天地一扁舟

kubernetes -- helm charts 开发: 7、 helm charts开发调试

1 编写helm charts

2 charts语法检查

执行命令:
helm lint
注意:
请将替换为自己的chart名称

样例如下:
helm lint gnocchi
输出结果:
==> Linting gnocchi
[INFO] Chart.yaml: icon is recommended

1 chart(s) linted, no failures

3 charts调试命令

执行命令:
helm install --dry-run --debug --namespace

注意:
请将替换为自己的chart名称
请将替换为自己的chart所在的命名空间

样例如下:
helm install --dry-run --debug gnocchi --namespace openstack

如果发生错误，或者输出结果和自己预想的不一样，就继续调试charts，知道输出结果和
预期结果一致。
输出结果示例如下:
[root@node-1 ark]# helm install --dry-run --debug gnocchi -n openstack
[debug] Created tunnel using local port: '38104'

[debug] SERVER: "127.0.0.1:38104"

[debug] Original chart version: ""
[debug] CHART PATH: /root/ark/gnocchi

NAME: openstack
REVISION: 1
RELEASED: Sat Jan 26 09:30:07 2019
CHART: gnocchi-5.0.1
USER-SUPPLIED VALUES:
{}

COMPUTED VALUES:
conf:
ceph:
admin_keyring: null
append: null
monitors: []
override: null
gnocchi:
DEFAULT:
debug: false
api:
auth_mode: keystone
max_limit: 100000
port: 8041
archive_policy:
default_aggregation_methods: mean,min,max
database:
max_retries: -1
incoming:
driver: redis
redis_url: null
indexer:
driver: mysql
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_secret_key: secret
memcache_security_strategy: ENCRYPT
metricd:
workers: 16
statsd:
port: 8125
project_id: 0712a464-ad34-4780-a1e8-c8f1d71b57a9
resource_id: 6ad0aea2-5f16-4621-b7ee-69e391acb6ea
user_id: 47408a08-d20e-40bc-a3a3-9582942ed3a2
storage:
ceph_conffile: /etc/ceph/ceph.conf
ceph_keyring: /etc/ceph/ceph.client.admin.keyring
ceph_pool: metrics
ceph_username: admin
driver: ceph
provided_keyring: null
token:
provider: uuid
paste:
app:gnocchiv1:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.V1Controller
app:gnocchiversions:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.VersionsController
composite:gnocchi+auth:
/: gnocchiversions
/v1: gnocchiv1+auth
use: egg:Paste#urlmap
composite:gnocchi+noauth:
/: gnocchiversions
/v1: gnocchiv1+noauth
use: egg:Paste#urlmap
filter:keystone_authtoken:
oslo_config_project: gnocchi
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
pipeline:gnocchiv1+auth:
pipeline: keystone_authtoken gnocchiv1
pipeline:gnocchiv1+noauth:
pipeline: gnocchiv1
pipeline:main:
pipeline: gnocchi+auth
policy:
admin_or_creator: role:admin or project_id:%(created_by_project_id)s
create archive policy: role:admin
create archive policy rule: role:admin
create metric: ""
create resource: ""
create resource type: role:admin
delete archive policy: role:admin
delete archive policy rule: role:admin
delete metric: rule:admin_or_creator
delete resource: rule:admin_or_creator
delete resource type: role:admin
delete resources: rule:admin_or_creator
get archive policy: ""
get archive policy rule: ""
get measures: rule:admin_or_creator or rule:metric_owner
get metric: rule:admin_or_creator or rule:metric_owner
get resource: rule:admin_or_creator or rule:resource_owner
get resource type: ""
get status: role:admin
list all metric: role:admin
list archive policy: ""
list archive policy rule: ""
list metric: ""
list resource: rule:admin_or_creator or rule:resource_owner
list resource type: ""
metric_owner: project_id:%(resource.project_id)s
post measures: rule:admin_or_creator
resource_owner: project_id:%(project_id)s
search metric: rule:admin_or_creator or rule:metric_owner
search resource: rule:admin_or_creator or rule:resource_owner
update archive policy: role:admin
update resource: rule:admin_or_creator
update resource type: role:admin
rally_tests:
run_tempest: true
tests: null
dependencies:
api:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-endpoints
- gnocchi-ks-service
- gnocchi-ks-user
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
- endpoint: internal
service: redis
db_init:
services:
- endpoint: internal
service: oslo_db
db_init_keystone:
services:
- endpoint: internal
service: oslo_db
db_sync:
jobs:
- gnocchi-db-init-keystone
- gnocchi-db-init-indexer
services:
- endpoint: internal
service: oslo_db
ks_endpoints:
jobs:
- gnocchi-ks-service
services:
- endpoint: internal
service: identity
ks_service:
services:
- endpoint: internal
service: identity
ks_user:
services:
- endpoint: internal
service: identity
metricd:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-user
- gnocchi-ks-service
- gnocchi-ks-endpoints
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
- endpoint: internal
service: redis
statsd:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-user
- gnocchi-ks-service
- gnocchi-ks-endpoints
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
- endpoint: internal
service: redis
storage_init:
services: null
tests:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
endpoints:
cluster_domain_suffix: cluster.local
identity:
auth:
admin:
domain_name: Default
os_auth_type: password
os_tenant_name: service
password: password
project_domain_name: Default
project_name: service
region_name: RegionOne
user_domain_name: Default
username: drone
user:
domain_name: Default
os_auth_type: password
os_tenant_name: service
password: password
project_domain_name: Default
project_name: service
region_name: RegionOne
role: admin
user_domain_name: Default
username: gnocchi
host_fqdn_override:
default: null
hosts:
default: keystone-api
public: keystone
name: keystone
path:
default: /v3
port:
admin:
default: 35357
api:
default: 80
scheme:
default: http
metric:
host_fqdn_override:
default: null
hosts:
default: gnocchi-api
public: gnocchi
name: gnocchi
path:
default: null
port:
api:
default: 8041
public: 80
scheme:
default: http
oslo_cache:
host_fqdn_override:
default: null
hosts:
default: memcache
port:
memcache:
default: 11211
oslo_db:
auth:
admin:
password: password
username: root
user:
password: password
username: gnocchi
host_fqdn_override:
default: null
hosts:
default: mariadb
path: /gnocchi
port:
mysql:
default: 3306
scheme: mysql+pymysql
redis:
host_fqdn_override:
default: null
hosts:
default: redis
public: redis
name: redis
path:
default: null
port:
api:
default: 6379
public: 80
scheme:
default: redis
helm-toolkit:
endpoints:
fqdn: null
global:
region: cluster
tld: local
images:
job_pull_policy: Always
pull_policy: IfNotPresent
tags:
api: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
api_job: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_init_indexer: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_init_keystone: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_sync: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
dep_check: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
ks_endpoints: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
ks_service: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
ks_user: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
metricd: hub.easystack.io/production/escloud-linux-source-gnocchi-metricd:5.0.1
statsd: hub.easystack.io/production/escloud-linux-source-gnocchi-statsd:5.0.1
storage_init: hub.easystack.io/production/escloud-linux-ceph-daemon:latest
test: hub.easystack.io/production/escloud-linux-source-rally:5.0.1
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
manifests:
configmap_bin: true
configmap_etc: true
daemonset_metricd: true
daemonset_statsd: true
deployment_api: true
ingress_api: true
job_db_init_indexer: true
job_db_init_keystone: true
job_db_sync: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_storage_init: true
pdb_api: true
pod_gnocchi_test: true
secret_db: true
secret_keystone: true
service_api: true
service_ingress_api: true
service_statsd: true
network:
api:
external_policy_local: false
ingress:
public: true
node_port:
enabled: false
port: 8041
statsd:
node_port:
enabled: false
port: 8125
pod:
affinity:
anti:
topologyKey:
default: kubernetes.io/hostname
type:
default: requiredDuringSchedulingIgnoredDuringExecution
lifecycle:
disruption_budget:
api:
min_available: 0
termination_grace_period:
api:
timeout: 30
upgrades:
daemonsets:
metricd:
enabled: true
max_unavailable: 1
min_ready_seconds: 0
pod_replacement_strategy: RollingUpdate
statsd:
enabled: true
max_unavailable: 1
min_ready_seconds: 0
deployments:
pod_replacement_strategy: RollingUpdate
revision_history: 3
rolling_update:
max_surge: 3
max_unavailable: 1
mounts:
gnocchi_api:
gnocchi_api: null
init_container: null
gnocchi_metricd:
gnocchi_metricd: null
init_container: null
gnocchi_statsd:
gnocchi_statsd: null
init_container: null
gnocchi_tests:
gnocchi_tests: null
init_container: null
replicas:
api: 3
resources:
api:
enabled: true
limits:
cpu: 4000m
memory: 4096Mi
requests:
cpu: 100m
memory: 124Mi
enabled: false
metricd:
limits:
cpu: 4000m
memory: 4096Mi
requests:
cpu: 100m
memory: 124Mi
statsd:
limits:
cpu: 2000m
memory: 1024Mi
requests:
cpu: 100m
memory: 124Mi
user:
gnocchi:
uid: 42416
secrets:
identity:
admin: gnocchi-keystone-admin
user: gnocchi-keystone-user
oslo_db:
admin: gnocchi-db-admin
user: gnocchi-db-user
rally:
private_key: test
test_user: devops
rbd: gnocchi-rbd-keyring

