Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Rebasing openstack-helm repo
Changes from below commits are been added as part of rebase Cinder: allow Ceph RBD pool params to be tuned This PS exposes the Ceph RBD pool params to the cinder chart, allowing them to be tuned. Change-Id: I615e999928948193b24cc4978efb31bd1b36f8f7 Armada check: Enable storage for OSH-infra services This enables storage for the osh-infra services running in the armada job Change-Id: Ic0f11a9d161529c6fb58474e856032745b07a032 remove trailing ws Change-Id: Ida8e4a5d072f8dff635dfffd4336d697ab1d4753 Add ldap support This patch set adds python ldap support to keystone. Change-Id: I420612555d92f6fb932f2f210cc36f3f7f5afc97 Signed-off-by: Tin Lam <tin@irrational.io> Reduce the number of workers spawned by services This PS reduces the number of processes spawned by services, as with Kubernetes load distribution can be better managed by a larger number of single threaded pods (up to a certain point) and doing so also provides both increased avilibility, leading to smoother rolling updates. In addtion when running single replicas resource consuption is reduced. Change-Id: Ifb7494a0804913d843a072e10d26c6ec53c3bd16 DB-Drop-Jobs: consolidate to helm-toolkit This PS consolidates the DB-Drop Job to helm-toolkit. Change-Id: Ia2b035d730bf612086a9fd9b5d14aba494f56dc7 Add trustee domain This patch set allows for searching the trustee user in a specified domain rather than just the "default" domain. Change-Id: I53ee6816e02c25e577244015fe5aea0870e0fd32 Signed-off-by: Tin Lam <tin@irrational.io> Add Makefile This patchset adds a Makefile for each component under tools/images Change-Id: I84d8bda0313e921f0921dfef10d14469ed26ff5c Ingress controller service: consolidate to helm-toolkit This PS consolidates the Ingress controller service, that is used to resolve internal requests to public endpoints correctly, to helm-toolkit. Change-Id: If7c7deca1b8289a32709f7dc7c936883469aadfe Cinder: Fix sudoers reference in configmap The cinder_sudoers entry in the cinder configmap-etc was consuming the neutron_sudoers entry in the values.yaml. This corrects it to point at cinder_sudoers instead Change-Id: I214912b3ed4185a201f4f94e82eaa50d6d321018 Cinder: Fix default uid for cinder user with loci images This PS corrects the UID for the cinder user used with loci images in the cinder chart. Change-Id: I1001711928fb47e77f01c8e83f88ec317a46498e glance-api: add dependency on message bus without this the api starts up in a non-working state, the bootstrap job then runs and give is images which are stuck queued Change-Id: Ie3e03620618b1c46882c05b3a5ef8745c78af6a3 Neutron: SR-IOV support This PS adds SR-IOV Support to OSH. Change-Id: Ia744c6d7c4a45be7728bba3213b50f1246b897db Cinder: add qemu profile to cinder images This PS adds the qemu profile to cinder images Change-Id: I91f457471b0b9ae7d83a29ff6521ee319eea44f7 Add LDAP-backed domain gate This patch set adds a nv-gating with an OpenLDAP server with some sample data loaded for development or testing use using a bootstrap job. This patch set also adds confirming authentication works using domain- specific configuration for keystone. Consolidated change from: https://review.openstack.org/#/c/552976/ Co-Authored-By: Gage Hugo <gagehugo@gmail.com> Change-Id: I1aeccffc018d0fcefc8e2b15a4ac6b83cb2be8b6 Signed-off-by: Tin Lam <tin@irrational.io> Nova: Fix sudoers location in nova-etc configmap The nova_sudoers entry in the nova configmap-etc was consuming the neutron_sudoers entry in the values.yaml. This corrects it to point at nova_sudoers instead Change-Id: I621c817c579cc1c31fa51b1a0f49a43a652784a2 neutron: allow creation of ovs bridges with no ports it's valid to create a bridge and not add ports; this restores that ability Change-Id: I46881fe3ee48a56a796abe8cf2036eba9e4064e1 Use pod dependencies in nova chart Changes nova chart to depend on neutron pod labels instead of daemonsets in order to prepare for utilizing daemonset overrides in neutron chart, Utilizes a new feature of kubernetes-entrypoint, pod dependencies, added to kubernetes-entrypoint in v0.3.0. Change-Id: Ic79ddc1b7f477195c5b3dfd630df4d78d7589030 Use pod dependencies in neutron chart Changes neutron chart to depend on pod labels instead of daemonsets. Change-Id: Ieaa2f2863864229a4f6587c3e66fa661b9b7ef81 