Skip to content
This repository has been archived by the owner on Aug 25, 2021. It is now read-only.

Openshift support #600

Merged
merged 3 commits into from Oct 5, 2020
Merged

Openshift support #600

merged 3 commits into from Oct 5, 2020

Conversation

ishustava
Copy link
Member

@ishustava ishustava commented Sep 8, 2020
edited

Changes proposed in this PR

Helm chart values and template changes

  • Add a new Helm value global.openshift.enabled
  • Add a SecurityContextConstraint for the consul clients when global.openshift.enabled is set to true
  • Don't set fsGroup for the servers when global.openshift.enabled is set to true
  • Remove server.disableFsGroupSecurityContext value and fail in the chart if someone tries to set it
  • Increase memory limits and requests from 25Mi to 50Mi for all jobs and service-init containers in the terminating and ingress gateway deployments. This was mostly determined by running the tests. There are other containers that still have the 25Mi memory request and limit, however those containers were not causing failures on OpenShift.

Acceptance tests changes

  • Add a new flag -enable-openshift to the framework which will set global.openshift.enabled to true for all helm installs/upgrades.
  • Increase timeouts in various places because it takes longer for things to be created on OpenShift.
  • Change consul-dns test to retry and to not use TTY since it's not always available.

CI changes

  • Add a new job to run acceptance tests against OpenShift. Note that it currently runs against pre-created Azure Red Hat OpenShift clusters. I was not able to get terraform running to create them before each run due to a variety of reasons, the main one being that it takes a not yet determined amount of time for the clusters to become ready. It has been hard to determine that time in a script/CI, which resulted in intermittent/non-deterministic test failures. We will have to address further automation of the OpenShift cluster creation at a later time.
  • Add a new workflow to run acceptance tests nightly (currently commented out).
  • Add Azure CLI and OpenShift CLI to the Docker image used in CI

@ishustava ishustava force-pushed the openshift branch 13 times, most recently from 46ee3fc to 821ace0 Compare September 30, 2020 08:25
@ishustava ishustava force-pushed the openshift branch 3 times, most recently from 3b591d2 to 466b27c Compare October 1, 2020 23:19
ishustava
ishustava commented Oct 2, 2020
View reviewed changes
.circleci/config.yml Outdated Show resolved Hide resolved
@ishustava ishustava marked this pull request as ready for review October 2, 2020 01:30
@ishustava ishustava requested review from a team, lkysow and kschoche and removed request for a team October 2, 2020 01:30
lkysow
lkysow approved these changes Oct 2, 2020
View reviewed changes
Copy link
Member

@lkysow lkysow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉 🦊 Looks simple enough 😆

.circleci/config.yml Show resolved Hide resolved
@ishustava ishustava added the enhancement New feature or request label Oct 2, 2020
kschoche
kschoche approved these changes Oct 5, 2020
View reviewed changes
Copy link
Contributor

@kschoche kschoche left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work @ishustava!!
One quick question about the comments in values.yaml :
Does it make sense to add a comment saying
"this has been tested on openshift version X?"
so that users have an idea of what a supportable version would be?

@ishustava
Copy link
Member Author

Does it make sense to add a comment saying
"this has been tested on openshift version X?"

yeah! I think that's a great idea!

@ishustava ishustava merged commit 74eeb15 into master Oct 5, 2020
@ishustava ishustava deleted the openshift branch October 5, 2020 19:18
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lkysow lkysow lkysow approved these changes

@kschoche kschoche kschoche approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request theme/openshift
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ishustava @lkysow @kschoche