HOOKS:
---
# openstack-rally-test
apiVersion: v1
kind: Pod
metadata:
name: "openstack-rally-test"
annotations:
"helm.sh/hook": test-success
spec:
restartPolicy: Never
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api,default:mariadb,default:gnocchi-api"
- name: DEPENDENCY_JOBS
value: "gnocchi-storage-init,gnocchi-db-sync"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: openstack-helm-tests
image: hub.easystack.io/production/escloud-linux-source-rally:5.0.1
imagePullPolicy: IfNotPresent
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_PROJECT_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_DOMAIN_NAME
- name: OS_PROJECT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_AUTH_TYPE
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_TYPE
- name: OS_TENANT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_TENANT_NAME
- name: RALLY_ENV_NAME
value: openstack
- name: PLUGIN_PROJECT
value: openstack
- name: RALLY_PRIVATE_KEY
value: |
test
- name: TEST_USER
value: devops
command:
- /tmp/rally-test.sh
volumeMounts:
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
readOnly: true
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: gnocchi-bin
mountPath: /tmp/rally-test.sh
subPath: rally-test.sh
readOnly: true
- name: rally-db
mountPath: /var/lib/rally

volumes:
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: ceph-etc
configMap:
name: ceph-etc
- name: ceph-keyring
secret:
secretName: pvc-ceph-client-key
- name: etcceph
emptyDir: {}
- name: rally-db
emptyDir: {}
---
# openstack-rally-test
apiVersion: v1
kind: Pod
metadata:
name: "openstack-rally-test"
annotations:
"helm.sh/hook": test-success
spec:
restartPolicy: Never
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api,default:mariadb,default:gnocchi-api"
- name: DEPENDENCY_JOBS
value: "gnocchi-storage-init,gnocchi-db-sync"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: openstack-helm-tests
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_PROJECT_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_DOMAIN_NAME
- name: OS_PROJECT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_AUTH_TYPE
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_TYPE
- name: OS_TENANT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_TENANT_NAME
command:
- /tmp/gnocchi-test.sh
volumeMounts:
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
readOnly: true
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: gnocchi-bin
mountPath: /tmp/gnocchi-test.sh
subPath: gnocchi-test.sh
readOnly: true

---
# Source: gnocchi/templates/secret-db.yaml
apiVersion: v1
kind: Secret
metadata:
name: gnocchi-db-user
type: Opaque
data:
DB_CONNECTION_INDEXER: bXlzcWwrcHlteXNxbDovL2dub2NjaGk6cGFzc3dvcmRAbWFyaWFkYi5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjMzMDYvZ25vY2NoaQ==
DB_CONNECTION_API: bXlzcWwrcHlteXNxbDovL2dub2NjaGk6cGFzc3dvcmRAbWFyaWFkYi5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjMzMDYvZ25vY2NoaQ==
---
# Source: gnocchi/templates/secret-db.yaml
apiVersion: v1
kind: Secret
metadata:
name: gnocchi-db-admin
type: Opaque
data:
DB_CONNECTION_INDEXER: bXlzcWwrcHlteXNxbDovL3Jvb3Q6cGFzc3dvcmRAbWFyaWFkYi5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjMzMDYvZ25vY2NoaQ==
DB_CONNECTION_API: bXlzcWwrcHlteXNxbDovL3Jvb3Q6cGFzc3dvcmRAbWFyaWFkYi5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjMzMDYvZ25vY2NoaQ==
---
# Source: gnocchi/templates/secret-keystone.yaml
apiVersion: v1
kind: Secret
metadata:
name: gnocchi-keystone-admin
type: Opaque
data:
OS_AUTH_URL: aHR0cDovL2tleXN0b25lLWFwaS5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjgwL3Yz
OS_REGION_NAME: UmVnaW9uT25l
OS_PROJECT_DOMAIN_NAME: RGVmYXVsdA==
OS_PROJECT_NAME: c2VydmljZQ==
OS_DOMAIN_NAME: RGVmYXVsdA==
OS_USER_DOMAIN_NAME: RGVmYXVsdA==
OS_USERNAME: ZHJvbmU=
OS_PASSWORD: cGFzc3dvcmQ=
OS_AUTH_TYPE: cGFzc3dvcmQ=
OS_TENANT_NAME: c2VydmljZQ==
---
# Source: gnocchi/templates/secret-keystone.yaml
apiVersion: v1
kind: Secret
metadata:
name: gnocchi-keystone-user
type: Opaque
data:
OS_AUTH_URL: aHR0cDovL2tleXN0b25lLWFwaS5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsOjgwL3Yz
OS_REGION_NAME: UmVnaW9uT25l
OS_PROJECT_DOMAIN_NAME: RGVmYXVsdA==
OS_PROJECT_NAME: c2VydmljZQ==
OS_DOMAIN_NAME: RGVmYXVsdA==
OS_USER_DOMAIN_NAME: RGVmYXVsdA==
OS_USERNAME: Z25vY2NoaQ==
OS_PASSWORD: cGFzc3dvcmQ=
OS_AUTH_TYPE: cGFzc3dvcmQ=
OS_TENANT_NAME: c2VydmljZQ==
---
# Source: gnocchi/templates/configmap-bin.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: gnocchi-bin
data:
storage-init.sh: |+
#!/bin/bash



set -x
SECRET=$(mktemp --suffix .yaml)
KEYRING=$(mktemp --suffix .keyring)
function cleanup {
rm -f ${SECRET} ${KEYRING}
}
trap cleanup EXIT

set -ex
ceph -s
function ensure_pool () {
ceph osd pool stats $1 || rados mkpool $1
}
ensure_pool ${RBD_POOL_NAME}

if USERINFO=$(ceph auth get client.${RBD_POOL_USER}); then
KEYSTR=$(echo $USERINFO | sed 's/.*$ key = .*$ caps mon.*/\1/')
echo $KEYSTR > ${KEYRING}
else
#NOTE(Portdirect): Determine proper privs to assign keyring
ceph auth get-or-create client.${RBD_POOL_USER} \
mon "allow *" \
osd "allow *" \
-o ${KEYRING}
fi

ENCODED_KEYRING=$(sed -n 's/^[[:blank:]]*key[[:blank:]]\+=[[:blank:]]$.*$/\1/p' ${KEYRING} | base64 -w0)
cat > ${SECRET} < apiVersion: v1
kind: Secret
metadata:
name: "${RBD_POOL_SECRET}"
type: kubernetes.io/rbd
data:
key: $( echo ${ENCODED_KEYRING} )
EOF
kubectl delete secret --namespace ${NAMESPACE} --ignore-not-found=true ${RBD_POOL_SECRET}
kubectl create --namespace ${NAMESPACE} -f ${SECRET}

db-init.sh: |+
#!/bin/bash



set -ex
export HOME=/tmp

pgsql_superuser_cmd () {
DB_COMMAND="$1"
if [[ ! -z $2 ]]; then
EXPORT PGDATABASE=$2
fi

psql \
-h ${DB_FQDN} \
-p ${DB_PORT} \
-U ${ROOT_DB_USER} \
--command="${DB_COMMAND}"
}

pgsql_superuser_cmd () {
DB_COMMAND="$1"

psql \
-h ${DB_FQDN} \
-p ${DB_PORT} \
-U ${ROOT_DB_USER} \
--command="${DB_COMMAND}"
}

if [[ ! -v ROOT_DB_CONNECTION ]]; then
echo "environment variable ROOT_DB_CONNECTION not set"
exit 1
else
echo "Got DB root connection"
fi

if [[ -v OPENSTACK_CONFIG_FILE ]]; then
if [[ ! -v OPENSTACK_CONFIG_DB_SECTION ]]; then
echo "Environment variable OPENSTACK_CONFIG_DB_SECTION not set"
exit 1
elif [[ ! -v OPENSTACK_CONFIG_DB_KEY ]]; then
echo "Environment variable OPENSTACK_CONFIG_DB_KEY not set"
exit 1
fi

echo "Using ${OPENSTACK_CONFIG_FILE} as db config source"
echo "Trying to load db config from ${OPENSTACK_CONFIG_DB_SECTION}:${OPENSTACK_CONFIG_DB_KEY}"

DB_CONN=$(awk -v key=$OPENSTACK_CONFIG_DB_KEY "/^\[${OPENSTACK_CONFIG_DB_SECTION}\]/{f=1} f==1&&/^$OPENSTACK_CONFIG_DB_KEY/{print \$3;exit}" "${OPENSTACK_CONFIG_FILE}")

echo "Found DB connection: $DB_CONN"
elif [[ -v DB_CONNECTION ]]; then
DB_CONN=${DB_CONNECTION}
echo "Got config from DB_CONNECTION env var"
else
echo "Could not get dbconfig"
exit 1
fi

ROOT_DB_PROTO="$(echo $ROOT_DB_CONNECTION | grep '//' | sed -e's,^$.*://$.*,\1,g')"
ROOT_DB_URL="$(echo $ROOT_DB_CONNECTION | sed -e s,$ROOT_DB_PROTO,,g)"
ROOT_DB_USER="$(echo $ROOT_DB_URL | grep @ | cut -d@ -f1 | cut -d: -f1)"
ROOT_DB_PASS="$(echo $ROOT_DB_URL | grep @ | cut -d@ -f1 | cut -d: -f2)"

DB_FQDN="$(echo $ROOT_DB_URL | sed -e s,$ROOT_DB_USER:$ROOT_DB_PASS@,,g | cut -d/ -f1 | cut -d: -f1)"
DB_PORT="$(echo $ROOT_DB_URL | sed -e s,$ROOT_DB_USER:$ROOT_DB_PASS@,,g | cut -d/ -f1 | cut -d: -f2)"
DB_NAME="$(echo $ROOT_DB_URL | sed -e s,$ROOT_DB_USER:$ROOT_DB_PASS@,,g | cut -d/ -f2 | cut -d? -f1)"

DB_PROTO="$(echo $DB_CONN | grep '//' | sed -e's,^$.*://$.*,\1,g')"
DB_URL="$(echo $DB_CONN | sed -e s,$DB_PROTO,,g)"
DB_USER="$( echo $DB_URL | grep @ | cut -d@ -f1 | cut -d: -f1)"
DB_PASS="$( echo $DB_URL | grep @ | cut -d@ -f1 | cut -d: -f2)"

#create db
pgsql_superuser_cmd "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME'" | grep -q 1 || pgsql_superuser_cmd "CREATE DATABASE $DB_NAME"

#create db user
pgsql_superuser_cmd "SELECT * FROM pg_roles WHERE rolname = '$DB_USER';" | tail -n +3 | head -n -2 | grep -q 1 || \
pgsql_superuser_cmd "CREATE ROLE ${DB_USER} LOGIN PASSWORD '$DB_PASS';" && pgsql_superuser_cmd "ALTER USER ${DB_USER} WITH SUPERUSER"

#give permissions to user
pgsql_superuser_cmd "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME to $DB_USER;"

db-init.py: |+
#!/usr/bin/env python

# Creates db and user for an OpenStack Service:
# Set ROOT_DB_CONNECTION and DB_CONNECTION environment variables to contain
# SQLAlchemy strings for the root connection to the database and the one you
# wish the service to use. Alternatively, you can use an ini formatted config
# at the location specified by OPENSTACK_CONFIG_FILE, and extract the string
# from the key OPENSTACK_CONFIG_DB_KEY, in the section specified by
# OPENSTACK_CONFIG_DB_SECTION.

import os
import sys
import time
import ConfigParser
import logging
from sqlalchemy import create_engine

# Create logger, console handler and formatter
logger = logging.getLogger('OpenStack-Helm DB Init')
logger.setLevel(logging.DEBUG)
ch = logging.StreamHandler()
ch.setLevel(logging.DEBUG)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')

# Set the formatter and add the handler
ch.setFormatter(formatter)
logger.addHandler(ch)


# Get the connection string for the service db root user
if "ROOT_DB_CONNECTION" in os.environ:
db_connection = os.environ['ROOT_DB_CONNECTION']
logger.info('Got DB root connection')
else:
logger.critical('environment variable ROOT_DB_CONNECTION not set')
sys.exit(1)

# Get the connection string for the service db
if "OPENSTACK_CONFIG_FILE" in os.environ:
os_conf = os.environ['OPENSTACK_CONFIG_FILE']
if "OPENSTACK_CONFIG_DB_SECTION" in os.environ:
os_conf_section = os.environ['OPENSTACK_CONFIG_DB_SECTION']
else:
logger.critical('environment variable OPENSTACK_CONFIG_DB_SECTION not set')
sys.exit(1)
if "OPENSTACK_CONFIG_DB_KEY" in os.environ:
os_conf_key = os.environ['OPENSTACK_CONFIG_DB_KEY']
else:
logger.critical('environment variable OPENSTACK_CONFIG_DB_KEY not set')
sys.exit(1)
try:
config = ConfigParser.RawConfigParser()
logger.info("Using {0} as db config source".format(os_conf))
config.read(os_conf)
logger.info("Trying to load db config from {0}:{1}".format(
os_conf_section, os_conf_key))
user_db_conn = config.get(os_conf_section, os_conf_key)
logger.info("Got config from {0}".format(os_conf))
except:
logger.critical("Tried to load config from {0} but failed.".format(os_conf))
raise
elif "DB_CONNECTION" in os.environ:
user_db_conn = os.environ['DB_CONNECTION']
logger.info('Got config from DB_CONNECTION env var')
else:
logger.critical('Could not get db config, either from config file or env var')
sys.exit(1)

# Check mariadb to make sure all mariadb are ready.
# If mariadb-0 is ready, we can connect mariadb immediately, but when mariadb-1
# and mariadb-2 start, it will sync with mariadb-0. At this time database operation
# may fail. We should avoid this to make sure db-init and db-sync do not fail.
if 'coaster' not in user_db_conn:
cmd = "curl -s busybox/cmd/ecs/mariadb-all-ready | grep 'Mariadb all ready'"
count = 1
max_count = 100
while os.system(cmd) != 0:
if count > max_count:
break
logger.info('Waiting for all mariadb are ready.')
count += 1
time.sleep(5)

# Root DB engine
try:
root_engine_full = create_engine(db_connection)
root_user = root_engine_full.url.username
root_password = root_engine_full.url.password
drivername = root_engine_full.url.drivername
host = root_engine_full.url.host
port = root_engine_full.url.port
root_engine_url = ''.join([drivername, '://', root_user, ':', root_password, '@', host, ':', str (port)])
root_engine = create_engine(root_engine_url)
connection = root_engine.connect()
connection.close()
logger.info("Tested connection to DB @ {0}:{1} as {2}".format(
host, port, root_user))
except:
logger.critical('Could not connect to database as root user')
raise

# User DB engine
try:
user_engine = create_engine(user_db_conn)
# Get our user data out of the user_engine
database = user_engine.url.database
user = user_engine.url.username
password = user_engine.url.password
logger.info('Got user db config')
except:
logger.critical('Could not get user database config')
raise

# Create DB
try:
root_engine.execute("CREATE DATABASE IF NOT EXISTS {0}".format(database))
logger.info("Created database {0}".format(database))
except:
logger.critical("Could not create database {0}".format(database))
raise

# Create DB User
try:
root_engine.execute(
"GRANT ALL ON `{0}`.* TO \'{1}\'@\'%%\' IDENTIFIED BY \'{2}\'".format(
database, user, password))
logger.info("Created user {0} for {1}".format(user, database))
except:
logger.critical("Could not create user {0} for {1}".format(user, database))
raise

# Test connection
try:
connection = user_engine.connect()
connection.close()
logger.info("Tested connection to DB @ {0}:{1}/{2} as {3}".format(
host, port, database, user))
except:
logger.critical('Could not connect to database as user')
raise

logger.info('Finished DB Management')
db-sync.sh: |+
#!/bin/bash



set -ex

exec gnocchi-upgrade --create-legacy-resource-types

gnocchi-api.sh: |+
#!/usr/local/bin/dumb-init /bin/bash



set -ex
COMMAND="${@:-start}"

function start () {
exec httpd -DFOREGROUND
}

function stop () {
kill -TERM 1
}

$COMMAND

gnocchi-metricd.sh: |+
#!/bin/bash



set -x
exec gnocchi-metricd \
--config-file /etc/gnocchi/gnocchi.conf

gnocchi-statsd.sh: |+
#!/bin/bash



set -x
exec gnocchi-statsd \
--config-file /etc/gnocchi/gnocchi.conf

ks-service.sh: |+
#!/bin/bash

# Copyright 2017 Pete Birley
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -ex

# Service boilerplate description
OS_SERVICE_DESC="${OS_REGION_NAME}: ${OS_SERVICE_NAME} (${OS_SERVICE_TYPE}) service"

# Get Service ID if it exists
unset OS_SERVICE_ID
OS_SERVICE_ID=$( openstack service list -f csv --quote none | \
grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \
sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" )

# If a Service ID was not found, then create the service
if [[ -z ${OS_SERVICE_ID} ]]; then
OS_SERVICE_ID=$(openstack service create -f value -c id \
--name="${OS_SERVICE_NAME}" \
--description "${OS_SERVICE_DESC}" \
--enable \
"${OS_SERVICE_TYPE}")
fi
ks-endpoints.sh: |+
#!/bin/bash

# Copyright 2017 Pete Birley
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -ex

# Get Service ID
OS_SERVICE_ID=$( openstack service list -f csv --quote none | \
grep ",${OS_SERVICE_NAME},${OS_SERVICE_TYPE}$" | \
sed -e "s/,${OS_SERVICE_NAME},${OS_SERVICE_TYPE}//g" )

# Get Endpoint ID if it exists
OS_ENDPOINT_ID=$( openstack endpoint list -f csv --quote none | \
grep "^[a-z0-9]*,${OS_REGION_NAME},${OS_SERVICE_NAME},${OS_SERVICE_TYPE},True,${OS_SVC_ENDPOINT}," | \
awk -F ',' '{ print $1 }' )

# Making sure only a single endpoint exists for a service within a region
if [ "$(echo $OS_ENDPOINT_ID | wc -w)" -gt "1" ]; then
echo "More than one endpoint found, cleaning up"
for ENDPOINT_ID in $OS_ENDPOINT_ID; do
openstack endpoint delete ${ENDPOINT_ID}
done
unset OS_ENDPOINT_ID
fi

# Determine if Endpoint needs updated
if [[ ${OS_ENDPOINT_ID} ]]; then
OS_ENDPOINT_URL_CURRENT=$(openstack endpoint show ${OS_ENDPOINT_ID} -f value -c url)
if [ "${OS_ENDPOINT_URL_CURRENT}" == "${OS_SERVICE_ENDPOINT}" ]; then
echo "Endpoints Match: no action required"
OS_ENDPOINT_UPDATE="False"
else
echo "Endpoints Dont Match: removing existing entries"
openstack endpoint delete ${OS_ENDPOINT_ID}
OS_ENDPOINT_UPDATE="True"
fi
else
OS_ENDPOINT_UPDATE="True"
fi

# Update Endpoint if required
if [[ "${OS_ENDPOINT_UPDATE}" == "True" ]]; then
OS_ENDPOINT_ID=$( openstack endpoint create -f value -c id \
--region="${OS_REGION_NAME}" \
"${OS_SERVICE_ID}" \
${OS_SVC_ENDPOINT} \
"${OS_SERVICE_ENDPOINT}" )
fi

# Display the Endpoint
openstack endpoint show ${OS_ENDPOINT_ID}
ks-user.sh: |+
#!/bin/bash

# Copyright 2017 Pete Birley
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -ex

# Manage project domain
PROJECT_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}" \
"${SERVICE_OS_PROJECT_DOMAIN_NAME}")

# Display project domain
openstack domain show "${PROJECT_DOMAIN_ID}"

# Manage user project
USER_PROJECT_DESC="Service Project for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_PROJECT_DOMAIN_NAME}"
USER_PROJECT_ID=$(openstack project create --or-show --enable -f value -c id \
--domain="${PROJECT_DOMAIN_ID}" \
--description="${USER_PROJECT_DESC}" \
"${SERVICE_OS_PROJECT_NAME}");

# Display project
openstack project show "${USER_PROJECT_ID}"

# Manage user domain
USER_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
--description="Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}" \
"${SERVICE_OS_USER_DOMAIN_NAME}")

# Display user domain
openstack domain show "${USER_DOMAIN_ID}"

# Manage user
USER_DESC="Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_USER_DOMAIN_NAME}/${SERVICE_OS_SERVICE_NAME}"
USER_ID=$(openstack user create --or-show --enable -f value -c id \
--domain="${USER_DOMAIN_ID}" \
--project-domain="${PROJECT_DOMAIN_ID}" \
--project="${USER_PROJECT_ID}" \
--description="${USER_DESC}" \
"${SERVICE_OS_USERNAME}");

# Manage user password (we do this to ensure the password is updated if required)
openstack user set --password="${SERVICE_OS_PASSWORD}" "${USER_ID}"

# Display user
openstack user show "${USER_ID}"

function ks_assign_user_role () {
# Manage user role assignment
openstack role add \
--user="${USER_ID}" \
--user-domain="${USER_DOMAIN_ID}" \
--project-domain="${PROJECT_DOMAIN_ID}" \
--project="${USER_PROJECT_ID}" \
"${USER_ROLE_ID}"

# Display user role assignment
openstack role assignment list \
--role="${USER_ROLE_ID}" \
--user-domain="${USER_DOMAIN_ID}" \
--user="${USER_ID}"
}

# Manage user service role
export USER_ROLE_ID=$(openstack role create --or-show -f value -c id \
"${SERVICE_OS_ROLE}");
ks_assign_user_role

# Manage user member role
: ${MEMBER_OS_ROLE:="_member_"}
export USER_ROLE_ID=$(openstack role create --or-show -f value -c id \
"${MEMBER_OS_ROLE}");
ks_assign_user_role
openstack role add --user="${USER_ID}" --domain="${USER_DOMAIN_ID}" "admin"
ks-domain-user.sh: |+
#!/bin/bash

# Copyright 2017 Pete Birley
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

set -ex

# Manage domain
SERVICE_OS_DOMAIN_ID=$(openstack domain create --or-show --enable -f value -c id \
--description="Service Domain for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_DOMAIN_NAME}" \
"${SERVICE_OS_DOMAIN_NAME}")

# Display domain
openstack domain show "${SERVICE_OS_DOMAIN_ID}"

# Manage user
SERVICE_OS_USERID=$(openstack user create --or-show --enable -f value -c id \
--domain="${SERVICE_OS_DOMAIN_ID}" \
--description "Service User for ${SERVICE_OS_REGION_NAME}/${SERVICE_OS_DOMAIN_NAME}" \
"${SERVICE_OS_USERNAME}")

# Manage user password (we do this to ensure the password is updated if required)
openstack user set --password="${SERVICE_OS_PASSWORD}" "${SERVICE_OS_USERID}"

# Display user
openstack user show "${SERVICE_OS_USERID}"

# Manage role
SERVICE_OS_ROLE_ID=$(openstack role show -f value -c id \
"${SERVICE_OS_ROLE}" || openstack role create -f value -c id \
"${SERVICE_OS_ROLE}" )

# Manage user role assignment
openstack role add \
--domain="${SERVICE_OS_DOMAIN_ID}" \
--user="${SERVICE_OS_USERID}" \
--user-domain="${SERVICE_OS_DOMAIN_ID}" \
"${SERVICE_OS_ROLE_ID}"

# Display user role assignment
openstack role assignment list \
--role="${SERVICE_OS_ROLE_ID}" \
--user-domain="${SERVICE_OS_DOMAIN_ID}" \
--user="${SERVICE_OS_USERID}"
ceph-keyring.sh: |+
#!/bin/bash



set -ex
export HOME=/tmp

cat < /etc/ceph/ceph.client.admin.keyring

[client.admin]
key = $(cat /tmp/client-keyring)
EOF

exit 0

ceph-admin-keyring.sh: |+
#!/bin/bash



set -ex
export HOME=/tmp

cat < /etc/ceph/ceph.client.admin.keyring
[client.admin]
key = $(cat /tmp/client-keyring)
EOF

exit 0

rally-test.sh: |+
#!/bin/bash
set -ex

: ${RALLY_ENV_NAME:="openstack-helm"}
: ${PLUGIN_PROJECT:="openstack-helm"}
: ${DEPENDENCY_PROJECT:="openstack-helm"}
: ${TEMPEST_PATTERN:=${RALLY_ENV_NAME}}
: ${RALLY_PRIVATE_KEY:="openstack-helm"}
: ${TEST_USER:="devops"}
: ${PROJECT_BRANCH:="stable/5.0"}
: ${CONCURRENCY:="8"}

# Copy configurations
cp -r /var/lib/esconf/. ~/
echo -e "${RALLY_PRIVATE_KEY}" > ~/.ssh/id_rsa
chmod 600 ~/.ssh/id_rsa

rally db create
rally deployment create --fromenv --name ${RALLY_ENV_NAME}
rally deployment use ${RALLY_ENV_NAME}
rally deployment check
VERIFIER_NAME="${RALLY_ENV_NAME}-tempest"
GIT_SOURCE="ssh://[email protected]:29418/easystack"
CONSTRAINT_FILE="http://fs.easystack.cn/constraints/ecs5.0/upper-constraints.txt"
rally verify create-verifier --name $VERIFIER_NAME --type tempest --source ~/tempest/
if [ "${PLUGIN_PROJECT}"x != "openstack-helm"x ]; then
git clone $GIT_SOURCE/${PLUGIN_PROJECT} ~/${PLUGIN_PROJECT} -b $PROJECT_BRANCH
source ~/.rally/verification/verifier-*/.venv/bin/activate
pip install ~/${PLUGIN_PROJECT}
pip install -r ~/${PLUGIN_PROJECT}/test-requirements.txt -c ${CONSTRAINT_FILE}
if [ "${DEPENDENCY_PROJECT}"x != "openstack-helm"x ]; then
git clone $GIT_SOURCE/${DEPENDENCY_PROJECT} ~/${DEPENDENCY_PROJECT} -b $PROJECT_BRANCH
pip install ~/${DEPENDENCY_PROJECT}
pip install -r ~/${DEPENDENCY_PROJECT}/test-requirements.txt -c ${CONSTRAINT_FILE}
fi
PATTERN=${TEMPEST_PATTERN}
else
SERVICE_TYPE=$(rally deployment check | grep ${RALLY_ENV_NAME} | awk -F \| '{print $3}' | tr -d ' ' | tr -d '\n')
PATTERN="tempest.api.$SERVICE_TYPE*"
fi
rally verify start --pattern $PATTERN --concurrency ${CONCURRENCY}
rally verify delete-verifier --id ${RALLY_ENV_NAME}-tempest --force
if [ "${PLUGIN_PROJECT}"x == "openstack-helm"x ]; then
rally task validate /etc/rally/rally_tests.yaml
rally task start /etc/rally/rally_tests.yaml
rally task sla-check
fi
rally deployment destroy --deployment ${RALLY_ENV_NAME}
---
# Source: gnocchi/templates/configmap-etc.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: gnocchi-etc
data:
gnocchi.conf: |+
[DEFAULT]
debug = false
[api]
auth_mode = keystone
max_limit = 100000
port = 8041
[archive_policy]
default_aggregation_methods = mean,min,max
[database]
connection = mysql+pymysql://gnocchi:[email protected]:3306/gnocchi
max_retries = -1
[incoming]
driver = redis
redis_url = redis://redis.default.svc.cluster.local:6379/
[indexer]
driver = mysql
url = mysql+pymysql://gnocchi:[email protected]:3306/gnocchi
[keystone_authtoken]
auth_type = password
auth_uri = http://keystone-api.default.svc.cluster.local:80/v3
auth_url = http://keystone-api.default.svc.cluster.local:80/v3
auth_version = v3
memcache_secret_key = secret
memcache_security_strategy = ENCRYPT
memcached_servers = memcache.default.svc.cluster.local:11211
password = password
project_domain_name = Default
project_name = service
region_name = RegionOne
user_domain_name = Default
username = gnocchi
[metricd]
workers = 16
[statsd]
port = 8125
project_id = 0712a464-ad34-4780-a1e8-c8f1d71b57a9
resource_id = 6ad0aea2-5f16-4621-b7ee-69e391acb6ea
user_id = 47408a08-d20e-40bc-a3a3-9582942ed3a2
[storage]
ceph_conffile = /etc/ceph/ceph.conf
ceph_keyring = /etc/ceph/ceph.client.admin.keyring
ceph_pool = metrics
ceph_username = admin
driver = ceph
provided_keyring =
[token]
provider = uuid

api-paste.ini: |+
[app:gnocchiv1]
paste.app_factory = gnocchi.rest.app:app_factory
root = gnocchi.rest.V1Controller
[app:gnocchiversions]
paste.app_factory = gnocchi.rest.app:app_factory
root = gnocchi.rest.VersionsController
[composite:gnocchi+auth]
/ = gnocchiversions
/v1 = gnocchiv1+auth
use = egg:Paste#urlmap
[composite:gnocchi+noauth]
/ = gnocchiversions
/v1 = gnocchiv1+noauth
use = egg:Paste#urlmap
[filter:keystone_authtoken]
oslo_config_project = gnocchi
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
[pipeline:gnocchiv1+auth]
pipeline = keystone_authtoken gnocchiv1
[pipeline:gnocchiv1+noauth]
pipeline = gnocchiv1
[pipeline:main]
pipeline = gnocchi+auth

policy.json: |+
{"admin_or_creator":"role:admin or project_id:%(created_by_project_id)s","create archive policy":"role:admin","create archive policy rule":"role:admin","create metric":"","create resource":"","create resource type":"role:admin","delete archive policy":"role:admin","delete archive policy rule":"role:admin","delete metric":"rule:admin_or_creator","delete resource":"rule:admin_or_creator","delete resource type":"role:admin","delete resources":"rule:admin_or_creator","get archive policy":"","get archive policy rule":"","get measures":"rule:admin_or_creator or rule:metric_owner","get metric":"rule:admin_or_creator or rule:metric_owner","get resource":"rule:admin_or_creator or rule:resource_owner","get resource type":"","get status":"role:admin","list all metric":"role:admin","list archive policy":"","list archive policy rule":"","list metric":"","list resource":"rule:admin_or_creator or rule:resource_owner","list resource type":"","metric_owner":"project_id:%(resource.project_id)s","post measures":"rule:admin_or_creator","resource_owner":"project_id:%(project_id)s","search metric":"rule:admin_or_creator or rule:metric_owner","search resource":"rule:admin_or_creator or rule:resource_owner","update archive policy":"role:admin","update resource":"rule:admin_or_creator","update resource type":"role:admin"}
wsgi-gnocchi.conf: |+