Add tls support for ldap This patch set adds TLS support for keystone LDAP. External-tracking: OSH#555 Change-Id: Ice32a31a712b8534a5d1a8f90a8a203710bdb9a9 Signed-off-by: Tin Lam <tin@irrational.io> Barbican: Include missing image build This PS adds the misisng image build commands for the barbican image. Change-Id: I72085d20a098005bf79074f0f3297658de69f54c Libvirt: Update ubuntu package version This PS updates the libvirt package version. Change-Id: I3d5f0cfc25412c1dcc4c70d5f060bc9a1541e68a Polish TLS patch set This patch set performs non-critical polish fix to [0]. [0] https://review.openstack.org/#/c/552171/ Change-Id: I5bbb64d5af65782665fd659886e55e25bac61452 Signed-off-by: Tin Lam <tin@irrational.io> Document usage of pod dependencies Replace references to daemonset dependencies with pod dependencies in docs. Change-Id: I252089006929d7e218ebfc4f98d49c4650143a7e Use v0.3.0 of kubernetes-entrypoint This version is already being used by some charts, so this brings the rest of the charts in line and allows them to use a new feature, pod dependencies, that this version provides. Change-Id: Ie8289eb09b31cd8f98c2c5b4dd5bbe469078e6d8 Document node and label specific configurations This PS adds documentation for node and label specific configurations. Change-Id: I2bb02bfa028a61b2d8a9206eaff305590664946f Ingress: support arbitary hostnames. This PS allows arbitary hostnames to be used for public endpoints, provided the resolve externally to the ingress controllers. Change-Id: I44411687f756968d00178d487af66c2393e6bde0 Revert "Changed MariaDB version to 10.2.13" This reverts commit 81bf5f3 back to MariaDB 10.1.23 which we know works with clustering enabled (pod.replicas.server > 1). Change-Id: Ibf70dbab78f03d32e1ec96e99ac8db59d23cb96e Horizon enable v3 keystone support. This PS enables v3 kesytone support in horizon. Change-Id: If176617d37efc19925c2dc5a65d992086442fd70 Neutron: agent host targetting This PS adds the ablity to target different configs to different hosts for the nutron agents, in the same manner as nova-compute. Change-Id: Iebd87e30014d6cac2127c7e1a14259b10d74fbf8 Detect and enable hugepage support for QEMU Change-Id: I3284c0f8f8946a36a63871dc57e287fbe7260490 MariaDB: Update to 10.2.13; patching wsrep_sst_xtrabackup-v2 Recent versions of MariaDB (10.1.31, 10.2.13) have a regression that breaks clustering. See MariaDB/server#457 and MariaDB/server@4e6dab9 for an in depth explanation. We need 10.2.13+ for Barbican to function correctly (see bug #1734329) but we also need the fix above to support MariaDB clustering. This work-around can be removed later on when MariaDB 10.2.x releases contain the needed script fix. Thanks to Sam Yample <sam@yaple.net> for helping track this down. Change-Id: Ifd09d7effe7d382074ca9e6678df36bdd4bce0af gate: fix ceph on centos Change-Id: Id006bc4c81cfb4b3d72168f1da4ff1220c758e34 Neutron: SR-IOV agent template fix This PS fixes the template rendered in the neutron SR-IOV agent manifest. Change-Id: Ib221213c8df94613a2dcf12e2615442db0684794 Nova: Update endpoint path to 2.1 This PS updates the Nova endpoint to use v2.1, which makes tempest happy. Change-Id: I1fbda225820cdc3b40be27198cc44caa15fac156 MariaDB: use multiple replicas in multinode gates Change-Id: Ibea3f0270bed830c8b13eafc5f196f30601c13c3 fix typos in documentation Change-Id: Idb156b0141e177041de5c79b2118d682808d45aa Neutron: Move all config to be directly values driven. This PS moves all the config files to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: Ifcbc19b17aa1d145f12ed1aed8b15a69ca045bb7 Ceph: Increase period between livenessProbe checks This PS udpates the frequency and initial delay on the mons livenessProbe, to allow time for the cluster to restart if mons get into a crashloop backoff following power outage. Change-Id: Iea74c4d52882a157a84f4f12bc411f2014869f99 Gate: disable ubuntu multinode voting gate. This PS disables the multinode ubuntu gate from voting, which has been failing due to -infra issues - and severly hampering development work as a result. Change-Id: I411ebe20ba19c52475b559952712faf742343673 Cinder: Move all config to be directly values driven. This PS moves all the config files to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: I286af7434aab6de941f9700a7fbf70c6dd0ee4cb Horizon: Move all config to be directly values driven. This PS moves all the config files to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: I7e16585c9ef49275327d19a48f00bad192dc4923 Update heat bootstrap scripts This patch set adds in two roles for heat: heat_stack_owner and heat_stack_user as outlined in the Newton [0] and Ocata [1], as well as assigning roles. [0] https://docs.openstack.org/project-install-guide/orchestration/newton/install-ubuntu.html [1] https://docs.openstack.org/project-install-guide/orchestration/ocata/install-ubuntu.html Change-Id: I8510ae114448cc1985c11e9b337b9697a379a920 Signed-off-by: Tin Lam <tin@irrational.io> Co-Authored-By: Pete Birley <pete@port.direct> Ingress: Give arbitary fqdns a different name from namespaced rules This PS gives ingress rules attached to the cluster wide ingress controller the suffix -fqdn to allow them to be used. Change-Id: I7de85e349fb609b8380070030579b9b4767e72d1 Fix indent on Postgres pod resources - Properly align the `resources` key in the Postgres server pod spec. Change-Id: Ia17cdabd38291c1365aab7aca71dd59ee9a32b4f fix the vms turn transient after libvirt pod restarts After libvirt pod restarts, the virtual machines created before turn transient ,then opetrate these vms ,nova-compute will throw exception. This is because that the directory /etc/libivrt/qemu in pod contains vitual machines xml files and it is temporary, the xmls files disappear after the pod restarts, so we mount it to hostpath /etc/libvirt/qemu. Change-Id: I48fd712c2b0565cb2cfe850482e8501f4e5022a4 Closed-bug: 1760003 Gate: Update heat templates and enable cinder in ceph dev pipeline This PS updates the heat templates, reducing the size of the launched vm. In addition cinder is enabled in the ceph dev pipeline, this is possible due to the resources no longer consumed by the test vm. Change-Id: I9efe6fe643c636b660dd54b60dfe7c8785d7fec2 Add gate for rbd storage backend. This PS allows to test rbd storage backend when apply glance. Currently, only radosgw is verified after ceph distribution. Change-Id: Ia3c2c915a2e9a65b09123b8e1c47892069c9ae1b Blueprint: add-rbd-gate Ceph: Update images and references This PS udpdates the Ceph charts images and references. Change-Id: I52b6577cdad58a21848f7eb31abb66ebdc47d81e Ceph: Move all config to be directly values driven. This PS moves all the keyring templates to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: I7752cbfdeef85f71a1a084437556de062cbb5680 Helm-Toolkit: Reduce delta between OSH and OSH-Infra This PS reduces the delta between OSH and OSH-Infra helm toolkits. Change-Id: I5026b0238555513f8415a864adf4e91e81e3fbd8 Helm-Toolkit: Reduce delta between OSH and OSH-Infra to image repo This PS reduces the delta between OSH and OSH-Infra helm toolkits to simply the image repo management functions. Change-Id: I62a169cff39a96f98ec2b5664d483db26c771e4c Rally: remove unused config template This PS removes an unused config template in the rally chart, and also cleans up some whitespace issues. Change-Id: Iaf6168e377aaf9a2b895af8c8a76b5cb420bb5e8 Rally: Move all heat templates to be directly values driven. This PS moves all the heat templates to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: Iebe382bd7945abe9bfbb30c4cf48c53f17fcb1f4 Glance: Move all config to be directly values driven. This PS moves all the config files to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: Ida5d9e312cc18cb50f5805a59f9fc4fef1a98658 Gnocchi: move to use templater for apache config This PS moves gnocchi to use the templater function for its apache config. Change-Id: I9b179db066867f00b8cd8cdbf92d37ea2dc8836d Ironic: Move all config to be directly values driven. This PS moves all the config files to be directly values driven, both simplifying over-ride and allowing configs to be targeted to pods in future work. Change-Id: I177ddfe8c932733aeacb0fdb9b3e60ef75881c6a Fix document ref link A link referencing software verion is broken (404). This patch set updates the link the correct ansible var yaml file. Change-Id: I9383ad2bee1fa4671606a9ce19fa3965adcc2c52 Signed-off-by: Tin Lam <tin@irrational.io> Ceph: Make mon deployment compatible with k8s >= 1.10 This PS updates the ceph chart to work with newer versions of K8s which always mounts configmaps as read-only. Change-Id: If96dec4af385ed1ce210f2d4f63e09c89ec82c76 Ceph: Mgr: force key creation on each restart This PS forces keyring creation on each start of the mgr container. It resolves an issue found following k8s outage, where sometimes the key is not created correctly the 1st time the container starts. Change-Id: I7e642ca49883ac823196730362b796cd52cd841c RabbitMQ: only request 256Mi for PVC by default Change-Id: I94a30b16390a035fe6df3fd0f4a95b6ea000d8fe Move openstack-helm-multinode-(centos|fedora) to experimental pipeline To help conserve resources move the centos / fedora multinode jobs into the experimental pipeline. The will mean we are no longer using 10 nodes on every patchset. These jobs have been non-voting for 3+ months, and will help reduce the number of nodes needed by the helm project. The jobs can still be run using 'check experimental' but now on demand. And once they have been properly fixed can be moved back into check / gate pipelines. Change-Id: I6f5c6362749b7beb3e9f0ccff2b75d6b99d809d8 Signed-off-by: Paul Belanger <pabelanger@redhat.com> Storage: increase robustness of storage clean jobs This PS increases the robustness of storage cleaning jobs by precreating the service accounts and roles for the pod to consume, and removes the potential for race conditions by removing the delete hook. Change-Id: I1f3c35fe2bd2a4325430e8025951349526f683af Add robust ldap domain-specific config This patch set provides PATCH capability for ldap-backed domain config, and prevents silent failure if the configuration contains erroneous setting. This also moves from loading .conf files into DB directly, and uses the API endpoints. Change-Id: I17a19046fa96e0f3e8fb029c156ba79c924a0097 Signed-off-by: Tin Lam <tin@irrational.io> osh-gate: Move to use roles from openstack-helm-infra This moves to consume the roles from openstack-helm-infra in the openstack-helm gates Depends-On: https://review.openstack.org/559836 Change-Id: I3ed721333b899f8dde812f1843a9fcb074c63121 ldap: merge yaml for dependencies Change-Id: I539a8dfa6903a60ccc013ee82dd4d3be4e3ff0df senlin: yaml indentation fixes Change-Id: I79c97747fa8494813ff27a471fac2be2b4b6ad5f mistral: yaml indentation fixes Change-Id: I93d1701cfc629dabc07550c0fbe0a754b77e7bcc Add validation to domain logic This patch set addresses the comments left in [0] by fixing the header information in the python template file and adding logic to query the domain specific logic. [0]https://review.openstack.org/#/c/559191/ Change-Id: I656d7ac8158f9b40246ac739e4dc4fc88e1e43da Signed-off-by: Tin Lam <tin@irrational.io> openvswitch: use pidfile option Make appctl to search pidfile for exit command as pid 1 is not always the target process in some cases. For example, pid 1 is "pause" when pid namespace sharing is enabled in your k8s cluster. Change-Id: I90e202245a9522fe53bea7e1f047061a0a280834 memcached: yaml indentation fixes Change-Id: Ib10c7f03d24cb39feb7f3eb7e35a21b0257b478c keystone: yaml indentation fixes Change-Id: Ic402d57f2b0a0a625164a294760476725faea3aa nova: yaml indentation fixes Change-Id: I45b6c691ce9ea4bb1cd4607efcf71a2dc068be3c glance: yaml indentation fixes Change-Id: Icf7366d44dbe8b6cba96a5ba781cd76a55278b18 cinder: yaml indentation fixes Change-Id: Ia59b2822dbe40ab7431987b2dc55e00067275f86 heat: yaml indentation fixes Change-Id: Ia514170edf2498abaedcf07872ea7e383e847f89 neutron: yaml indentation fixes Change-Id: I579091fa21fcd0429bdc13df6cb2dfbeb8ae4a8e Nova: NoVNCProxy Ingress This PS adds ingress rules and config for nova's novncproxy. Change-Id: Ibc89e67c8ee6c93d8ee3e798dec10e976c002cab magnum: yaml indentation fixes Change-Id: Ia504ee55f3b44250725043b240b9465e22491ded RabbitMQ: recover from full cluster restart This PS updates the RabbitMQ chart to name nodes via their hostnames rather than IPs - allowing the cluster (and single nodes) to be restarted without impact. Additionally the rabbitmq managment interface is exposed and basic helm tests have been added. Change-Id: I84857d9f3697eaa8491aafaf6ee3b9d47dbf2191 zuul: yaml indent/cleanup Change-Id: I915c40eb0d62949eaa7041ff1fe62e3a681763df Fixes/Updates OSH Developer and Multinode install guide This PS fixes few typos and adds DNS entry update section to notify user. Closes-Bug: #1765459 Change-Id: I59f5c90aaa06a5996c3ddb7a7b1bd3c4adfe0eb7
- Loading branch information