/
compute.go
121 lines (108 loc) · 3.85 KB
/
compute.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
package nova
import (
"strconv"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
openstackv1beta1 "github.com/ianunruh/openstack-operator/api/v1beta1"
"github.com/ianunruh/openstack-operator/pkg/template"
)
const (
ComputeComponentLabel = "compute"
)
func ComputeDaemonSet(instance *openstackv1beta1.NovaComputeSet, env []corev1.EnvVar, volumeMounts []corev1.VolumeMount, volumes []corev1.Volume, containerImage string) *appsv1.DaemonSet {
labels := template.Labels(instance.Name, AppLabel, ComputeComponentLabel)
runAsRootUser := int64(0)
privileged := true
rootOnlyRootFilesystem := true
initVolumeMounts := []corev1.VolumeMount{
template.VolumeMount("pod-shared", "/tmp/pod-shared"),
template.BidirectionalVolumeMount("host-var-lib-nova", "/var/lib/nova"),
}
extraVolumeMounts := []corev1.VolumeMount{
template.SubPathVolumeMount("etc-nova", "/etc/nova/nova.conf", "nova.conf"),
template.VolumeMount("pod-tmp", "/tmp"),
template.VolumeMount("pod-shared", "/tmp/pod-shared"),
template.VolumeMount("host-dev", "/dev"),
template.ReadOnlyVolumeMount("host-etc-machine-id", "/etc/machine-id"),
template.ReadOnlyVolumeMount("host-lib-modules", "/lib/modules"),
template.VolumeMount("host-run", "/run"),
template.ReadOnlyVolumeMount("host-sys-fs-cgroup", "/sys/fs/cgroup"),
template.BidirectionalVolumeMount("host-var-lib-libvirt", "/var/lib/libvirt"),
template.BidirectionalVolumeMount("host-var-lib-nova", "/var/lib/nova"),
}
extraVolumes := []corev1.Volume{
template.EmptyDirVolume("pod-tmp"),
template.EmptyDirVolume("pod-shared"),
template.HostPathVolume("host-dev", "/dev"),
template.HostPathVolume("host-etc-machine-id", "/etc/machine-id"),
template.HostPathVolume("host-lib-modules", "/lib/modules"),
template.HostPathVolume("host-run", "/run"),
template.HostPathVolume("host-sys-fs-cgroup", "/sys/fs/cgroup"),
template.HostPathVolume("host-var-lib-libvirt", "/var/lib/libvirt"),
template.HostPathVolume("host-var-lib-nova", "/var/lib/nova"),
}
ds := template.GenericDaemonSet(template.Component{
Namespace: instance.Namespace,
Labels: labels,
NodeSelector: instance.Spec.NodeSelector,
SecurityContext: &corev1.PodSecurityContext{
RunAsUser: &appUID,
},
InitContainers: []corev1.Container{
{
Name: "compute-init",
Image: containerImage,
Command: []string{
"bash",
"-c",
template.MustReadFile(AppLabel, "compute-init.sh"),
},
Env: []corev1.EnvVar{
template.EnvVar("NOVA_USER_UID", strconv.Itoa(int(appUID))),
},
Resources: instance.Spec.Resources,
SecurityContext: &corev1.SecurityContext{
RunAsUser: &runAsRootUser,
Privileged: &privileged,
},
VolumeMounts: initVolumeMounts,
},
},
Containers: []corev1.Container{
{
Name: "compute",
Image: containerImage,
Command: []string{
"nova-compute",
"--config-file=/etc/nova/nova.conf",
"--config-file=/tmp/pod-shared/nova-hypervisor.conf",
},
Env: env,
LivenessProbe: &corev1.Probe{
ProbeHandler: healthProbeHandler("compute", true),
InitialDelaySeconds: 120,
PeriodSeconds: 90,
TimeoutSeconds: 70,
},
StartupProbe: &corev1.Probe{
ProbeHandler: healthProbeHandler("compute", false),
InitialDelaySeconds: 80,
PeriodSeconds: 90,
TimeoutSeconds: 70,
},
Resources: instance.Spec.Resources,
SecurityContext: &corev1.SecurityContext{
Privileged: &privileged,
ReadOnlyRootFilesystem: &rootOnlyRootFilesystem,
},
VolumeMounts: append(volumeMounts, extraVolumeMounts...),
},
},
Volumes: append(volumes, extraVolumes...),
})
ds.Name = template.Combine(instance.Name, "compute")
ds.Spec.Template.Spec.DNSPolicy = corev1.DNSClusterFirstWithHostNet
ds.Spec.Template.Spec.HostNetwork = true
ds.Spec.Template.Spec.HostPID = true
return ds
}