Listen 0.0.0.0:8041

SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded


WSGIDaemonProcess gnocchi processes=4 threads=8 user=gnocchi group=gnocchi display-name=%{GROUP}
WSGIProcessGroup gnocchi
WSGIScriptAlias / "/usr/lib/python2.7/site-packages/gnocchi/rest/app.wsgi"
WSGIApplicationGroup %{GLOBAL}

ErrorLog /dev/stderr
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog /dev/stdout combined env=!forwarded
CustomLog /dev/stdout proxy env=forwarded


Require all granted

---
# Source: gnocchi/templates/service-api.yaml
apiVersion: v1
kind: Service
metadata:
name: gnocchi-api
spec:
ports:
- name: gn-api
port: 8041

selector:
release_group: openstack
application: gnocchi
component: api
---
# Source: gnocchi/templates/service-ingress-api.yaml
apiVersion: v1
kind: Service
metadata:
name: gnocchi
spec:
ports:
- name: http
port: 80
type: ExternalName
externalName: ingress.kube-system.svc.cluster.local
---
# Source: gnocchi/templates/service-statsd.yaml
apiVersion: v1
kind: Service
metadata:
name: gnocchi-statsd
spec:
ports:
- port: 8125

selector:
app: gnocchi-statsd
---
# Source: gnocchi/templates/daemonset-metricd.yaml
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: gnocchi-metricd
spec:

minReadySeconds: 0
updateStrategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
release_group: openstack
application: gnocchi
component: metricd
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: metricd
annotations:
configmap-bin-hash: "c23274ba8ed88686efc7f036decb02013b06dc62c6299d18e648c46d07e01125"
configmap-etc-hash: "a769ec752ca53c530cdf0d051c369d1794c7c25d1570d455249898cde25a6c07"
spec:
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:mariadb,default:gnocchi-api,default:redis"
- name: DEPENDENCY_JOBS
value: "gnocchi-storage-init,gnocchi-db-sync,gnocchi-ks-user,gnocchi-ks-service,gnocchi-ks-endpoints"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: gnocchi-metricd
image: hub.easystack.io/production/escloud-linux-source-gnocchi-metricd:5.0.1
imagePullPolicy: IfNotPresent

command:
- /tmp/gnocchi-metricd.sh
volumeMounts:
- name: pod-etc-gnocchi
mountPath: /etc/gnocchi
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
readOnly: true
- name: gnocchi-etc
mountPath: /etc/gnocchi/policy.json
subPath: policy.json
readOnly: true
- name: gnocchi-bin
mountPath: /tmp/gnocchi-metricd.sh
subPath: gnocchi-metricd.sh
readOnly: true
- name: etcceph
mountPath: /etc/ceph
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true

volumes:
- name: pod-etc-gnocchi
emptyDir: {}
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: etcceph
emptyDir: {}
- name: ceph-etc
configMap:
name: ceph-etc
- name: ceph-keyring
secret:
secretName: "gnocchi-rbd-keyring"
---
# Source: gnocchi/templates/job-db-init-indexer.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-db-init-indexer
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: db-init-indexer
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:mariadb"
- name: DEPENDENCY_JOBS
value: ""
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
containers:
- name: gnocchi-db-init-indexer
image: "hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest"
imagePullPolicy: "Always"
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: gnocchi-db-admin
key: DB_CONNECTION_INDEXER
- name: OPENSTACK_CONFIG_FILE
value: /etc/gnocchi/gnocchi.conf
- name: OPENSTACK_CONFIG_DB_SECTION
value: indexer
- name: OPENSTACK_CONFIG_DB_KEY
value: url
command:
- /tmp/db-init.py
volumeMounts:
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
- name: gnocchi-bin
mountPath: /tmp/db-init.py
subPath: db-init.py
readOnly: true
volumes:
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
---
# Source: gnocchi/templates/job-db-init-keystone.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-db-init-keystone
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: db-init-keystone
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:mariadb"
- name: DEPENDENCY_JOBS
value: ""
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
containers:
- name: keystone-db-init
image: "hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest"
imagePullPolicy: "Always"
env:
- name: ROOT_DB_CONNECTION
valueFrom:
secretKeyRef:
name: gnocchi-db-admin
key: DB_CONNECTION_API
- name: OPENSTACK_CONFIG_FILE
value: /etc/gnocchi/gnocchi.conf
- name: OPENSTACK_CONFIG_DB_SECTION
value: database
- name: OPENSTACK_CONFIG_DB_KEY
value: connection
command:
- /tmp/db-init.py
volumeMounts:
- name: gnocchi-bin
mountPath: /tmp/db-init.py
subPath: db-init.py
readOnly: true
- name: pod-etc-gnocchi
mountPath: /etc/gnocchi
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
readOnly: true
volumes:
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: pod-etc-gnocchi
emptyDir: {}
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
---
# Source: gnocchi/templates/job-db-sync.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-db-sync
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: db-sync
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:mariadb"
- name: DEPENDENCY_JOBS
value: "gnocchi-db-init-keystone,gnocchi-db-init-indexer"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
imagePullPolicy: Always
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: gnocchi-db-sync
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
imagePullPolicy: Always
command:
- /tmp/db-sync.sh
volumeMounts:
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
- name: gnocchi-bin
mountPath: /tmp/db-sync.sh
subPath: db-sync.sh
- name: etcceph
mountPath: /etc/ceph
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
volumes:
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: etcceph
emptyDir: {}
- name: ceph-etc
configMap:
name: ceph-etc
- name: ceph-keyring
secret:
secretName: pvc-ceph-client-key
---
# Source: gnocchi/templates/job-ks-endpoints.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-ks-endpoints
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: ks-endpoints
metadata:
annotations:
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api"
- name: DEPENDENCY_JOBS
value: "gnocchi-ks-service"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
containers:
- name: metric-ks-endpoints-admin
image: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
imagePullPolicy: Always
command:
- /tmp/ks-endpoints.sh
volumeMounts:
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
readOnly: true
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_DOMAIN_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_SVC_ENDPOINT
value: admin
- name: OS_SERVICE_NAME
value: "gnocchi"
- name: OS_SERVICE_TYPE
value: metric
- name: OS_SERVICE_ENDPOINT
value: http://gnocchi-api.default.svc.cluster.local:8041/
- name: metric-ks-endpoints-internal
image: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
imagePullPolicy: Always
command:
- /tmp/ks-endpoints.sh
volumeMounts:
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
readOnly: true
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_DOMAIN_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_SVC_ENDPOINT
value: internal
- name: OS_SERVICE_NAME
value: "gnocchi"
- name: OS_SERVICE_TYPE
value: metric
- name: OS_SERVICE_ENDPOINT
value: http://gnocchi-api.default.svc.cluster.local:8041/
- name: metric-ks-endpoints-public
image: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
imagePullPolicy: Always
command:
- /tmp/ks-endpoints.sh
volumeMounts:
- name: ks-endpoints-sh
mountPath: /tmp/ks-endpoints.sh
subPath: ks-endpoints.sh
readOnly: true
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_DOMAIN_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_SVC_ENDPOINT
value: public
- name: OS_SERVICE_NAME
value: "gnocchi"
- name: OS_SERVICE_TYPE
value: metric
- name: OS_SERVICE_ENDPOINT
value: http://gnocchi.default.svc.cluster.local:80/
volumes:
- name: ks-endpoints-sh
configMap:
name: gnocchi-bin
defaultMode: 0555
---
# Source: gnocchi/templates/job-ks-service.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-ks-service
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: ks-service
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api"
- name: DEPENDENCY_JOBS
value: ""
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
containers:
- name: metric-ks-service-registration
image: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
imagePullPolicy: Always
command:
- /tmp/ks-service.sh
volumeMounts:
- name: ks-service-sh
mountPath: /tmp/ks-service.sh
subPath: ks-service.sh
readOnly: true
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_DOMAIN_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_SERVICE_NAME
value: "gnocchi"
- name: OS_SERVICE_TYPE
value: metric
volumes:
- name: ks-service-sh
configMap:
name: gnocchi-bin
defaultMode: 0555
---
# Source: gnocchi/templates/job-ks-user.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-ks-user
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: ks-user
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api"
- name: DEPENDENCY_JOBS
value: ""
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
containers:
- name: gnocchi-ks-user
image: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
imagePullPolicy: Always
command:
- /tmp/ks-user.sh
volumeMounts:
- name: ks-user-sh
mountPath: /tmp/ks-user.sh
subPath: ks-user.sh
readOnly: true
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_DOMAIN_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: SERVICE_OS_SERVICE_NAME
value: "gnocchi"
- name: SERVICE_OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_REGION_NAME
- name: SERVICE_OS_PROJECT_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_PROJECT_DOMAIN_NAME
- name: SERVICE_OS_PROJECT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_PROJECT_NAME
- name: SERVICE_OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_USER_DOMAIN_NAME
- name: SERVICE_OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_USERNAME
- name: SERVICE_OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-user
key: OS_PASSWORD
- name: SERVICE_OS_ROLE
value: "admin"
volumes:
- name: ks-user-sh
configMap:
name: gnocchi-bin
defaultMode: 0555
---
# Source: gnocchi/templates/job-storage-init.yaml
apiVersion: batch/v1
kind: Job
metadata:
name: gnocchi-storage-init
spec:
template:
metadata:
labels:
release_group: openstack
application: gnocchi
component: storage-init
spec:
restartPolicy: OnFailure
nodeSelector:
openstack-control-plane: enabled
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: ""
- name: DEPENDENCY_JOBS
value: ""
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
imagePullPolicy: Always
securityContext:
runAsUser: 42416
command:
- /tmp/ceph-admin-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-admin-keyring.sh
subPath: ceph-admin-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: gnocchi-storage-init
image: hub.easystack.io/production/escloud-linux-ceph-daemon:latest
imagePullPolicy: Always
env:
- name: NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: RBD_POOL_NAME
value: "metrics"
- name: RBD_POOL_USER
value: "admin"
- name: RBD_POOL_SECRET
value: "gnocchi-rbd-keyring"
command:
- /tmp/storage-init.sh
volumeMounts:
- name: gnocchi-bin
mountPath: /tmp/storage-init.sh
subPath: storage-init.sh
readOnly: true
- name: etcceph
mountPath: /etc/ceph
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
volumes:
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: etcceph
emptyDir: {}
- name: ceph-etc
configMap:
name: ceph-etc
defaultMode: 0444
- name: ceph-keyring
secret:
secretName: pvc-ceph-client-key
---
# Source: gnocchi/templates/ingress-api.yaml
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: gnocchi
annotations:
kubernetes.io/ingress.class: "nginx"
ingress.kubernetes.io/rewrite-target: /
spec:
rules:

