From 0c2d6fb07e947781c96a5d68a6481aee739926fa Mon Sep 17 00:00:00 2001 From: Alexis de Talhouët Date: Tue, 14 Aug 2018 16:33:43 -0400 Subject: Add provisioning job for Netbox MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is adding a script in a configmap along with a job that will play the script. This is also adding a readiness check to the netbox-app pod, so that the job can be executed once the pod is ready. Adding provisioning of: - user - region - tenant group - tenant - site - prefixes for vFW use case Change-Id: I3bf00eb81ff4330b38e83b2f67cb17d4866e3990 Issue-ID: CCSDK-460 Signed-off-by: Alexis de Talhouët --- .../resources/config/initializers/users.yml | 15 +-- .../resources/config/provisioning/provision.sh | 104 +++++++++++++++++++++ .../resources/config/startup_scripts/00_users.py | 10 +- .../charts/netbox-app/templates/configmap.yaml | 8 ++ .../charts/netbox-app/templates/deployment.yaml | 16 ++++ .../netbox/charts/netbox-app/templates/job.yaml | 65 +++++++++++++ .../charts/netbox/charts/netbox-app/values.yaml | 15 ++- kubernetes/contrib/charts/netbox/values.yaml | 2 + 8 files changed, 226 insertions(+), 9 deletions(-) create mode 100755 kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh create mode 100644 kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml (limited to 'kubernetes') diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml index ed57fef868..984c328c16 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml @@ -1,6 +1,9 @@ -# technical_user: -# api_token: 0123456789technicaluser789abcdef01234567 # must be looooong! -# reader: -# password: reader -# writer: -# password: writer +onap: + first_name: Steve + last_name: McQueen + email: steve.mcqueen@onap.org + password: onap123$ + api_token: onceuponatimeiplayedwithnetbox20180814 + is_staff: true # whether user is admin or not, default = false + is_active: true # whether user is active, default = true + is_superuser: true # Whether user has all edit rights or not, default = false \ No newline at end of file diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh new file mode 100755 index 0000000000..25717cedd8 --- /dev/null +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh @@ -0,0 +1,104 @@ +#!/bin/bash + +# Create region + +echo "Create region: RegionOne" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "RegionOne", + "slug": "RegionOne" +}' + +# Create tenant group + +echo "Create tenant group: ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP group", + "slug": "onap-group" +}' + +# Create tenant + +echo "Create tenant ONAP in ONAP group" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "ONAP", + "slug": "onap", + "group": 1, + "description": "ONAP tenant", + "comments": "Tenant for ONAP demo use cases" +}' + +# Create site + +echo "Create ONAP demo site: Montreal Lab" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "name": "Montreal Lab D3", + "slug": "mtl-lab-d3", + "region": 1, + "tenant": 1, + "facility": "Campus", + "time_zone": "Canada/Atlantic", + "description": "Site hosting the ONAP use cases", + "physical_address": "1 Graham Bell", + "shipping_address": "1 Graham Bell", + "contact_name": "Alexis", + "contact_phone": "0000000000", + "contact_email": "adetalhouet89@gmail.com", + "comments": "ONAP lab" +}' + +# Create prefixes + +echo "Create Prefix for vFW protected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "192.168.20.0/24", + "site": 1, + "tenant": 1, + "is_pool": true, + "description": "IP Pool for protected network - vFW use case" +}' + +echo "Create Prefix for vFW unprotected network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "192.168.10.0/24", + "site": 1, + "tenant": 1, + "is_pool": true, + "description": "IP Pool for unprotected network - vFW use case" +}' + +echo "Create Prefix for ONAP general purpose network" +curl --silent -X POST \ + http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \ + -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \ + -H 'Content-Type: application/json' \ + -d '{ + "prefix": "10.0.0.0/8", + "site": 1, + "tenant": 1, + "is_pool": true, + "description": "IP Pool for ONAP - general purpose" +}' diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py index 1db0ebe89e..7626058357 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py @@ -12,9 +12,15 @@ with open('/opt/netbox/initializers/users.yml', 'r') as stream: if not User.objects.filter(username=username): user = User.objects.create_user( username = username, - password = user_details.get('password', 0) or User.objects.make_random_password) + password = user_details.get('password', 0) or User.objects.make_random_password, + is_staff = user_details.get('is_staff', 0) or false, + is_superuser = user_details.get('is_superuser', 0) or false, + is_active = user_details.get('is_active', 0) or true, + first_name = user_details.get('first_name', 0), + last_name = user_details.get('last_name', 0), + email = user_details.get('email', 0)) print("👤 Created user ",username) if user_details.get('api_token', 0): - Token.objects.create(user=user, key=user_details['api_token']) + Token.objects.create(user=user, key=user_details['api_token']) \ No newline at end of file diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml index 388d224569..f785478e1b 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml @@ -14,6 +14,14 @@ # limitations under the License. */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-provisioning-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/provisioning/*").AsConfig . | indent 2 }} +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml index f321456ac0..3d4932b6cd 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml @@ -38,6 +38,22 @@ spec: imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{ if .Values.liveness.enabled }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + httpGet: + path: /api/dcim/regions/ + port: {{ .Values.service.internalPort }} + scheme: HTTP + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} env: - name: DB_PASSWORD valueFrom: diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml new file mode 100644 index 0000000000..89504afdc7 --- /dev/null +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml @@ -0,0 +1,65 @@ +# Copyright © 2018 Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-provisioning + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 5 + template: + metadata: + labels: + app: {{ include "common.name" . }}-provisioning-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - netbox-app + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }}-provisioning-job + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + volumeMounts: + - name: {{ include "common.fullname" . }}-provisioning + mountPath: /tmp + command: + - /bin/bash + - ./tmp/provision.sh + volumes: + - name: {{ include "common.fullname" . }}-provisioning + configMap: + name: {{ include "common.fullname" . }}-provisioning-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml index 527105bc99..9d5060de03 100755 --- a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml +++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml @@ -40,10 +40,23 @@ config: napalmTimeout: 10 maxPageSize: 0 superuserName: admin - superuserEmail: admin@example.com + superuserEmail: admin@onap.org repository: docker.io image: ninech/netbox:v2.3.5 + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + service: type: ClusterIP name: netbox-app diff --git a/kubernetes/contrib/charts/netbox/values.yaml b/kubernetes/contrib/charts/netbox/values.yaml index 4e6ac1a070..6665064383 100755 --- a/kubernetes/contrib/charts/netbox/values.yaml +++ b/kubernetes/contrib/charts/netbox/values.yaml @@ -18,6 +18,8 @@ global: nodePortPrefix: 302 commonConfigPrefix: netbox + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 ################################################################# # Application configuration defaults. -- cgit 1.2.3-korg