diff --git a/controllers/placementapi_controller.go b/controllers/placementapi_controller.go index 0ef672d4..a249c9f5 100644 --- a/controllers/placementapi_controller.go +++ b/controllers/placementapi_controller.go @@ -431,7 +431,9 @@ func (r *PlacementAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request apiEndpoints, result, err := r.ensureServiceExposed(ctx, h, instance) - if err != nil { + if (err != nil || result != ctrl.Result{}) { + // We can ignore RequeueAfter as we are watching the Service resource + // but we have to return while waiting for the service to be exposed return ctrl.Result{}, err } @@ -441,10 +443,10 @@ func (r *PlacementAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request } result, err = r.ensureKeystoneEndpoint(ctx, h, instance, apiEndpoints) - if err != nil { + if (err != nil || result != ctrl.Result{}) { + // We can ignore RequeueAfter as we are watching the KeystoneEndpoint resource return ctrl.Result{}, err } - result, err = r.ensureDbSync(ctx, instance, h, serviceAnnotations) if (err != nil || result != ctrl.Result{}) { return result, err @@ -482,6 +484,7 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( } apiEndpoints := make(map[string]string) + serviceLabels := getServiceLabels(instance) for endpointType, data := range placementEndpoints { endpointTypeStr := string(endpointType) endpointName := placement.ServiceName + "-" + endpointTypeStr @@ -492,7 +495,7 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( } exportLabels := util.MergeStringMaps( - getServiceLabels(instance), + serviceLabels, map[string]string{ service.AnnotationEndpointKey: endpointTypeStr, }, @@ -504,7 +507,7 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( Name: endpointName, Namespace: instance.Namespace, Labels: exportLabels, - Selector: getServiceLabels(instance), + Selector: serviceLabels, Port: service.GenericServicePort{ Name: endpointName, Port: data.Port, @@ -522,7 +525,7 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( condition.ExposeServiceReadyErrorMessage, err.Error())) - return nil, ctrl.Result{}, err + return apiEndpoints, ctrl.Result{}, err } svc.AddAnnotation(map[string]string{ @@ -554,14 +557,14 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( condition.ExposeServiceReadyErrorMessage, err.Error())) - return nil, ctrlResult, err + return apiEndpoints, ctrlResult, err } else if (ctrlResult != ctrl.Result{}) { instance.Status.Conditions.Set(condition.FalseCondition( condition.ExposeServiceReadyCondition, condition.RequestedReason, condition.SeverityInfo, condition.ExposeServiceReadyRunningMessage)) - return nil, ctrlResult, nil + return apiEndpoints, ctrlResult, nil } // create service - end @@ -574,7 +577,7 @@ func (r *PlacementAPIReconciler) ensureServiceExposed( apiEndpoints[string(endpointType)], err = svc.GetAPIEndpoint( svcOverride.EndpointURL, data.Protocol, data.Path) if err != nil { - return nil, ctrl.Result{}, err + return apiEndpoints, ctrl.Result{}, err } } diff --git a/pkg/placement/volumes.go b/pkg/placement/volumes.go index fc1d7d73..578186ca 100644 --- a/pkg/placement/volumes.go +++ b/pkg/placement/volumes.go @@ -28,11 +28,9 @@ func getVolumes(name string) []corev1.Volume { { Name: "scripts", VolumeSource: corev1.VolumeSource{ - ConfigMap: &corev1.ConfigMapVolumeSource{ + Secret: &corev1.SecretVolumeSource{ DefaultMode: &scriptsVolumeDefaultMode, - LocalObjectReference: corev1.LocalObjectReference{ - Name: name + "-scripts", - }, + SecretName: name + "-scripts", }, }, }, @@ -70,7 +68,7 @@ func getVolumeMounts(serviceName string) []corev1.VolumeMount { }, { Name: "config-data", - MountPath: "/var/lib/config-data/", + MountPath: "/var/lib/config-data/merged", ReadOnly: false, }, { diff --git a/templates/placementapi/config/placement-api-config.json b/templates/placementapi/config/placement-api-config.json index 36a2fefd..d9bfe9b7 100644 --- a/templates/placementapi/config/placement-api-config.json +++ b/templates/placementapi/config/placement-api-config.json @@ -2,25 +2,25 @@ "command": "/usr/sbin/httpd -DFOREGROUND", "config_files": [ { - "source": "/var/lib/config-data/placement.conf", + "source": "/var/lib/config-data/merged/placement.conf", "dest": "/etc/placement/placement.conf", "owner": "placement", "perm": "0600" }, { - "source": "/var/lib/config-data/httpd.conf", + "source": "/var/lib/config-data/merged/httpd.conf", "dest": "/etc/httpd/conf/httpd.conf", "owner": "apache", "perm": "0644" }, { - "source": "/var/lib/config-data/custom.conf", + "source": "/var/lib/config-data/merged/custom.conf", "dest": "/etc/placement/placement.conf.d/custom.conf", "owner": "placement", "perm": "0600" }, { - "source": "/var/lib/config-data/ssl.conf", + "source": "/var/lib/config-data/merged/ssl.conf", "dest": "/etc/httpd/conf.d/ssl.conf", "owner": "apache", "perm": "0644" diff --git a/templates/placementapi/config/placement-dbsync-config.json b/templates/placementapi/config/placement-dbsync-config.json index dea1ae00..4a7ea0d6 100644 --- a/templates/placementapi/config/placement-dbsync-config.json +++ b/templates/placementapi/config/placement-dbsync-config.json @@ -2,13 +2,13 @@ "command": "placement-manage db sync", "config_files": [ { - "source": "/var/lib/config-data/placement.conf", + "source": "/var/lib/config-data/merged/placement.conf", "dest": "/etc/placement/placement.conf", "owner": "placement", "perm": "0600" }, { - "source": "/var/lib/config-data/custom.conf", + "source": "/var/lib/config-data/merged/custom.conf", "dest": "/etc/placement/placement.conf.d/custom.conf", "owner": "placement", "perm": "0600" diff --git a/tests/kuttl/common/assert_sample_deployment.yaml b/tests/kuttl/common/assert_sample_deployment.yaml index a4fd5dc1..5824c140 100644 --- a/tests/kuttl/common/assert_sample_deployment.yaml +++ b/tests/kuttl/common/assert_sample_deployment.yaml @@ -142,14 +142,14 @@ spec: - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - - mountPath: /var/lib/config-data/ + - mountPath: /var/log/placement + name: logs + - mountPath: /var/lib/config-data/merged name: config-data - mountPath: /var/lib/kolla/config_files/config.json name: config-data readOnly: true subPath: placement-api-config.json - - mountPath: /var/log/placement - name: logs - args: - -c - /usr/local/bin/kolla_start diff --git a/tests/kuttl/common/errors_cleanup_placement.yaml b/tests/kuttl/common/errors_cleanup_placement.yaml index 1a854f53..7679e247 100644 --- a/tests/kuttl/common/errors_cleanup_placement.yaml +++ b/tests/kuttl/common/errors_cleanup_placement.yaml @@ -18,6 +18,15 @@ kind: Deployment metadata: name: placement --- +# the openshift annotations can't be checked through the deployment above +apiVersion: v1 +kind: Pod +metadata: + annotations: + openshift.io/scc: anyuid + labels: + service: placement +--- apiVersion: v1 kind: Service metadata: @@ -62,6 +71,18 @@ spec: --- apiVersion: v1 kind: Secret +metadata: + labels: + placement.openstack.org/name: placement + name: placement-scripts + ownerReferences: + - blockOwnerDeletion: true + controller: true + kind: PlacementAPI + name: placement +--- +apiVersion: v1 +kind: Secret metadata: labels: placement.openstack.org/name: placement diff --git a/tests/kuttl/tests/placement_deploy_tls/03-assert.yaml b/tests/kuttl/tests/placement_deploy_tls/03-assert.yaml index e1787c5d..9c9b9b3f 100644 --- a/tests/kuttl/tests/placement_deploy_tls/03-assert.yaml +++ b/tests/kuttl/tests/placement_deploy_tls/03-assert.yaml @@ -149,14 +149,14 @@ spec: - mountPath: /usr/local/bin/container-scripts name: scripts readOnly: true - - mountPath: /var/lib/config-data + - mountPath: /var/log/placement + name: logs + - mountPath: /var/lib/config-data/merged name: config-data - mountPath: /var/lib/kolla/config_files/config.json name: config-data readOnly: true subPath: placement-api-config.json - - mountPath: /var/log/placement - name: logs - mountPath: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem name: combined-ca-bundle readOnly: true