Kubernetes and Common Setup

Clone the OpenStack-Helm Repos

Once the host has been configured the repos containing the OpenStack-Helm charts should be cloned:

set -xe

git clone https://opendev.org/openstack/openstack-helm-infra.git
git clone https://opendev.org/openstack/openstack-helm.git


This installation, by default will use Google DNS servers, or and updates resolv.conf. These DNS nameserver entries can be changed by updating file openstack-helm-infra/tools/images/kubeadm-aio/assets/opt/playbooks/vars.yaml under section external_dns_nameservers.

Deploy Kubernetes & Helm

You may now deploy kubernetes, and helm onto your machine, first move into the openstack-helm directory and then run the following:

set -xe

: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
make dev-deploy setup-host
make dev-deploy k8s

Alternatively, this step can be performed by running the script directly:


This command will deploy a single node KubeADM administered cluster. This will use the parameters in ${OSH_INFRA_PATH}/playbooks/vars.yaml to control the deployment, which can be over-ridden by adding entries to ${OSH_INFRA_PATH}/tools/gate/devel/local-vars.yaml.

Helm Chart Installation

Using the Helm packages previously pushed to the local Helm repository, run the following commands to instruct tiller to create an instance of the given chart. During installation, the helm client will print useful information about resources created, the state of the Helm releases, and whether any additional configuration steps are necessary.

Install OpenStack-Helm


The following commands all assume that they are run from the openstack-helm directory and the repos have been cloned as above.

Setup Clients on the host and assemble the charts

The OpenStack clients and Kubernetes RBAC rules, along with assembly of the charts can be performed by running the following commands:

set -xe

sudo -H -E pip install "cmd2<=0.8.7"
sudo -H -E pip install \
-c${UPPER_CONSTRAINTS_FILE:=https://releases.openstack.org/constraints/upper/master} \
python-openstackclient python-heatclient --ignore-installed

sudo -H mkdir -p /etc/openstack
sudo -H chown -R $(id -un): /etc/openstack
tee /etc/openstack/clouds.yaml << EOF
    region_name: RegionOne
    identity_api_version: 3
      username: 'admin'
      password: 'password'
      project_name: 'admin'
      project_domain_name: 'default'
      user_domain_name: 'default'
      auth_url: 'http://keystone.openstack.svc.cluster.local/v3'

#NOTE: Build charts
make all

Alternatively, this step can be performed by running the script directly:


Deploy the ingress controller

set -xe

#NOTE: Get the over-rides to use
export HELM_CHART_ROOT_PATH="${HELM_CHART_ROOT_PATH:="${OSH_INFRA_PATH:="../openstack-helm-infra"}"}"
: ${OSH_EXTRA_HELM_ARGS_INGRESS:="$(./tools/deployment/common/get-values-overrides.sh ingress)"}

#NOTE: Lint and package chart
make -C ${HELM_CHART_ROOT_PATH} ingress

#NOTE: Deploy command
tee /tmp/ingress-kube-system.yaml << EOF
  mode: cluster
  type: DaemonSet
  host_namespace: true

touch /tmp/ingress-component.yaml

if [ -n "${OSH_DEPLOY_MULTINODE}" ]; then
  tee --append /tmp/ingress-kube-system.yaml << EOF
    error_page: 2

  tee /tmp/ingress-component.yaml << EOF
    ingress: 2
    error_page: 2

helm upgrade --install ingress-kube-system ${HELM_CHART_ROOT_PATH}/ingress \
  --namespace=kube-system \
  --values=/tmp/ingress-kube-system.yaml \

#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh kube-system

#NOTE: Display info
helm status ingress-kube-system

#NOTE: Deploy namespace ingress
helm upgrade --install ingress-openstack ${HELM_CHART_ROOT_PATH}/ingress \
  --namespace=openstack \
  --values=/tmp/ingress-component.yaml \

#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh openstack

#NOTE: Display info
helm status ingress-openstack

helm upgrade --install ingress-ceph ${HELM_CHART_ROOT_PATH}/ingress \
  --namespace=ceph \
  --values=/tmp/ingress-component.yaml \

#NOTE: Wait for deploy
./tools/deployment/common/wait-for-pods.sh ceph

#NOTE: Display info
helm status ingress-ceph

Alternatively, this step can be performed by running the script directly: