From d931f5f5497b5a8d5a4248e37a49d31732138895 Mon Sep 17 00:00:00 2001 From: haseeb <184114777+haseebsyed12@users.noreply.github.com> Date: Tue, 14 Jan 2025 15:21:40 +0530 Subject: [PATCH 1/2] PUC-529: event config for neutron deployment --- .../eventsource-openstack-neutron.yaml | 22 +++ .../sensors/sensor-neutron-deployment.yaml | 153 ++++++++++++++++++ .../serviceaccount-openstack-events.yaml | 39 +++++ 3 files changed, 214 insertions(+) create mode 100644 workflows/openstack/eventsources/eventsource-openstack-neutron.yaml create mode 100644 workflows/openstack/sensors/sensor-neutron-deployment.yaml create mode 100644 workflows/openstack/serviceaccounts/serviceaccount-openstack-events.yaml diff --git a/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml b/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml new file mode 100644 index 000000000..a4c37a7c4 --- /dev/null +++ b/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: EventSource +metadata: + name: openstack-neutron + namespace: openstack +spec: + template: + serviceAccountName: openstack-events + resource: + neutron-deployment: + namespace: openstack + resource: deployments + group: apps + version: v1 + eventTypes: + - ADD + filter: + labels: + - key: application + value: neutron + - key: component + value: server diff --git a/workflows/openstack/sensors/sensor-neutron-deployment.yaml b/workflows/openstack/sensors/sensor-neutron-deployment.yaml new file mode 100644 index 000000000..8ed94d540 --- /dev/null +++ b/workflows/openstack/sensors/sensor-neutron-deployment.yaml @@ -0,0 +1,153 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Sensor +metadata: + name: neutron-deployment + namespace: openstack +spec: + template: + serviceAccountName: openstack-events + dependencies: + - eventName: neutron-deployment + eventSourceName: openstack-neutron + name: openstack-neutron-server-deployment + triggers: + - template: + name: create-provisioning-network + k8s: + operation: create + source: + resource: + apiVersion: batch/v1 + kind: Job + metadata: + generateName: create-provision-network + spec: + template: + spec: + containers: + - name: create-network + image: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy + command: + - /bin/bash + - '-c' + - >- + openstack network create --description "${PROVISIONING_NETWORK_DESCRIPTION}" \ + --no-share --provider-network-type "${PROVISIONING_NETWORK_TYPE}" \ + --provider-physical-network "${PROVISIONING_PHYSICAL_NETWORK}" \ + --tag "${PROVISIONING_NETWORK_TAGS}" \ + "${PROVISIONING_NETWORK_NAME}" + env: + - name: OS_IDENTITY_API_VERSION + value: '3' + - name: OS_AUTH_URL + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_AUTH_URL + - name: OS_REGION_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_REGION_NAME + - name: OS_INTERFACE + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_INTERFACE + - name: OS_ENDPOINT_TYPE + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_INTERFACE + - name: OS_PROJECT_DOMAIN_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_PROJECT_DOMAIN_NAME + - name: OS_PROJECT_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_PROJECT_NAME + - name: OS_USER_DOMAIN_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_USER_DOMAIN_NAME + - name: OS_USERNAME + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_USERNAME + - name: OS_PASSWORD + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_PASSWORD + - name: OS_DEFAULT_DOMAIN + valueFrom: + secretKeyRef: + name: neutron-keystone-admin + key: OS_DEFAULT_DOMAIN + - name: SERVICE_OS_SERVICE_NAME + value: neutron + - name: SERVICE_OS_REGION_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_REGION_NAME + - name: SERVICE_OS_PROJECT_DOMAIN_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_PROJECT_DOMAIN_NAME + - name: SERVICE_OS_PROJECT_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_PROJECT_NAME + - name: SERVICE_OS_USER_DOMAIN_NAME + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_USER_DOMAIN_NAME + - name: SERVICE_OS_USERNAME + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_USERNAME + - name: SERVICE_OS_PASSWORD + valueFrom: + secretKeyRef: + name: neutron-keystone-user + key: OS_PASSWORD + - name: SERVICE_OS_ROLES + value: admin,service + - name: PROVISIONING_NETWORK_NAME + valueFrom: + configMapKeyRef: + name: provisioning-network-config + key: network_name + - name: PROVISIONING_NETWORK_TYPE + valueFrom: + configMapKeyRef: + name: provisioning-network-config + key: network_type + - name: PROVISIONING_PHYSICAL_NETWORK + valueFrom: + configMapKeyRef: + name: provisioning-network-config + key: physical_network + - name: PROVISIONING_NETWORK_TAGS + valueFrom: + configMapKeyRef: + name: provisioning-network-config + key: tags + - name: PROVISIONING_NETWORK_DESCRIPTION + valueFrom: + configMapKeyRef: + name: provisioning-network-config + key: description + imagePullPolicy: IfNotPresent + restartPolicy: OnFailure diff --git a/workflows/openstack/serviceaccounts/serviceaccount-openstack-events.yaml b/workflows/openstack/serviceaccounts/serviceaccount-openstack-events.yaml new file mode 100644 index 000000000..293c4bee7 --- /dev/null +++ b/workflows/openstack/serviceaccounts/serviceaccount-openstack-events.yaml @@ -0,0 +1,39 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + namespace: openstack + name: openstack-events + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + namespace: openstack + name: openstack-events-role +rules: + - apiGroups: + - "" + - apps + - batch + resources: + - pods + - deployments + - jobs + verbs: + - '*' + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + namespace: openstack + name: openstack-events-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: openstack-events-role +subjects: + - kind: ServiceAccount + name: openstack-events + namespace: openstack From c9655abd14a207f0c2c4d2fa3b19c7988efeafc5 Mon Sep 17 00:00:00 2001 From: haseeb <184114777+haseebsyed12@users.noreply.github.com> Date: Wed, 15 Jan 2025 20:14:18 +0530 Subject: [PATCH 2/2] adding comments --- .../eventsource-openstack-neutron.yaml | 4 + .../sensors/sensor-neutron-deployment.yaml | 92 +------------------ 2 files changed, 8 insertions(+), 88 deletions(-) diff --git a/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml b/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml index a4c37a7c4..70ab2f5d2 100644 --- a/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml +++ b/workflows/openstack/eventsources/eventsource-openstack-neutron.yaml @@ -6,15 +6,19 @@ metadata: spec: template: serviceAccountName: openstack-events + # Kubernetes resource event sources resource: neutron-deployment: + # monitor deployment resources under openstack namespace namespace: openstack resource: deployments group: apps version: v1 + # Event types to listen for (e.g., ADD, UPDATE, DELETE). Here we want only when deployment is created. eventTypes: - ADD filter: + # filter based these labels to match neutron-server deployment labels: - key: application value: neutron diff --git a/workflows/openstack/sensors/sensor-neutron-deployment.yaml b/workflows/openstack/sensors/sensor-neutron-deployment.yaml index 8ed94d540..026567396 100644 --- a/workflows/openstack/sensors/sensor-neutron-deployment.yaml +++ b/workflows/openstack/sensors/sensor-neutron-deployment.yaml @@ -7,10 +7,12 @@ metadata: spec: template: serviceAccountName: openstack-events + # events the Sensor listens for dependencies: - eventName: neutron-deployment eventSourceName: openstack-neutron name: openstack-neutron-server-deployment + # actions executed when dependencies are satisfied (StandardK8STrigger designed to create or update a generic Kubernetes resource.) triggers: - template: name: create-provisioning-network @@ -19,7 +21,7 @@ spec: source: resource: apiVersion: batch/v1 - kind: Job + kind: Job # Resource type to be created metadata: generateName: create-provision-network spec: @@ -27,7 +29,7 @@ spec: spec: containers: - name: create-network - image: docker.io/openstackhelm/heat:2024.1-ubuntu_jammy + image: docker.io/openstackhelm/openstack-client:2024.2 command: - /bin/bash - '-c' @@ -38,92 +40,6 @@ spec: --tag "${PROVISIONING_NETWORK_TAGS}" \ "${PROVISIONING_NETWORK_NAME}" env: - - name: OS_IDENTITY_API_VERSION - value: '3' - - name: OS_AUTH_URL - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_AUTH_URL - - name: OS_REGION_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_REGION_NAME - - name: OS_INTERFACE - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_INTERFACE - - name: OS_ENDPOINT_TYPE - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_INTERFACE - - name: OS_PROJECT_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_PROJECT_DOMAIN_NAME - - name: OS_PROJECT_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_PROJECT_NAME - - name: OS_USER_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_USER_DOMAIN_NAME - - name: OS_USERNAME - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_USERNAME - - name: OS_PASSWORD - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_PASSWORD - - name: OS_DEFAULT_DOMAIN - valueFrom: - secretKeyRef: - name: neutron-keystone-admin - key: OS_DEFAULT_DOMAIN - - name: SERVICE_OS_SERVICE_NAME - value: neutron - - name: SERVICE_OS_REGION_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_REGION_NAME - - name: SERVICE_OS_PROJECT_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_PROJECT_DOMAIN_NAME - - name: SERVICE_OS_PROJECT_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_PROJECT_NAME - - name: SERVICE_OS_USER_DOMAIN_NAME - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_USER_DOMAIN_NAME - - name: SERVICE_OS_USERNAME - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_USERNAME - - name: SERVICE_OS_PASSWORD - valueFrom: - secretKeyRef: - name: neutron-keystone-user - key: OS_PASSWORD - - name: SERVICE_OS_ROLES - value: admin,service - name: PROVISIONING_NETWORK_NAME valueFrom: configMapKeyRef: