Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Support template parameters in configmap/secret customData
Template parameter expansion has only been supported in template
files themselves, and not in any other sources supplied in the
customData. This patch extends support for expanding parameters
in all customData strings.
The intent is to support template parameters in customServiceConfig
data. A common use case is when a service's config parameter needs
to be set to a value that can be templated, e.g. the service's
own password.
Consider the glance service when it's configured to use cinder
for a backend. The final configuration needs to specify the
'cinder_store_password', which currently requires two things.
1. The cloud admin will need to create a secret containing the
setting, and reference it in the customServiceConfigSecrets.
2. The cloud admin will need to track down the actual value
(i.e. glance's password) in order to put it in the secret.
An alternative approach would allow the cloud admin to use a
template parameter, whereby glance's CR could reference the
password like this:
glance:
template:
customServiceConfig: |
[cinder_backend]
cinder_store_password = {{ .ServicePassword }}
The only restriction is the service's controller must support the
parameter, meaning it must include it in its templateParameters.
If any error occurs when expanding a customData string, an INFO
message logged and the original string is retained (no expansion).
For example, if a CR references a parameter that isn't supported,
the log message will state:
Skipped customData expansion due to: template: tmp:x:y: \
executing "tmp" at <.BadParam>: map has no entry for key "BadParam"- Loading branch information
