Bring in PowerDNS chart

Also bring in endpoint_token_lookup function to get service token from endpoints schema. Change-Id: Iffa68d8b2c70799a2013b99d15c9fd55e858babb
hossein-alit · Sep 11, 2019 · f2d32c8 · f2d32c8
1 parent 010fc1f
commit f2d32c8
Show file tree

Hide file tree

Showing 15 changed files with 693 additions and 0 deletions.
diff --git a/helm-toolkit/templates/endpoints/_endpoint_token_lookup.tpl b/helm-toolkit/templates/endpoints/_endpoint_token_lookup.tpl
@@ -0,0 +1,38 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{/*
+abstract: |
+ Gets the token for an endpoint
+values: |
+ endpoints:
+ keystone:
+ auth:
+ admin:
+ token: zh78JzXgw6YUKy2e
+usage: |
+ {{ tuple "keystone" "admin" . | include "helm-toolkit.endpoints.endpoint_token_lookup" }}
+return: |
+ zh78JzXgw6YUKy2e
+*/}}
+
+{{- define "helm-toolkit.endpoints.endpoint_token_lookup" -}}
+{{- $type := index . 0 -}}
+{{- $userName := index . 1 -}}
+{{- $context := index . 2 -}}
+{{- $serviceToken := index $context.Values.endpoints ( $type | replace "-" "_" ) "auth" $userName "token" }}
+{{- printf "%s" $serviceToken -}}
+{{- end -}}
diff --git a/powerdns/Chart.yaml b/powerdns/Chart.yaml
@@ -0,0 +1,21 @@
+# Copyright 2019 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http:https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: OpenStack-Helm PowerDNS
+name: powerdns
+version: 0.1.0
+home: https://www.powerdns.com/
+maintainers:
+ - name: OpenStack-Helm Authors
diff --git a/powerdns/requirements.yaml b/powerdns/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright 2019 The Openstack-Helm Authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http:https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: helm-toolkit
+ repository: http:https://localhost:8879/charts
+ version: 0.1.0
diff --git a/powerdns/templates/bin/_powerdns-mysql-sync.sh.tpl b/powerdns/templates/bin/_powerdns-mysql-sync.sh.tpl
@@ -0,0 +1,24 @@
+#!/bin/sh
+
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -ex
+
+MYSQLCMD='mysql -r -N'
+if [ $(echo 'show tables' | $MYSQLCMD | wc -c) -eq 0 ]; then
+ $MYSQLCMD < /etc/pdns/schema.sql
+fi
diff --git a/powerdns/templates/configmap-bin.yaml b/powerdns/templates/configmap-bin.yaml
@@ -0,0 +1,33 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.configmap_bin }}
+{{- $envAll := . }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: powerdns-bin
+data:
+{{- if .Values.images.local_registry.active }}
+ image-repo-sync.sh: |
+{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }}
+{{- end }}
+ db-init.py: |
+{{- include "helm-toolkit.scripts.db_init" . | indent 4 }}
+ powerdns-mysql-sync.sh: |
+{{ tuple "bin/_powerdns-mysql-sync.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }}
+{{- end }}
diff --git a/powerdns/templates/configmap-etc.yaml b/powerdns/templates/configmap-etc.yaml
@@ -0,0 +1,58 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- define "powerdns.configmap.etc" -}}
+{{- range $key, $value := . }}
+{{ $key | replace "_" "-" }} = {{ $value }}
+{{- end }}
+{{- end -}}
+
+{{- if .Values.manifests.configmap_etc }}
+{{- $mysql := .Values.conf.mysql.client }}
+
+{{- if empty $mysql.host -}}
+{{- $_ := tuple "oslo_db" "internal" . | include "helm-toolkit.endpoints.endpoint_host_lookup" | set $mysql "host" -}}
+{{- $_ := $mysql.host | set .Values.conf.powerdns "gmysql_host" -}}
+{{- end -}}
+
+{{- if empty $mysql.port -}}
+{{- $_ := tuple "oslo_db" "internal" "mysql" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set $mysql "port" -}}
+{{- $_ := $mysql.port | set .Values.conf.powerdns "gmysql_port" -}}
+{{- end -}}
+
+{{- if empty $mysql.user -}}
+{{- $_ := .Values.endpoints.oslo_db.auth.powerdns.username | set $mysql "user" -}}
+{{- $_ := $mysql.user | set .Values.conf.powerdns "gmysql_user" -}}
+{{- end -}}
+
+{{- if empty $mysql.password -}}
+{{- $_ := .Values.endpoints.oslo_db.auth.powerdns.password | set $mysql "password" -}}
+{{- $_ := $mysql.password | set .Values.conf.powerdns "gmysql_password" -}}
+{{- end -}}
+
+{{- if empty .Values.conf.powerdns.api_key -}}
+{{- $_ := tuple "powerdns" "service" . | include "helm-toolkit.endpoints.endpoint_token_lookup" | set .Values.conf.powerdns "api_key" -}}
+{{- end -}}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: powerdns-etc
+type: Opaque
+data:
+ pdns.conf: {{ include "powerdns.configmap.etc" .Values.conf.powerdns | b64enc }}
+ my.cnf: {{ include "helm-toolkit.utils.to_ini" .Values.conf.mysql | b64enc }}
+{{- end }}
diff --git a/powerdns/templates/deployment.yaml b/powerdns/templates/deployment.yaml