- host: gnocchi
http:
paths:
- path: /
backend:
serviceName: gnocchi-api
servicePort: gn-api
- host: gnocchi.default
http:
paths:
- path: /
backend:
serviceName: gnocchi-api
servicePort: gn-api
- host: gnocchi.default.svc.cluster.local
http:
paths:
- path: /
backend:
serviceName: gnocchi-api
servicePort: gn-api
---
# Source: gnocchi/templates/pdb-api.yaml
apiVersion: policy/v1beta1
kind: PodDisruptionBudget
metadata:
name: gnocchi-api
spec:
minAvailable: 0
selector:
matchLabels:
release_group: openstack
application: gnocchi
component: api

你可能感兴趣的:(kubernetes)

Kubernetes 1.29升级至1.31版本笔记 zkyqss 云计算笔记 kubernetes 云原生
一、概述之前安装了kubernetes1.29（参见：使用kubeadm安装Kubernetes1.29）。本次计划将该集群升级为1.31版本。Kubernetes版本表示方式：Kubernetes版本表示为x.y.z，其中x是主版本，y是次版本，z是补丁版本。建议升级顺序在Kubernetes中，推荐的升级方法是逐步升级，即一次升级一个次版本。本次集群升级策略1.29升级至→1.30，然后1.3
在k8s中，如何在argocd中添加proxy 网络飞鸥 kubernetes argocd 容器
在Kubernetes的ArgoCD中添加代理（Proxy）设置，你可以从多个层面进行操作，下面分别介绍不同组件设置代理的方法。1.ArgoCDServer代理设置ArgoCDServer负责提供WebUI和API服务，要为其设置代理，可以通过修改ArgoCDServer的部署配置来实现。步骤：编辑ArgoCDServer部署kubectleditdeploymentargocd-server-n
高版本k8s文件无法识别镜像虚魍 kubernetes 容器运维 linux 云计算
Kubernetes1.24正式移除了dockershim组件，意味着原生Docker容器运行时不再直接支持。集群管理员需要迁移至其他兼容的容器运行时，如containerd或CRI-O。高版本k8s不在支持docker运行容器运行服务，而使用ctr命令来识别pod文件的镜像。-----如有问题，请提醒，我会及时改正。解决yaml文件识别不到镜像：方法一：手动拉取，上传先拉取相应镜像：docker
必知必会！如何在Kubernetes中管理Configurations和Secrets 硅基创想家 #Kubernetes实战与经验 kubernetes 容器云原生
在Kubernetes中，管理配置和机密信息对于确保应用程序的灵活性、安全性和易于部署至关重要。当应用程序依赖于配置或敏感数据（如API密钥、密码和环境变量）时，Kubernetes提供了将这些数据与应用程序代码分离的工具。Kubernetes中的ConfigMaps（配置映射）和Secrets（机密）使得动态管理和更新这些配置成为可能，让您的应用程序能够在不直接在容器中硬编码信息的情况下进行适配
云平台结合DeepSeek的AI模型优化实践：技术突破与应用革新荣华富贵8 程序员的知识储备1 经验分享
云平台与AI模型的深度结合已成为推动人工智能技术落地的重要驱动力。DeepSeek（深度求索）作为前沿AI模型的代表，通过与云计算的深度融合，在技术架构和应用场景层面实现了突破性进展。以下从技术突破和应用革新两个维度进行系统解析：---###**一、技术突破：云原生AI架构的进化**####1.**弹性算力调度体系**-**动态资源分配**：基于Kubernetes的智能调度器实现GPU资源的细粒
腾讯云容器与Serverless的融合：探索《2023技术实践精选集》中的创新实践虎头金猫云原生云原生 docker serverless 容器运维运维开发腾讯云
腾讯云容器与Serverless的融合：探索《2023技术实践精选集》中的创新实践文章目录腾讯云容器与Serverless的融合：探索《2023技术实践精选集》中的创新实践引言《2023腾讯云容器和函数计算技术实践精选集》整体评价特色亮点分析Serverless与Kubernetes的融合FinOps在资源配置优化中的应用云监控Barad的云原生实践对云计算领域的贡献和影响阅读体验分享案例的实用性
使用kuboard管理kubernetes集群终端行者 Kubernetes kubernetes 容器云原生
官网：https://kuboard.cn/learning/准备一台新的服务并安装docker[root@docker-server~]#dockerrun-d--restart=unless-stopped--name=kuboard-p80:80/tcp-p10081:10081/tcp-eKUBOARD_ENDPOINT="http://192.168.209.176:80"-eKUBOA
centos-stream9/7如何安装kubenetes1.28版本？如何添加集群节点与token过期如何重新生成？终端行者 Kubernetes centos kubernetes
Kubernetes集群部署零、版本信息操作系统：CentosStream9、Centos7通过k8s版本：1.26.11.28.2本文档未使用docker,使用containerd从版本1.24开始已经去掉默认对docker的支持，需要使用go编译安装cri-dockerd，通信变得复杂，新版本不推荐使用docker运行时一、Kubernetes集群部署方式方式1.minikubeMinikub
从入门到放弃之生产环境基于Kubernetes V1.21.10搭建高可用集群收破烂的小白 docker linux kubernetes
1.资源规划名称系统配置IP组件k8s-master01CentOS7.94核8G500G存储172.16.97.27kube-apiserverkube-controller-managerkube-scheduleretcdk8s-master02CentOS7.94核8G500G存储172.16.97.28kube-apiserverkube-controller-managerkube-s
Docker下Dubbo服务优雅上下线实现丿似锦 dubbo kubernetes dubbo qos
简介在Docker容器环境中部署基于Dubbo的服务时，实现服务的优雅上下线是至关重要的。这通常涉及到两个关键步骤：首先，确保服务能够从注册中心摘除，停止接受新的请求；其次，等待所有正在处理的请求完成后再终止容器。通过结合Kubernetes的preStopHook和Dubbo的QoS功能，可以有效地实现这一目标。环境Docker+Kubernetes+SpringBoot+Dubbo⭐实现Pre
云原生架构概念睡不醒的小泽软件架构云原生微服务
云原生架构概念云原生架构（CloudNativeArchitechtrue）作为一种现代软件开发的革新力量，正在逐渐改变企业构建、部署和管理应用程序的方式。它的核心优势在于支持微服务架构，使得应用程序能够分解为独立、松耦合的服务，每个服务都可以单独开发、部署和扩展，从而提高了敏捷性和迭代速度。此外，云原生架构通过容器化技术，如Docker和Kubernetes，确保了应用程序在不同环境中的一致性和
开源分布式存储系统在云原生数据库领域的实践与应用 ITPUB-微风开源分布式云原生
本文深入探讨了Curve项目，一个专为云原生环境设计的开源分布式存储系统。文章详细介绍了Curve的块存储架构、其在云原生数据库领域的实际应用，并展望了项目的未来发展方向。一、Curve项目介绍Curve项目致力于打造一个云原生、高性能、稳定且易运维的开源分布式存储系统。它支持私有云、公有云和混合云上的部署，兼容CSI插件，并支持容器化部署和Kubernetes集成。Curve的设计理念在于提供高
云原生降本之路：技术创新与应用解析 ITPUB-微风云原生
随着云计算的快速发展，云原生技术已成为企业降低成本、提高效率的重要手段。本文基于腾讯云容器技术专家孟凡杰的PPT内容，深入探讨了云原生技术在降低企业成本方面的应用，包括资源利用现状、成本优化思路、Kubernetes中的资源分配、横向与纵向伸缩、Kubernetes原生能力的不足、全链路降本的思考与价值主张、多种集群形态的利用、资源运营策略、Crane智能调度系统的应用、FinOps理念在腾讯内部
kubernetes(k8s) 安装与部署北_鱼环境配置 kubernetes 容器云原生
版本：kubernetes(k8s)v1.28.21准备工作准备多台Linux设备。可参考https://blog.csdn.net/White_Ink_/article/details/139743058配置集群环境。关闭swap分区临时关闭：sudoswapoff-a永久关闭swap：sudosed-ri's/.*swap.*/#&/'/etc/fstab设置内核参数安装bridge-util
Ubuntu 22.04安装K8S集群刘明同学呀 ubuntu kubernetes java
以下是Ubuntu22.04安装Kubernetes集群的步骤概要一、设置主机名与hosts解析#Master节点执行sudohostnamectlset-hostname"k8smaster"#Worker节点执行sudohostnamectlset-hostname"k8sworker1"#所有节点的/etc/hosts中添加：cat>>/etc/hosts/dev/nullsudoaptin
Cilium系列-16-CiliumNetworkPolicy 实战演练
系列文章Cilium系列文章前言今天我们进入Cilium安全相关主题,基于Cilium官方的《星球大战》Demo做详细的CiliumNetworkPolicy实战演练。场景您是帝国(Empire)的平台工程团队的一员，负责开发死星(DeathStar)API并将其部署到帝国银河Kubernetes服务(ImperialGalacticKubernetesService,IGKS)。你已经部署了这项
Ubuntu22.04 安装kubernetes V1.28 叱咤少帅（少帅） Kubernetes K8S
背景eks用的v1.28需要安装一致的环境部署服务器初始化root@cfc:~#systemctlstopufwroot@cfc:~#systemctldisable--nowufwSynchronizingstateofufw.servicewithSysVservicescriptwith/lib/systemd/systemd-sysv-install.Executing:/lib/syst
Kubernetes控制平面组件：APIServer 基于 Webhook Toeken令牌的认证机制详解 grahamzhu 云原生学习专栏 kubernetes apiserver 企业认证系统 webhook令牌 token TokenReview 系统集成
