/_uwsgi.ini.tpl b/openstack/masakari/templates/etc/_uwsgi.ini.tpl index 76934a84e73..ae10203114b 100644 --- a/openstack/masakari/templates/etc/_uwsgi.ini.tpl +++ b/openstack/masakari/templates/etc/_uwsgi.ini.tpl @@ -16,4 +16,3 @@ master = true memory-report = true processes = {{ .Values.uwsgi.processes }} wsgi-file = {{ .Values.uwsgi.wsgi_file }} - diff --git a/openstack/masakari/templates/ingress.yaml b/openstack/masakari/templates/ingress.yaml index e8191814879..acc1aa7c5bb 100644 --- a/openstack/masakari/templates/ingress.yaml +++ b/openstack/masakari/templates/ingress.yaml @@ -39,4 +39,4 @@ spec: service: name: {{ .Release.Name }}-monitoring port: - number: {{ .Values.monitoringPort }} \ No newline at end of file + number: {{ .Values.monitoringPort }} diff --git a/openstack/masakari/templates/monitoring-deployment.yaml b/openstack/masakari/templates/monitoring-deployment.yaml index c90b9e52aef..64cb4652bc6 100644 --- a/openstack/masakari/templates/monitoring-deployment.yaml +++ b/openstack/masakari/templates/monitoring-deployment.yaml @@ -34,14 +34,11 @@ spec: kubectl.kubernetes.io/default-container: {{ .Chart.Name }}-monitoring configmap-etc-hash: {{ include (print $.Template.BasePath "/etc-configmap.yaml") . | sha256sum }} secrets-hash: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} - {{- if .Values.proxysql.mode }} prometheus.io/scrape: "true" prometheus.io/targets: {{ required ".Values.alerts.prometheus missing" .Values.alerts.prometheus | quote }} - {{- end }} {{- include "utils.linkerd.pod_and_service_annotation" . | indent 8 }} spec: {{ tuple . "masakari" "monitoring" | include "kubernetes_pod_anti_affinity" | indent 6 }} - {{- include "utils.proxysql.pod_settings" . | indent 6 }} containers: - name: {{ .Chart.Name }}-monitoring image: {{ required ".Values.global.registry is missing" .Values.global.registry}}/masakari-monitoring:latest diff --git a/openstack/masakari/templates/proxysql-secret.yaml b/openstack/masakari/templates/proxysql-secret.yaml deleted file mode 100644 index 97af6ffa73a..00000000000 --- a/openstack/masakari/templates/proxysql-secret.yaml +++ /dev/null @@ -1 +0,0 @@ -{{ include "proxysql_secret" . }} diff --git a/openstack/masakari/templates/pvc-backup.yml b/openstack/masakari/templates/pvc-backup.yml deleted file mode 100644 index 6b6cfdbfd44..00000000000 --- a/openstack/masakari/templates/pvc-backup.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: masakari-backup -spec: - storageClassName: - accessModes: - - ReadWriteMany - volumeMode: Filesystem - resources: - requests: - storage: {{ .Values.sqlite.pvc_size }} diff --git a/openstack/masakari/templates/secrets.yaml b/openstack/masakari/templates/secrets.yaml index 6bff80f52fc..c568333e1bc 100644 --- a/openstack/masakari/templates/secrets.yaml +++ b/openstack/masakari/templates/secrets.yaml @@ -16,4 +16,4 @@ stringData: slack_token: vault+kvv2:///secrets/global/masakari/slack/token host_down_username: hwconsole host_down_password: vault+kvv2:///secrets/shared/ironic/remoteboard-user/hwconsole/password - db_password: vault+kvv2:///secrets/{{ .Values.global.region }}/shared/keystone-user/db-backup/password +# db_password: vault+kvv2:///secrets/{{ .Values.global.region }}/shared/keystone-user/db-backup/password diff --git a/openstack/masakari/values.yaml b/openstack/masakari/values.yaml index dd2bad4fcaf..c285e233120 100644 --- a/openstack/masakari/values.yaml +++ b/openstack/masakari/values.yaml @@ -49,9 +49,6 @@ readinessProbe: use_tls_acme: true -#proxysql: -# mode: "" - masakariApiPortAdmin: '8778' masakariApiPortInternal: '8778' masakariApiPortPublic: '443' @@ -91,9 +88,10 @@ uwsgi: max_pool_size: 10 max_overflow: 5 -sqlite: - connection: sqlite:///database/masakari.sqlite - pvc_size: "50Gi" +# Removing in favour of MariaDB +#sqlite: +# connection: sqlite:///database/masakari.sqlite +# pvc_size: "50Gi" mariadb: enabled: true @@ -114,6 +112,7 @@ mariadb: name: db-masakari-pvclaim enabled: true autoprovision: true + size: "50Gi" livenessProbe: enabled: false readinessProbe: @@ -122,6 +121,22 @@ mariadb: requests: cpu: "600m" memory: "1Gi" +# backup_v2: +# enabled: false +# backup_dir: "/backup" +# full_backup_cron_schedule: "0 2 * * *" +# incremental_backup_in_minutes: 5 +# purge_binlog_after_minutes: 60 +# enable_init_restore: false +# verification: +# enabled: false +# run_after_inc_backups: 12 +# swift: +# user_name: db_backup +# user_domain_name: Default +# project_name: master +# project_domain_name: ccadmin +# auth_version: 3 memcached: alerts: @@ -171,13 +186,6 @@ utils: trust_bundle: enabled: true -backup: - OS_PROJECT_NAME: "master" - OS_PROJECT_DOMAIN_NAME: "ccadmin" - OS_USER_DOMAIN_NAME: "Default" - OS_USERNAME: "db_backup" - EXPIRATION_TIME: "5260032" - owner-info: support-group: compute-storage-api service: masakari