This is the initial pod disruption budget that will serve as the template
for all services in OpenStack-Helm.
Partially-Implements: blueprint add-pod-disruption-budgets
Change-Id: I67eeaa66257e793f77a089f3bc0dd4b700638c63
OpenStack Foundation started serving project mascots files on
openstack.org. This commit adds URLs to those files as chart icons for
OpenStack projects.
Change-Id: I2482174cd1d9a0f32df91d7d81974a0dc37f5c4d
Keystone service.yaml currently has duplicate selector entries.
This patch set removes the duplicate.
Change-Id: Ic3e195e354b69683f8f3e8b6bb8f4b3a72b75cdb
This PS proposes a potential enhancement to the chart.yaml, idealy
this would also reference the project Mascot but currently there is
no CDN (that I'm aware of) hosting these images publicly.
Change-Id: I5160290e1e6b4bc67486e9834461ebfaa00bf665
This patch set moves the required keystone config files to the manifests, and
allows users to specify their own additional volume mounts if necessary.
Change-Id: I622abbba3e19390ce1003441eb9c0a3477754b82
This PS updates the chart.yaml to be consistent across the repo, and
changes the description to make clear that they are the OpenStack-Helm
derived versions of the charts while using `helm search`.
Change-Id: Iac3cfd2cddba7130b28a65c3d353712c8a3aa02b
The Keystone Chart had some extranious whitespace at the
end of lines, this commit rectifies that.
Change-Id: I4da8e4812a5aa92b85cc3baa3f76d08ba5967091
* Initial Commit of Nova Configuration Overrides
This commit is an evolution of the initial keystone configuration
overrides work
It expands upon that work by introducing many of the same concepts
into nova. It differs in that a few concepts were changed. Namely
the helm-toolkit/_oslo.tpl concept was abandoned, as there are too
many unique oslo paths for configuration elements, so dynamic oslo
setting mechanism was moved locally into configmap-etc.yaml, where
it is generally used.
Secondly, in nova the mount override effort was altered to instead
provide mount "append" capability. Keeping the manifest mounts
closer to the actual pod, and keeping values.yaml a tad smaller.
This still allows the original flexibility of operators adding
mounts, but they cannot "undo" any of the charts built in mounts.
There were several manual tweaks that needd to be done to _nova.conf.tpl
after the oslo-config-gen process this time. This is because there is a
bug in the newton version of generating this file. It does not include
the proper service authentication credentials in the [keystone_authtoken]
section. Future releases have a separate service credentials section
so future config generations will likely not need these added lines.
* Remove unused values.yaml parameters
Fix references to removed helm-toolkit oslo macro
* resolve nova feedback
* bugfix nova-etc/nova-bin swap
This commit introduces several new paradigms:
* .Values driven mounts in service containers as well as jobs.
These can be overriden at runtime by manipulating .Values.mounts.*
* Authenticated Endpoint Resolution methods in helm-toolkit
to allow the database and rabbit type endpoints to be moved
under the endpoints section. Now endpoint lookup functions exist
for openstack endpoints as well as infrastructure elements such as
the database, rabbitmq, and memcache.
* Importing of upstream "out of the box" policy.json
and keystone-paste.ini files for better or worse.
* A rendering of the keystone.conf oslo generated config
using a new helm based Values generator. This provides "known"
paths to all configuration elements in the form of
"<section>.<oslo_namespace>.<element>" so that any of these can
be targeted for override via --set or values.yaml files loaded at
run time.
* Support for appending arbitrary string data to the policy.json,
keystone-paste.ini, or keystone.conf files via --set conf.keystone.append="#
some comment", or --set conf.policy.append="\"identity:list_projects\":
\"role:fake\""
* Support for complete verbatim overrides of these three
files via --set conf.keystone.override="full file contents",
or --set conf.policy.override="full file contents" for example
* Rename common chart to helm-toolkit
* Update useage of helpers to include reference to chart they come from.
* Update helm-toolkit function naming
Also catches several functions missed in previous PS
* Update remaining requirements.yaml to use helm-toolbox
* Dep Check container fix for common -> helm-toolbox renaming
* Add resources limits and requests for each chart
* Refactor the resources limits and requests to follow a patern
* Fix some coding issues
* fix issues resulting from feedback on the resources PR
* Reset some variables to a static value in the neutron chart.
* Substituting variable entrypoint by dependency_check in the concerned files
* Few adjustments
* Update deploy-region.yaml
* Update deployment.yaml
* Add resources limits and requests for each chart
Squah all commits in one.
* Add resources limits and requests for some charts
* cleaning
* Fix indendation issue
* Update deployment.yaml
* Update daemonset-ovs-vswitchd.yaml
It also makes two other changes:
* Moves the entrypoint container manifest snippet to its own file to reduce loading on the _funcs.tpl file
* Changes dep-check-init-cont to dep_check_init_cont to match the formatting of other defines used in OpenStack Helm
* Allow glance to support using default secrets
if none are provided
* Resolve configmap mounting issue with glance
ceph secrets
* Ensure keystone wsgi workers/threads are set to
reasonable numbers for a container implementation
This PS loads all the required keystone configuration files into a container for an apache based deployment.
It allows OpenStack-Helm to be image agnosic, meaning operators can use any Apache based Keystone image they want.
two templates, because i don't how to pass two variables to template.
PR also adjust layout of configuration files in Nova.
Signed-off-by: DTadrzak <daniel.tadrzak@intel.com>
The new default for mitaka+ is fernet tokens which not all
container images support. This allows the operator to
specify the token provider, allowing uuid token usage in
images which is required until the infrastructure to setup
and distribute fernet keys is created.
The configuration of ``worker`` can be removed for two reasons:
* In Mitaka (and onward), it is two separate parameters:
``public_workers`` and ``admin_workers`` under section
[eventlet_server], as shown in [1]. In master (Ocata),
these options were removed.
* In the preferred keystone deployment of using u/wsgi, and not
eventlet server, this setting does not really take effect - as
Apache will manage this instead of keystone.
These options can be removed. Also, removed extra EOL spaces.
[1] https://github.com/openstack/keystone/blob/stable/mitaka/etc/keystone.conf.sample#L678-L696
* These annotations ensure that if configmaps change, the pods
are redeployed according to their upgrade strategy.
* This change excludes glance which has a pull request in progress
to refactor it.
