1 编写helm charts
2 charts语法检查
执行命令:
helm lint <chart_name>
注意:
请将<chart_name> 替换为自己的chart名称
样例如下:
helm lint gnocchi
输出结果:
==> Linting gnocchi
[INFO] Chart.yaml: icon is recommended
1 chart(s) linted, no failures
3 charts调试命令
执行命令:
helm install --dry-run --debug <chart_name> --namespace <namespace_name>
注意:
请将 <chart_name> 替换为自己的chart名称
请将 <namespace_name> 替换为自己的chart所在的命名空间
样例如下:
helm install --dry-run --debug gnocchi --namespace openstack
如果发生错误,或者输出结果和自己预想的不一样,就继续调试charts,知道输出结果和
预期结果一致。
输出结果示例如下:
[root@node-1 ark]# helm install --dry-run --debug gnocchi -n openstack
[debug] Created tunnel using local port: '38104'
[debug] SERVER: "127.0.0.1:38104"
[debug] Original chart version: ""
[debug] CHART PATH: /root/ark/gnocchi
NAME: openstack
REVISION: 1
RELEASED: Sat Jan 26 09:30:07 2019
CHART: gnocchi-5.0.1
USER-SUPPLIED VALUES:
{}
COMPUTED VALUES:
conf:
ceph:
admin_keyring: null
append: null
monitors: []
override: null
gnocchi:
DEFAULT:
debug: false
api:
auth_mode: keystone
max_limit: 100000
port: 8041
archive_policy:
default_aggregation_methods: mean,min,max
database:
max_retries: -1
incoming:
driver: redis
redis_url: null
indexer:
driver: mysql
keystone_authtoken:
auth_type: password
auth_version: v3
memcache_secret_key: secret
memcache_security_strategy: ENCRYPT
metricd:
workers: 16
statsd:
port: 8125
project_id: 0712a464-ad34-4780-a1e8-c8f1d71b57a9
resource_id: 6ad0aea2-5f16-4621-b7ee-69e391acb6ea
user_id: 47408a08-d20e-40bc-a3a3-9582942ed3a2
storage:
ceph_conffile: /etc/ceph/ceph.conf
ceph_keyring: /etc/ceph/ceph.client.admin.keyring
ceph_pool: metrics
ceph_username: admin
driver: ceph
provided_keyring: null
token:
provider: uuid
paste:
app:gnocchiv1:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.V1Controller
app:gnocchiversions:
paste.app_factory: gnocchi.rest.app:app_factory
root: gnocchi.rest.VersionsController
composite:gnocchi+auth:
/: gnocchiversions
/v1: gnocchiv1+auth
use: egg:Paste#urlmap
composite:gnocchi+noauth:
/: gnocchiversions
/v1: gnocchiv1+noauth
use: egg:Paste#urlmap
filter:keystone_authtoken:
oslo_config_project: gnocchi
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
pipeline:gnocchiv1+auth:
pipeline: keystone_authtoken gnocchiv1
pipeline:gnocchiv1+noauth:
pipeline: gnocchiv1
pipeline:main:
pipeline: gnocchi+auth
policy:
admin_or_creator: role:admin or project_id:%(created_by_project_id)s
create archive policy: role:admin
create archive policy rule: role:admin
create metric: ""
create resource: ""
create resource type: role:admin
delete archive policy: role:admin
delete archive policy rule: role:admin
delete metric: rule:admin_or_creator
delete resource: rule:admin_or_creator
delete resource type: role:admin
delete resources: rule:admin_or_creator
get archive policy: ""
get archive policy rule: ""
get measures: rule:admin_or_creator or rule:metric_owner
get metric: rule:admin_or_creator or rule:metric_owner
get resource: rule:admin_or_creator or rule:resource_owner
get resource type: ""
get status: role:admin
list all metric: role:admin
list archive policy: ""
list archive policy rule: ""
list metric: ""
list resource: rule:admin_or_creator or rule:resource_owner
list resource type: ""
metric_owner: project_id:%(resource.project_id)s
post measures: rule:admin_or_creator
resource_owner: project_id:%(project_id)s
search metric: rule:admin_or_creator or rule:metric_owner
search resource: rule:admin_or_creator or rule:resource_owner
update archive policy: role:admin
update resource: rule:admin_or_creator
update resource type: role:admin
rally_tests:
run_tempest: true
tests: null
dependencies:
api:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-endpoints
- gnocchi-ks-service
- gnocchi-ks-user
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
- endpoint: internal
service: redis
db_init:
services:
- endpoint: internal
service: oslo_db
db_init_keystone:
services:
- endpoint: internal
service: oslo_db
db_sync:
jobs:
- gnocchi-db-init-keystone
- gnocchi-db-init-indexer
services:
- endpoint: internal
service: oslo_db
ks_endpoints:
jobs:
- gnocchi-ks-service
services:
- endpoint: internal
service: identity
ks_service:
services:
- endpoint: internal
service: identity
ks_user:
services:
- endpoint: internal
service: identity
metricd:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-user
- gnocchi-ks-service
- gnocchi-ks-endpoints
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
- endpoint: internal
service: redis
statsd:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
- gnocchi-ks-user
- gnocchi-ks-service
- gnocchi-ks-endpoints
services:
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
- endpoint: internal
service: redis
storage_init:
services: null
tests:
jobs:
- gnocchi-storage-init
- gnocchi-db-sync
services:
- endpoint: internal
service: identity
- endpoint: internal
service: oslo_db
- endpoint: internal
service: metric
endpoints:
cluster_domain_suffix: cluster.local
identity:
auth:
admin:
domain_name: Default
os_auth_type: password
os_tenant_name: service
password: password
project_domain_name: Default
project_name: service
region_name: RegionOne
user_domain_name: Default
username: drone
user:
domain_name: Default
os_auth_type: password
os_tenant_name: service
password: password
project_domain_name: Default
project_name: service
region_name: RegionOne
role: admin
user_domain_name: Default
username: gnocchi
host_fqdn_override:
default: null
hosts:
default: keystone-api
public: keystone
name: keystone
path:
default: /v3
port:
admin:
default: 35357
api:
default: 80
scheme:
default: http
metric:
host_fqdn_override:
default: null
hosts:
default: gnocchi-api
public: gnocchi
name: gnocchi
path:
default: null
port:
api:
default: 8041
public: 80
scheme:
default: http
oslo_cache:
host_fqdn_override:
default: null
hosts:
default: memcache
port:
memcache:
default: 11211
oslo_db:
auth:
admin:
password: password
username: root
user:
password: password
username: gnocchi
host_fqdn_override:
default: null
hosts:
default: mariadb
path: /gnocchi
port:
mysql:
default: 3306
scheme: mysql+pymysql
redis:
host_fqdn_override:
default: null
hosts:
default: redis
public: redis
name: redis
path:
default: null
port:
api:
default: 6379
public: 80
scheme:
default: redis
helm-toolkit:
endpoints:
fqdn: null
global:
region: cluster
tld: local
images:
job_pull_policy: Always
pull_policy: IfNotPresent
tags:
api: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
api_job: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_init_indexer: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_init_keystone: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
db_sync: hub.easystack.io/production/escloud-linux-source-gnocchi-api:latest
dep_check: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
ks_endpoints: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
ks_service: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
ks_user: hub.easystack.io/production/escloud-linux-source-heat-engine:latest
metricd: hub.easystack.io/production/escloud-linux-source-gnocchi-metricd:5.0.1
statsd: hub.easystack.io/production/escloud-linux-source-gnocchi-statsd:5.0.1
storage_init: hub.easystack.io/production/escloud-linux-ceph-daemon:latest
test: hub.easystack.io/production/escloud-linux-source-rally:5.0.1
labels:
node_selector_key: openstack-control-plane
node_selector_value: enabled
manifests:
configmap_bin: true
configmap_etc: true
daemonset_metricd: true
daemonset_statsd: true
deployment_api: true
ingress_api: true
job_db_init_indexer: true
job_db_init_keystone: true
job_db_sync: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
job_storage_init: true
pdb_api: true
pod_gnocchi_test: true
secret_db: true
secret_keystone: true
service_api: true
service_ingress_api: true
service_statsd: true
network:
api:
external_policy_local: false
ingress:
public: true
node_port:
enabled: false
port: 8041
statsd:
node_port:
enabled: false
port: 8125
pod:
affinity:
anti:
topologyKey:
default: kubernetes.io/hostname
type:
default: requiredDuringSchedulingIgnoredDuringExecution
lifecycle:
disruption_budget:
api:
min_available: 0
termination_grace_period:
api:
timeout: 30
upgrades:
daemonsets:
metricd:
enabled: true
max_unavailable: 1
min_ready_seconds: 0
pod_replacement_strategy: RollingUpdate
statsd:
enabled: true
max_unavailable: 1
min_ready_seconds: 0
deployments:
pod_replacement_strategy: RollingUpdate
revision_history: 3
rolling_update:
max_surge: 3
max_unavailable: 1
