19 Commits

Author SHA1 Message Date
okozachenko
f3ed56cc18 Use HTTP probe instead of TCP probe
Strictly speaking, open socket doesn't mean working API.
We experienced API stopped responding and the socket was still
open so API was unhealthy actually but kubernetes did not restart.

HTTP probe will fix this issue.

Change-Id: I95bb3ad3123d8a4a784d260477f037fa5506d290
2022-09-01 15:54:07 +10:00
Brian Haley
ced30abead Support image registries with authentication
Based on spec
support-OCI-image-registry-with-authentication-turned-on.rst

Each Helm chart can configure an OCI image registry and
credentials to use. A Kubernetes secret is then created with this
info. Service Accounts then specify an imagePullSecret specifying
the Secret with creds for the registry. Then any pod using one
of these ServiceAccounts may pull images from an authenticated
container registry.

Related OSH-infra change:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/848142

Change-Id: I54540f14fed29622bc5af8d18939afd06d65e2d8
2022-08-11 00:18:37 +00:00
Schubert Anselme
8d5ddc9035
Migrate CronJob resources to batch/v1 and PodDisruptionBudget resources to policy/v1
This change updates the following charts to migrate CronJob resources to the batch/v1 API version, available since v1.21. [0]
and to migrate PodDisruptionBudget to the policy/v1 API version, also available since v1.21. [1]

- aodh (CronJob & PodDisruptionBudget)
- barbican (PodDisruptionBudget)
- ceilometer (PodDisruptionBudget)
- cinder (CronJob & PodDisruptionBudget)
- cyborg (PodDisruptionBudget)
- designate (PodDisruptionBudget)
- glance (PodDisruptionBudget)
- heat (CronJob & PodDisruptionBudget)
- horizon (PodDisruptionBudget)
- Ironic (PodDisruptionBudget)
- Keystone (CronJob & PodDisruptionBudget)
- magnum (PodDisruptionBudget)
- masakari (PodDisruptionBudget)
- mistral (PodDisruptionBudget)
- neutron (PodDisruptionBudget)
- nova (CronJob & PodDisruptionBudget)
- octavia (PodDisruptionBudget)
- placement (PodDisruptionBudget)
- rally (PodDisruptionBudget)
- senlin (CronJob & PodDisruptionBudget)

0: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#cronjob-v125
1: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#poddisruptionbudget-v125

Change-Id: I2fc0692e1c8e2c4fa4d4ca1da96b5c6a832343fa
2022-05-19 10:08:18 -04:00
guilhermesteinmuller
52a3e8dffc Fix transport_url
We have observed that omitting statefulset
on the olso_messaging values can cause octavia
workers to ocasionally fail with:

AMQP server on rabbitmq.openstack.svc.cluster.local:5672 is unreachable:
[Errno 104] Connection reset by peer. Trying again in 1 seconds.:
ConnectionResetError: [Errno 104] Connection reset by peer

This patch aims to keep the pattern used on the other serivces
to setup the transport_url that includes all pods in the statefulset.

Change-Id: I1905dc8f443929a03786fd01d6cf4e50ff5d3cb2
2021-11-29 10:46:06 -03:00
Mohammed Naser
d1468c582e octavia: allow using log_config_append=null
This patch allows the user to set log_config_append
to null which will flip back to the original shipped
logging config.

Change-Id: I1a2b90f208286a61c4ca5799a75d46d44bcd5296
2021-11-12 01:39:29 -05:00
Gage Hugo
c20c1e4400 Update htk requirements repo
As part of the move to helm v3, all the charts in the OSH repos
will no longer lint/build properly due to a lack of helm serve
in helm v3.

This change modifies the helm-toolkit repo location to the
osh-infra repo in order to account for the removal oh helm serve.

This work is part of the migration to helm v3 and will be utilized
in future changes.

Change-Id: I90d25943d69ad6c76455f7778a4894f00c525c46
2021-10-10 18:45:28 -05:00
Mohammed Naser
5ff0afcb0d Fix dnsPolicy for housekeeping service
The dnsPolicy not being set to "ClusterFirstWithHostNet" results in
the housekeeping service failing to connect to the database.

Change-Id: I23c9f0c561ea61695fbc7ce333a3f331cf31a7a4
2021-05-29 21:35:40 -04:00
Gage Hugo
5233582991 Remove support for openstack releases older than T
This change bumps each openstack chart version up to the next
greatest minor version of 0.2.0, signifying that openstack-helm
will no longer support older, EOL releases for each chart.

