Add provisioning job for Netbox
This is adding a script in a configmap along with a job that will
play the script.
This is also adding a readiness check to the netbox-app pod, so
that the job can be executed once the pod is ready.
Adding provisioning of:
- user
- region
- tenant group
- tenant
- site
- prefixes for vFW use case
Change-Id: I3bf00eb81ff4330b38e83b2f67cb17d4866e3990
Issue-ID: CCSDK-460
Signed-off-by: Alexis de Talhouët <adetalhouet89@gmail.com>
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml
index ed57fef..984c328 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/initializers/users.yml
@@ -1,6 +1,9 @@
-# technical_user:
-# api_token: 0123456789technicaluser789abcdef01234567 # must be looooong!
-# reader:
-# password: reader
-# writer:
-# password: writer
+onap:
+ first_name: Steve
+ last_name: McQueen
+ email: steve.mcqueen@onap.org
+ password: onap123$
+ api_token: onceuponatimeiplayedwithnetbox20180814
+ is_staff: true # whether user is admin or not, default = false
+ is_active: true # whether user is active, default = true
+ is_superuser: true # Whether user has all edit rights or not, default = false
\ No newline at end of file
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh
new file mode 100755
index 0000000..25717ce
--- /dev/null
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/provisioning/provision.sh
@@ -0,0 +1,104 @@
+#!/bin/bash
+
+# Create region
+
+echo "Create region: RegionOne"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/regions/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "name": "RegionOne",
+ "slug": "RegionOne"
+}'
+
+# Create tenant group
+
+echo "Create tenant group: ONAP group"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenant-groups/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "name": "ONAP group",
+ "slug": "onap-group"
+}'
+
+# Create tenant
+
+echo "Create tenant ONAP in ONAP group"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/tenancy/tenants/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "name": "ONAP",
+ "slug": "onap",
+ "group": 1,
+ "description": "ONAP tenant",
+ "comments": "Tenant for ONAP demo use cases"
+}'
+
+# Create site
+
+echo "Create ONAP demo site: Montreal Lab"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/dcim/sites/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "name": "Montreal Lab D3",
+ "slug": "mtl-lab-d3",
+ "region": 1,
+ "tenant": 1,
+ "facility": "Campus",
+ "time_zone": "Canada/Atlantic",
+ "description": "Site hosting the ONAP use cases",
+ "physical_address": "1 Graham Bell",
+ "shipping_address": "1 Graham Bell",
+ "contact_name": "Alexis",
+ "contact_phone": "0000000000",
+ "contact_email": "adetalhouet89@gmail.com",
+ "comments": "ONAP lab"
+}'
+
+# Create prefixes
+
+echo "Create Prefix for vFW protected network"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "prefix": "192.168.20.0/24",
+ "site": 1,
+ "tenant": 1,
+ "is_pool": true,
+ "description": "IP Pool for protected network - vFW use case"
+}'
+
+echo "Create Prefix for vFW unprotected network"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "prefix": "192.168.10.0/24",
+ "site": 1,
+ "tenant": 1,
+ "is_pool": true,
+ "description": "IP Pool for unprotected network - vFW use case"
+}'
+
+echo "Create Prefix for ONAP general purpose network"
+curl --silent -X POST \
+ http://{{ .Values.service.name }}:{{ .Values.service.internalPort }}/api/ipam/prefixes/ \
+ -H 'Authorization: Token onceuponatimeiplayedwithnetbox20180814' \
+ -H 'Content-Type: application/json' \
+ -d '{
+ "prefix": "10.0.0.0/8",
+ "site": 1,
+ "tenant": 1,
+ "is_pool": true,
+ "description": "IP Pool for ONAP - general purpose"
+}'
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py
index 1db0ebe..7626058 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/resources/config/startup_scripts/00_users.py
@@ -12,9 +12,15 @@
if not User.objects.filter(username=username):
user = User.objects.create_user(
username = username,
- password = user_details.get('password', 0) or User.objects.make_random_password)
+ password = user_details.get('password', 0) or User.objects.make_random_password,
+ is_staff = user_details.get('is_staff', 0) or false,
+ is_superuser = user_details.get('is_superuser', 0) or false,
+ is_active = user_details.get('is_active', 0) or true,
+ first_name = user_details.get('first_name', 0),
+ last_name = user_details.get('last_name', 0),
+ email = user_details.get('email', 0))
print("👤 Created user ",username)
if user_details.get('api_token', 0):
- Token.objects.create(user=user, key=user_details['api_token'])
+ Token.objects.create(user=user, key=user_details['api_token'])
\ No newline at end of file
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml
index 388d224..f785478 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/configmap.yaml
@@ -17,6 +17,14 @@
apiVersion: v1
kind: ConfigMap
metadata:
+ name: {{ include "common.fullname" . }}-provisioning-configmap
+ namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/provisioning/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
name: {{ include "common.fullname" . }}-configuration-configmap
namespace: {{ include "common.namespace" . }}
data:
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml
index f321456..3d4932b 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/deployment.yaml
@@ -38,6 +38,22 @@
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.service.internalPort }}
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{ if .Values.liveness.enabled }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end }}
+ readinessProbe:
+ httpGet:
+ path: /api/dcim/regions/
+ port: {{ .Values.service.internalPort }}
+ scheme: HTTP
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: DB_PASSWORD
valueFrom:
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml
new file mode 100644
index 0000000..89504af
--- /dev/null
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/templates/job.yaml
@@ -0,0 +1,65 @@
+# Copyright © 2018 Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.fullname" . }}-provisioning
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}-job
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+spec:
+ backoffLimit: 5
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}-provisioning-job
+ release: {{ .Release.Name }}
+ spec:
+ restartPolicy: Never
+ initContainers:
+ - name: {{ include "common.name" . }}-init-readiness
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /root/ready.py
+ args:
+ - --container-name
+ - netbox-app
+ env:
+ - name: NAMESPACE
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: metadata.namespace
+ containers:
+ - name: {{ include "common.name" . }}-provisioning-job
+ image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-provisioning
+ mountPath: /tmp
+ command:
+ - /bin/bash
+ - ./tmp/provision.sh
+ volumes:
+ - name: {{ include "common.fullname" . }}-provisioning
+ configMap:
+ name: {{ include "common.fullname" . }}-provisioning-configmap
+ defaultMode: 0755
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
+ restartPolicy: Never
diff --git a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml
index 527105b..9d5060d 100755
--- a/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml
+++ b/kubernetes/contrib/charts/netbox/charts/netbox-app/values.yaml
@@ -40,10 +40,23 @@
napalmTimeout: 10
maxPageSize: 0
superuserName: admin
- superuserEmail: admin@example.com
+ superuserEmail: admin@onap.org
repository: docker.io
image: ninech/netbox:v2.3.5
+
+# probe configuration parameters
+liveness:
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: false
+
+readiness:
+ initialDelaySeconds: 30
+ periodSeconds: 10
+
service:
type: ClusterIP
name: netbox-app
diff --git a/kubernetes/contrib/charts/netbox/values.yaml b/kubernetes/contrib/charts/netbox/values.yaml
index 4e6ac1a..6665064 100755
--- a/kubernetes/contrib/charts/netbox/values.yaml
+++ b/kubernetes/contrib/charts/netbox/values.yaml
@@ -18,6 +18,8 @@
global:
nodePortPrefix: 302
commonConfigPrefix: netbox
+ readinessRepository: oomk8s
+ readinessImage: readiness-check:2.0.0
#################################################################
# Application configuration defaults.