云原生学习路线导航页（持续更新中）kubernetes学习系列快捷链接Kubernetes架构原则和对象设计（一）Kubernetes架构原则和对象设计（二）Kubernetes架构原则和对象设计（三）Kubernetes控制平面组件：etcd（一）Kubernetes控制平面组件：etcd（二）Kubernetes控制平面组件：etcd常用配置参数Kubernetes控制平面组件：etcd高可用
2025asp.net全栈技术开发学习路线图 mabanbang asp.net core开发 asp.net 全栈技术
2025年技术亮点‌：Blazor已全面支持WebAssembly2.0标准.NET8+版本原生集成AI模型部署能力AzureKubernetes服务实现智能自动扩缩容EFCore新增向量数据库支持特性‌ASP.NET全栈开发关键技术说明（2025年视角）‌以下技术分类基于现代企业级应用开发需求：‌前端生态‌‌Blazor‌是微软基于WebAssembly的前端框架，允许开发者直接使用C#替代Ja
Kubernetes 中服务注册机制解析：自动化与灵活性的背后简单简单小白 kubernetes 自动化容器
目录1.引言：Kubernetes中的服务注册与发现2.Kubernetes中的服务注册与发现2.1KubernetesService3.服务注册流程3.1Pod与Service的关联3.2自动注册3.3DNS解析与服务发现4.例子：Kubernetes服务注册与发现流程5.总结1.引言：Kubernetes中的服务注册与发现在微服务架构中，服务注册和发现是构建分布式应用的关键组件。传统上，开发者
使用Java和Kubernetes实现自动化部署与扩展微赚淘客系统开发者@聚娃科技 java kubernetes 自动化
使用Java和Kubernetes实现自动化部署与扩展大家好，我是微赚淘客系统3.0的小编，是个冬天不穿秋裤，天冷也要风度的程序猿！今天我们来探讨如何使用Java和Kubernetes实现自动化部署与扩展。Kubernetes是一个开源的容器编排引擎，旨在自动化应用的部署、扩展和管理。结合Java应用，我们可以轻松实现持续交付和自动化运维。1.准备工作在开始之前，请确保已经安装并配置好了以下工具：
Maven 与 Kubernetes 部署：构建和部署到 Kubernetes 环境中 drebander Maven maven kubernetes java
在现代的DevOps实践中，Kubernetes被广泛用于容器化应用的自动化部署、扩展和管理。而Maven是Java项目中常用的构建工具，通常用于依赖管理、构建、打包等任务。在许多项目中，Maven和Kubernetes可以结合起来，完成容器化构建和自动化部署。本文将详细介绍如何使用Maven构建Docker镜像，并将其部署到Kubernetes环境中。1.Maven与Kubernetes部署概述
零入门kubernetes网络实战-2-＞网络协议栈包括哪些？码二哥码二哥的技术专栏零入门容器云网络 kubernetes 云原生 flannel calico
《零入门kubernetes网络实战》视频专栏地址https://www.ixigua.com/7193641905282875942本篇文章主要用于收集、整理、总结网络协议栈的相关知识点。1、网络协议栈包括哪些？应用层（http，ftp，tftp，telnet，dns，email等），传输层（tcp，udp），网络层（ip），链路层（wi-fi，以太网，令牌环，fddi等），物理层（mac）。可
Kubernetes-环境篇-01-mac开发环境搭建一叶知秋@qqy 云原生笔录 kubernetes 容器云原生
1、brew安装参考知乎文章：https://zhuanlan.zhihu.com/p/111014448苹果电脑常规安装脚本（推荐完全体几分钟安装完成）/bin/zsh-c"$(curl-fsSLhttps://gitee.com/cunkai/HomebrewCN/raw/master/Homebrew.sh)"苹果电脑极速安装脚本（精简版几秒钟安装完成）/bin/zsh-c"$(curl-f
安装Kubernetes集群-Centos系统写的花里胡哨 Linux部署 kubernetes centos 容器
文章参考网址:安装Kubernetes集群-K8S教程准备工作一、每个节点分别设置对应主机名hostnamectlset-hostnamemasterhostnamectlset-hostnamenode1hostnamectlset-hostnamenode2二、所有节点都添加hostsvi/etc/hosts172.16.0.4master172.16.32.2node1172.16.32.6
蓝耘科技上线 DS 满血版，500万tokens免费送！ Lethehong 热点时事科技语言模型人工智能架构服务器
嗨，我是Lethehong！立志在坚不欲说，成功在久不在速欢迎关注：点赞⬆️留言收藏欢迎使用：小智初学计算机网页AI蓝耘元生代智算云架构蓝耘元生代智算云平台是一个现代化的、基于Kubernetes的云平台，专为大规模GPU加速工作负载而构建。蓝耘旨在为工程师和创新者提供无与伦比的计算解决方案，其速度可比传统云服务提供商快35倍，成本降低30%。目录蓝耘科技上线DS满血版，500万tokens免费送
Kubernetes 中 Pod 的状态及其背后的场景分析简单简单小白 kubernetes 容器云原生
《Kubernetes中Pod的状态及其背后的场景分析》1.引言：Pod状态的重要性在Kubernetes中，Pod是最小的部署单元，通常用于部署容器化应用。Pod的生命周期非常动态，它会经历多个不同的状态，每个状态的变化都代表着Pod在集群中的不同阶段。理解这些状态以及它们出现的场景，对于运维和调试容器化应用至关重要。本文将详细介绍Kubernetes中Pod可能的状态及其解释，帮助你更好地理解
阿里云 ACS：高效、弹性、低成本的容器计算解决方案 Anna_Tong 阿里云云计算人工智能 devops 容器 serverless kubernetes
阿里云的容器计算服务（AlibabaCloudContainerService,ACS）是一种Serverless容器计算解决方案，提供高度弹性、低成本、易管理的Kubernetes（K8s）容器运行环境。用户无需关注底层服务器资源，而是直接管理容器工作负载，从而提升运维效率和资源利用率。1.主要应用场景ACS适用于多种业务类型，尤其是在弹性计算和微服务架构领域，具有独特优势。(1)在线业务和We
k8s的资源说明 cpu 内存 requests usage limits 节点。csn linux kubernetes 容器云原生
一、k8s资源配置在Kubernetes中，有三个非常重要的资源概念，分别是资源请求（Requests）、资源使用率（Usage）和资源限制（Limits）1、资源请求Requests资源请求是Pod启动时向Kubernetes调度器声明的最低资源需求。调度器会根据这些请求值来决定是否将Pod调度到某个节点上。作用资源预留：确保Pod启动时有足够的资源可用。调度决策：调度器会检查节点的可用资源是否
linux CentOS系统上卸载Kubernetes（k8s）魏无羡 linux centos kubernetes
一、停止Kubernetes服务首先，需要停止所有Kubernetes相关的服务。使用systemctl命令来停止这些服务：sudosystemctlstopkubeletsudosystemctlstopkube-apiserversudosystemctlstopkube-controller-managersudosystemctlstopkube-schedulersudosystemct
jQuery 跨域访问的三种方式 No 'Access-Control-Allow-Origin' header is present on the reque qiaolevip 每天进步一点点学习永无止境跨域众观千象
XMLHttpRequest cannot load http://v.xxx.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63342' is therefore not allowed access. test.html:1
mysql 分区查询优化 annan211 java 分区优化 mysql
分区查询优化引入分区可以给查询带来一定的优势，但同时也会引入一些bug. 分区最大的优点就是优化器可以根据分区函数来过滤掉一些分区，通过分区过滤可以让查询扫描更少的数据。所以，对于访问分区表来说，很重要的一点是要在where 条件中带入分区，让优化器过滤掉无需访问的分区。可以通过查看explain执行计划，是否携带 partitions
MYSQL存储过程中使用游标 chicony Mysql存储过程
DELIMITER $$ DROP PROCEDURE IF EXISTS getUserInfo $$ CREATE PROCEDURE getUserInfo(in date_day datetime)-- -- 实例-- 存储过程名为：getUserInfo-- 参数为：date_day日期格式:2008-03-08-- BEGINdecla
mysql 和 sqlite 区别 Array_06 sqlite
转载： http://www.cnblogs.com/ygm900/p/3460663.html mysql 和 sqlite 区别 SQLITE是单机数据库。功能简约，小型化，追求最大磁盘效率 MYSQL是完善的服务器数据库。功能全面，综合化，追求最大并发效率 MYSQL、Sybase、Oracle等这些都是试用于服务器数据量大功能多需要安装，例如网站访问量比较大的。而sq
pinyin4j使用 oloz pinyin4j
首先需要pinyin4j的jar包支持；jar包已上传至附件内方法一:把汉字转换为拼音；例如：编程转换后则为biancheng /** * 将汉字转换为全拼 * @param src 你的需要转换的汉字 * @param isUPPERCASE 是否转换为大写的拼音； true:转换为大写；fal
微博发送私信随意而生微博
在前面文章中说了如和获取登陆时候所需要的cookie，现在只要拿到最后登陆所需要的cookie，然后抓包分析一下微博私信发送界面 http://weibo.com/message/history?uid=****&name=**** 可以发现其发送提交的Post请求和其中的数据，让后用程序模拟发送POST请求中的数据，带着cookie发送到私信的接入口，就可以实现发私信的功能了。
jsp 香水浓 jsp
JSP初始化容器载入JSP文件后，它会在为请求提供任何服务前调用jspInit()方法。如果您需要执行自定义的JSP初始化任务，复写jspInit()方法就行了 JSP执行这一阶段描述了JSP生命周期中一切与请求相关的交互行为，直到被销毁。当JSP网页完成初始化后
在 Windows 上安装 SVN Subversion 服务端 AdyZhang SVN
在 Windows 上安装 SVN Subversion 服务端2009-09-16高宏伟哈尔滨市道里区通达街291号最佳阅读效果请访问原地址：http://blog.donews.com/dukejoe/archive/2009/09/16/1560917.aspx 现在的Subversion已经足够稳定，而且已经进入了它的黄金时段。我们看到大量的项目都在使
android开发中如何使用 alertDialog从listView中删除数据？ aijuans android
我现在使用listView展示了很多的配置信息，我现在想在点击其中一条的时候填出 alertDialog,点击确认后就删除该条数据，（ ArrayAdapter ，ArrayList，listView 全部删除），我知道在下面的onItemLongClick 方法中参数 arg2 是选中的序号，但是我不知道如何继续处理下去 1 2 3
jdk-6u26-linux-x64.bin 安装 baalwolf linux
1.上传安装文件(jdk-6u26-linux-x64.bin) 2.修改权限 [root@localhost ~]# ls -l /usr/local/jdk-6u26-linux-x64.bin 3.执行安装文件 [root@localhost ~]# cd /usr/local [root@localhost local]# ./jdk-6u26-linux-x64.bin&nbs
MongoDB经典面试题集锦 BigBird2012 mongodb
1.什么是NoSQL数据库？NoSQL和RDBMS有什么区别？在哪些情况下使用和不使用NoSQL数据库？ NoSQL是非关系型数据库，NoSQL = Not Only SQL。关系型数据库采用的结构化的数据，NoSQL采用的是键值对的方式存储数据。在处理非结构化/半结构化的大数据时；在水平方向上进行扩展时；随时应对动态增加的数据项时可以优先考虑使用NoSQL数据库。在考虑数据库的成熟
JavaScript异步编程Promise模式的6个特性 bijian1013 JavaScript Promise
Promise是一个非常有价值的构造器，能够帮助你避免使用镶套匿名方法，而使用更具有可读性的方式组装异步代码。这里我们将介绍6个最简单的特性。在我们开始正式介绍之前，我们想看看Javascript Promise的样子： var p = new Promise(function(r
[Zookeeper学习笔记之八]Zookeeper源代码分析之Zookeeper.ZKWatchManager bit1129 zookeeper
ClientWatchManager接口 //接口的唯一方法materialize用于确定那些Watcher需要被通知 //确定Watcher需要三方面的因素1.事件状态 2.事件类型 3.znode的path public interface ClientWatchManager { /** * Return a set of watchers that should
【Scala十五】Scala核心九：隐式转换之二 bit1129 scala
隐式转换存在的必要性，在Java Swing中，按钮点击事件的处理，转换为Scala的的写法如下： val button = new JButton button.addActionListener( new ActionListener { def actionPerformed(event: ActionEvent) {
Android JSON数据的解析与封装小Demo ronin47
转自：http://www.open-open.com/lib/view/open1420529336406.html package com.example.jsondemo; import org.json.JSONArray; import org.json.JSONException; import org.json.JSONObject; impor
[设计]字体创意设计方法谈 brotherlamp UI ui自学 ui视频 ui教程 ui资料
从古至今，文字在我们的生活中是必不可少的事物，我们不能想象没有文字的世界将会是怎样。在平面设计中，UI设计师在文字上所花的心思和功夫最多，因为文字能直观地表达UI设计师所的意念。在文字上的创造设计，直接反映出平面作品的主题。如设计一幅戴尔笔记本电脑的广告海报，假设海报上没有出现“戴尔”两个文字，即使放上所有戴尔笔记本电脑的图片都不能让人们得知这些电脑是什么品牌。只要写上“戴尔笔
单调队列-用一个长度为k的窗在整数数列上移动，求窗里面所包含的数的最大值 bylijinnan java 算法面试题
import java.util.LinkedList; /* 单调队列滑动窗口单调队列是这样的一个队列：队列里面的元素是有序的，是递增或者递减题目：给定一个长度为N的整数数列a(i),i=0,1,...,N-1和窗长度k. 要求：f(i) = max{a(i-k+1),a(i-k+2),..., a(i)},i = 0,1,...,N-1 问题的另一种描述就
struts2处理一个form多个submit chiangfai struts2
web应用中，为完成不同工作，一个jsp的form标签可能有多个submit。如下代码： <s:form action="submit" method="post" namespace="/my"> <s:textfield name="msg" label="叙述：">
shell查找上个月，陷阱及野路子 chenchao051 shell
date -d "-1 month" +%F 以上这段代码，假如在2012/10/31执行，结果并不会出现你预计的9月份，而是会出现八月份，原因是10月份有31天，9月份30天，所以-1 month在10月份看来要减去31天，所以直接到了8月31日这天，这不靠谱。野路子解决：假设当天日期大于15号
mysql导出数据中文乱码问题 daizj mysql 中文乱码导数据
解决mysql导入导出数据乱码问题方法：１、进入mysql，通过如下命令查看数据库编码方式： mysql> show variables like 'character_set_%'; +--------------------------+----------------------------------------+ | Variable_name&nbs
SAE部署Smarty出现：Uncaught exception 'SmartyException' with message 'unable to write dcj3sjt126com PHP smarty sae
对于SAE出现的问题：Uncaught exception 'SmartyException' with message 'unable to write file...。官方给出了详细的FAQ：http://sae.sina.com.cn/?m=faqs&catId=11#show_213 解决方案为： 01 $path
《教父》系列台词 dcj3sjt126com
Your love is also your weak point. 你的所爱同时也是你的弱点。 If anything in this life is certain, if history has taught us anything, it is that you can kill anyone. 不顾家的人永远不可能成为一个真正的男人。 &
mongodb安装与使用 dyy_gusi mongo
一.MongoDB安装和启动,widndows和linux基本相同 1.下载数据库, linux:mongodb-linux-x86_64-ubuntu1404-3.0.3.tgz 2.解压文件,并且放置到合适的位置 tar -vxf mongodb-linux-x86_64-ubun
Git排除目录 geeksun git
在Git的版本控制中，可能有些文件是不需要加入控制的，那我们在提交代码时就需要忽略这些文件，下面讲讲应该怎么给Git配置一些忽略规则。有三种方法可以忽略掉这些文件，这三种方法都能达到目的，只不过适用情景不一样。 1. 针对单一工程排除文件这种方式会让这个工程的所有修改者在克隆代码的同时，也能克隆到过滤规则，而不用自己再写一份，这就能保证所有修改者应用的都是同一
Ubuntu 创建开机自启动脚本的方法 hongtoushizi ubuntu
转载自： http://rongjih.blog.163.com/blog/static/33574461201111504843245/ Ubuntu 创建开机自启动脚本的步骤如下： 1) 将你的启动脚本复制到 /etc/init.d目录下以下假设你的脚本文件名为 test。 2) 设置脚本文件的权限 $ sudo chmod 755
第八章流量复制/AB测试/协程 jinnianshilongnian nginx lua coroutine
流量复制在实际开发中经常涉及到项目的升级，而该升级不能简单的上线就完事了，需要验证该升级是否兼容老的上线，因此可能需要并行运行两个项目一段时间进行数据比对和校验，待没问题后再进行上线。这其实就需要进行流量复制，把流量复制到其他服务器上，一种方式是使用如tcpcopy引流；另外我们还可以使用nginx的HttpLuaModule模块中的ngx.location.capture_multi进行并发
电商系统商品表设计 lkl
DROP TABLE IF EXISTS `category`; -- 类目表 /*!40101 SET @saved_cs_client = @@character_set_client */; /*!40101 SET character_set_client = utf8 */; CREATE TABLE `category` ( `id` int(11) NOT NUL
修改phpMyAdmin导入SQL文件的大小限制 pda158 sql mysql
　用phpMyAdmin导入mysql数据库时，我的10M的数据库不能导入，提示mysql数据库最大只能导入2M。　　 phpMyAdmin数据库导入出错：　　You probably tried to upload too large file. Please refer to documentation for ways to workaround this limit.
Tomcat性能调优方案 Sobfist apache jvm tomcat 应用服务器
一、操作系统调优对于操作系统优化来说，是尽可能的增大可使用的内存容量、提高CPU的频率，保证文件系统的读写速率等。经过压力测试验证，在并发连接很多的情况下，CPU的处理能力越强，系统运行速度越快。。【适用场景】任何项目。二、Java虚拟机调优应该选择SUN的JVM，在满足项目需要的前提下，尽量选用版本较高的JVM，一般来说高版本产品在速度和效率上比低版本会有改进。 J
SQLServer学习笔记 vipbooks 数据结构 xml
1、create database school 创建数据库school 2、drop database school 删除数据库school 3、use school 连接到school数据库，使其成为当前数据库 4、create table class(classID int primary key identity not null) 创建一个名为class的表，其有一