Change-Id: I7ce80c7bdc779c1de4472079f18102f506bfbb90
2021-04-29 12:04:34 -05:00
Susanta Gautam
459f33f00c Added post-install and post-upgrade hook for Jobs on octavia
Chart upgrading was failing due to some immutable fields are needed to upgrade before the jobs can be upgraded. For solving this issue, we
have added the helm.sh/hook annotations with post-install and post-upgrade values.
As for hook-weight annotations, we have added these to control the flow of the jobs with hook creation as the jobs are dependent. Like,
db-init jobs need to run before db-sync and so on.

Change-Id: I28dec6d082b95b448752e741e7694d32b2740cfa
2021-03-24 20:04:08 +05:45
Andrii Ostapenko
20b6b9a236
Change helm-toolkit dependency version to ">= 0.1.0"
Since we introduced chart version check in gates, requirements are not
satisfied with strict check of 0.1.0

Change-Id: If537f69dec7e3360f6bffcc4424f10c248919ece
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
2020-09-24 12:20:13 -05:00
Mohammed Naser
89969ade3a Add chart-testing linter
Added chart lint in zuul CI to enhance the stability for charts.
Fixed some lint errors in the current charts.

Change-Id: I7e4b191fb9e355ab5d5a233e8ed121346519df62
2020-09-16 21:12:17 +03:00
Gage Hugo
44882d60e2 Update xrally version to 2.0.0
This change updates the xrally image from 1.3.0 to 2.0.0
in order to better match the current versions of openstack
we are running in the gate.

Change-Id: I3f417a20e0f6d34b9e7ed569207a3df90c6ddfd2
2020-07-31 20:00:24 +00:00
Andrii Ostapenko
8cfa2aa390 Enable yamllint checks
- brackets
- braces
- colon
- commas
- comments
- document-end
- document-start
- empty-lines
- hyphens
- indentation
- new-line-at-end-of-file
- new-lines
- octal-values
- trailing-spaces

with corresponding code adjustment.

Also add yamllint.conf under the check.

Change-Id: Ie6251c9063c9c99ebe7c6db54c65d45d6ee7a1d4
2020-05-27 19:16:34 -05:00
Pete Birley
728b3739cf Revert "Modify files related to overrides."
This reverts commit 0389b54578dc9efb670fcacb1097daf008d7cdcc.

Change-Id: I91f2c87f51978fe0a35143757c19fe789f7e0669
see: https://review.opendev.org/#/c/712959/1
2020-03-13 14:08:31 +00:00
songgongjun
0389b54578 Modify files related to overrides.
As the functions of overrides are upgraded,the
files that depend on the functions of overrides
need to be modified synchronously.This patch and
https://review.opendev.org/#/c/707788/ depend on
each other.

Story: 2007291
Task: 38753
Depends-on: https://review.opendev.org/#/c/707788/
Change-Id: I048c8fe73f8f85df465f2c829812b75be1e4f130
Signed-off-by: songgongjun <gongjun.song@intel.com>
2020-03-03 20:06:45 +08:00
Gage Hugo
f9dbba7043 Revert "Revert "Keystone Authtoken Cache: allow universal secret key to be set""
This reverts commit 90d070390db08abf9da42a2bac54397112bbcd48.

Change-Id: I017c6e9676b872e1aab21f9dc8aa2f93db58d49f
2020-02-21 11:16:55 -06:00
Vasyl Saienko
90d070390d Revert "Keystone Authtoken Cache: allow universal secret key to be set"
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.

Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.

Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
2020-02-12 11:18:06 +00:00
Steve Wilkerson
9736f5f544 Update kubernetes-entrypoint image reference
This updates the kubernetes-entrypoint image reference to consume
the publicly available kubernetes-entrypoint image that is built
and maintained under the airshipit namespace, as the stackanetes
image is no longer actively maintainedy

Depends-On: https://review.opendev.org/688435

Change-Id: I8e76cdcc9d4db8975b330e97169754a2a407341f
Signed-off-by: Steve Wilkerson <sw5822@att.com>
2019-10-21 13:58:22 +00:00
hagun.kim
aac8345c4c Octavia: add octavia chart and deployment scripts
This PS adds octavia chart and its deployment scripts.

Blueprint name : openstack-helm-octavia

- Deployments : api, worker, housekeeping
- Daemonset : health-manager
- health-manager daemonset creates o-hm device on each controller node.
- This is for multi node deployment.
- 180-create-resource-for-octavia.sh : Create openstack resources
    (network, sec groups, flavor, keypair, image for development)
- 190-create-octavia-certs.sh : Create certificates to use Octavia
    (the certs is passed into pod using secret and volume for development)
- 200-octavia.sh : Deploy Octavia chart

Note: This chart doesn't include amphora image itself and its build.

Change-Id: I0bb7dfc7c15d77287c05a8542347e19fc269aba4
Signed-off-by: hagun.kim <hagun.kim@samsung.com>
2019-10-07 17:46:47 +09:00