mounts:
gnocchi_api:
gnocchi_api: null
init_container: null
gnocchi_metricd:
gnocchi_metricd: null
init_container: null
gnocchi_statsd:
gnocchi_statsd: null
init_container: null
gnocchi_tests:
gnocchi_tests: null
init_container: null
replicas:
api: 3
resources:
api:
enabled: true
limits:
cpu: 4000m
memory: 4096Mi
requests:
cpu: 100m
memory: 124Mi
enabled: false
metricd:
limits:
cpu: 4000m
memory: 4096Mi
requests:
cpu: 100m
memory: 124Mi
statsd:
limits:
cpu: 2000m
memory: 1024Mi
requests:
cpu: 100m
memory: 124Mi
user:
gnocchi:
uid: 42416
secrets:
identity:
admin: gnocchi-keystone-admin
user: gnocchi-keystone-user
oslo_db:
admin: gnocchi-db-admin
user: gnocchi-db-user
rally:
private_key: test
test_user: devops
rbd: gnocchi-rbd-keyring
HOOKS:
---
# openstack-rally-test
apiVersion: v1
kind: Pod
metadata:
name: "openstack-rally-test"
annotations:
"helm.sh/hook": test-success
spec:
restartPolicy: Never
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api,default:mariadb,default:gnocchi-api"
- name: DEPENDENCY_JOBS
value: "gnocchi-storage-init,gnocchi-db-sync"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: openstack-helm-tests
image: hub.easystack.io/production/escloud-linux-source-rally:5.0.1
imagePullPolicy: IfNotPresent
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_PROJECT_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_DOMAIN_NAME
- name: OS_PROJECT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PROJECT_NAME
- name: OS_USER_DOMAIN_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USER_DOMAIN_NAME
- name: OS_USERNAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_USERNAME
- name: OS_PASSWORD
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_PASSWORD
- name: OS_AUTH_TYPE
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_TYPE
- name: OS_TENANT_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_TENANT_NAME
- name: RALLY_ENV_NAME
value: openstack
- name: PLUGIN_PROJECT
value: openstack
- name: RALLY_PRIVATE_KEY
value: |
test
- name: TEST_USER
value: devops
command:
- /tmp/rally-test.sh
volumeMounts:
- name: gnocchi-etc
mountPath: /etc/gnocchi/gnocchi.conf
subPath: gnocchi.conf
readOnly: true
- name: ceph-etc
mountPath: /etc/ceph/ceph.conf
subPath: ceph.conf
readOnly: true
- name: gnocchi-bin
mountPath: /tmp/rally-test.sh
subPath: rally-test.sh
readOnly: true
- name: rally-db
mountPath: /var/lib/rally
volumes:
- name: gnocchi-etc
configMap:
name: gnocchi-etc
defaultMode: 0444
- name: gnocchi-bin
configMap:
name: gnocchi-bin
defaultMode: 0555
- name: ceph-etc
configMap:
name: ceph-etc
- name: ceph-keyring
secret:
secretName: pvc-ceph-client-key
- name: etcceph
emptyDir: {}
- name: rally-db
emptyDir: {}
---
# openstack-rally-test
apiVersion: v1
kind: Pod
metadata:
name: "openstack-rally-test"
annotations:
"helm.sh/hook": test-success
spec:
restartPolicy: Never
initContainers:
- name: init
image: hub.easystack.io/production/kubernetes-entrypoint:v0.2.1
imagePullPolicy: IfNotPresent
env:
- name: POD_NAME
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.name
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
- name: INTERFACE_NAME
value: eth0
- name: DEPENDENCY_SERVICE
value: "default:keystone-api,default:mariadb,default:gnocchi-api"
- name: DEPENDENCY_JOBS
value: "gnocchi-storage-init,gnocchi-db-sync"
- name: DEPENDENCY_DAEMONSET
value: ""
- name: DEPENDENCY_CONTAINER
value: ""
- name: COMMAND
value: "echo done"
command:
- kubernetes-entrypoint
volumeMounts: []
- name: ceph-keyring-placement
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
command:
- /tmp/ceph-keyring.sh
volumeMounts:
- name: etcceph
mountPath: /etc/ceph
- name: gnocchi-bin
mountPath: /tmp/ceph-keyring.sh
subPath: ceph-keyring.sh
readOnly: true
- name: ceph-keyring
mountPath: /tmp/client-keyring
subPath: key
readOnly: true
containers:
- name: openstack-helm-tests
image: hub.easystack.io/production/escloud-linux-source-gnocchi-api:5.0.1
imagePullPolicy: IfNotPresent
env:
- name: OS_IDENTITY_API_VERSION
value: "3"
- name: OS_AUTH_URL
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_AUTH_URL
- name: OS_REGION_NAME
valueFrom:
secretKeyRef:
name: gnocchi-keystone-admin
key: OS_REGION_NAME
- name: OS_PROJECT_DOMAIN_NAME