@@ -0,0 +1,79 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.deployment }}
+{{- $envAll := . }}
+
+{{- $serviceAccountName := "powerdns" }}
+{{ tuple $envAll "powerdns" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: powerdns
+ annotations:
+ {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
+ labels:
+{{ tuple $envAll "powerdns" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
+spec:
+ replicas: {{ .Values.pod.replicas.server }}
+ selector:
+ matchLabels:
+{{ tuple $envAll "powerdns" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
+{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
+ template:
+ metadata:
+ labels:
+{{ tuple $envAll "powerdns" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+ annotations:
+{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
+ configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
+ spec:
+ serviceAccountName: {{ $serviceAccountName }}
+ affinity:
+{{ tuple $envAll "powerdns" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
+ nodeSelector:
+ {{ .Values.labels.powerdns.node_selector_key }}: {{ .Values.labels.powerdns.node_selector_value | quote }}
+ initContainers:
+{{ tuple $envAll "powerdns" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ containers:
+ - name: powerdns
+{{ tuple $envAll "powerdns" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+ command:
+ - pdns_server
+ ports:
+ - containerPort: {{ tuple "powerdns" "internal" "powerdns" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ name: pdns-udp
+ protocol: UDP
+ - containerPort: {{ tuple "powerdns" "internal" "powerdns_tcp" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ name: pdns-tcp
+ - containerPort: {{ tuple "powerdns" "internal" "powerdns_api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ name: pdns-api
+ readinessProbe:
+ tcpSocket:
+ port: {{ tuple "powerdns" "internal" "powerdns_tcp" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
+ volumeMounts:
+ - name: powerdns-etc
+ mountPath: /etc/pdns/conf.d/pdns.conf
+ subPath: pdns.conf
+ readOnly: true
+ volumes:
+ - name: powerdns-etc
+ secret:
+ secretName: powerdns-etc
+ defaultMode: 0444
+{{- end }}
diff --git a/powerdns/templates/job-db-init.yaml b/powerdns/templates/job-db-init.yaml
@@ -0,0 +1,23 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.job_db_init }}
+
+{{- $dbToInit := dict "inputType" "secret" "adminSecret" .Values.secrets.oslo_db.admin "userSecret" .Values.secrets.oslo_db.powerdns -}}
+{{- $dbInitJob := dict "envAll" . "serviceName" "powerdns" "dbToInit" $dbToInit -}}
+{{ $dbInitJob | include "helm-toolkit.manifests.job_db_init_mysql" }}
+
+{{- end }}
diff --git a/powerdns/templates/job-db-sync.yaml b/powerdns/templates/job-db-sync.yaml
@@ -0,0 +1,64 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.job_db_sync }}
+{{- $envAll := . }}
+
+
+{{- $serviceAccountName := "powerdns-db-sync" }}
+{{ tuple $envAll "db_sync" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ $serviceAccountName }}
+spec:
+ template:
+ metadata:
+ labels:
+{{ tuple $envAll "powerdns" "db-sync" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
+ spec:
+ serviceAccountName: {{ $serviceAccountName }}
+ restartPolicy: OnFailure
+ nodeSelector:
+ {{ .Values.labels.job.node_selector_key }}: {{ .Values.labels.job.node_selector_value }}
+ initContainers:
+{{ tuple $envAll "db_sync" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
+ containers:
+ - name: powerdns-db-sync
+{{ tuple $envAll "db_sync" | include "helm-toolkit.snippets.image" | indent 10 }}
+{{ tuple $envAll $envAll.Values.pod.resources.jobs.db_sync | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
+ command:
+ - /tmp/powerdns-mysql-sync.sh
+ volumeMounts:
+ - name: powerdns-bin
+ mountPath: /tmp/powerdns-mysql-sync.sh
+ subPath: powerdns-mysql-sync.sh
+ readOnly: true
+ - name: powerdns-etc
+ mountPath: /etc/mysql/my.cnf
+ subPath: my.cnf
+ readOnly: true
+ volumes:
+ - name: powerdns-bin
+ configMap:
+ name: powerdns-bin
+ defaultMode: 0555
+ - name: powerdns-etc
+ secret:
+ secretName: powerdns-etc
+ defaultMode: 0444
+{{- end }}
diff --git a/powerdns/templates/job-image-repo-sync.yaml b/powerdns/templates/job-image-repo-sync.yaml
@@ -0,0 +1,20 @@
+{{/*
+Copyright 2019 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http:https://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }}
+{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "powerdns" -}}
+{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }}
+{{- end }}