Verification is added to Cinder volume type creation logic
under Values.bootstrap to make sure the volume_backend_name is
configured in Values.conf.backends.
Change-Id: I1b9b1eaac8df861d28d4121477de148dba6a2dbf
When using a helm3 to deploy , it fails. Helm3 no more support rbac.authorization.k8s.io/v1beta1 , but v1 can support helm2 and helm3.
Change-Id: Ie4e1c79c2b2513318d1b7d6a13712921a6c2a6cb
Bidirectional mount propagation doesn't work as expected,
HostToContainer does and is the safer option for now.
Change-Id: Ia0b0ab1a74991745cd74d3629d23f86bd8ff5296
ClusterIssuer does not belong to a single namespace (unlike Issuer)
and can be referenced by Certificate resources from multiple different
namespaces. When internal TLS is added to multiple namespaces, same
ClusterIssuer can be used instead of one Issuer per namespace.
Depends-on: https://review.opendev.org/c/openstack/openstack-helm-infra/+/766359
Change-Id: I6585d5a8c2ccb507a5c99784c0190502b55a5bcf
This patchset added the necessary hostPath, hostIpc and
hostNetwork to enable the volume backup for iSCSI based
Cinder volumes.
Change-Id: Ief3cc723650a6c42e24dfd6159c0de6f81e56fce
This PS enables iscsi actions to work correctly in cinder
volume - enabling things like conversion of glance images
to cinder volumes (required for nova-boot-from-volume)
Change-Id: I63521ff9609ad89485a843bc0fbddb00e38dccc8
Signed-off-by: Pete Birley <pete@port.direct>
Example override yaml file is added to indicate how to
override the manifest for configure an additional externally
managed Ceph Cinder backend.
In ceph.conf, either "mon_host" or "mon host" can be used for
the same parameter. In order not to force the user to use it one
way or the other, "mon_host" is removed from default setting.
Change-Id: I179567d77196ab2fb82d7a78e3a08efb966ed68c
Bring in option to be able to create and send service
tokens to prevent long-running job failures (default is OFF).
Change-Id: I5e5707001687e464386696b9c8d80ad8b2977e97
Since we introduced chart version check in gates, requirements are not
satisfied with strict check of 0.1.0
Change-Id: If537f69dec7e3360f6bffcc4424f10c248919ece
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
In this patchset, comfigmap of ceph.conf and secret of
cinder user keyring is created for externally managed ceph
Cinder backend.
Change-Id: Ie76bf207a7d42bd70a6be2648e060122f7daf5ad
Added chart lint in zuul CI to enhance the stability for charts.
Fixed some lint errors in the current charts.
Change-Id: I7e4b191fb9e355ab5d5a233e8ed121346519df62
Some OSH charts have diffferent values for logger_root
handler from upsgream repo config defaul values.
Exactly, logger_root handler values.
This leads double logging finally.
To fix this, set logger_root as null like upstream repos.
Change-Id: I20e4f48efe29ae59c56f74e0ed9a4085283de6ad
This is to add support for external ceph cluster as second backend
for cinder.
prerequisite:
- create ceph.conf for external ceph cluster as configmap
- create cinder2 user and keyring on external ceph cluster
- create keyring of user cinder2 as a secret
now point configmap and secret created as prerequisite under
values.ceph_client.external_ceph section
also we need to add second backend under values.conf.backends section
with all the details of external ceph cluster.
Change-Id: I8df9f1da7208304f479dbb70b19af97fb01cd38f
This change updates the xrally image from 1.3.0 to 2.0.0
in order to better match the current versions of openstack
we are running in the gate.
Change-Id: I3f417a20e0f6d34b9e7ed569207a3df90c6ddfd2
This updates the cinder chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem flag to true
Change-Id: Ia6e3c56087bae6f8c86db688404c6ce3a1d5d99d
- braces
- brackets
- colons
- commas
- comments
- hyphens
- indentation
- key-duplicates
with corresponding code changes.
Also disable enforcement for document-(start|end) rules and
disables warnings to increase readability.
* Unrestrict octal values rule since benefits of file modes readability
exceed possible issues with yaml 1.2 adoption in future k8s versions.
These issues will be addressed when/if they occur.
Change-Id: Ic5e327cf40c4b09c90738baff56419a6cef132da
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
This updates the Cinder chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem flag to true
Change-Id: If17af3e3dba188a43ed11a0d5757fcae9f5358e8
Enables and sets some sane, default configuration, based off
documentation [0] for the 'rbd1' scoped Cinder backend. When a
volume is first created from an image, a new cached image-volume
will be created that is owned by the Block Storage Internal Tenant.
Subsequent requests to create volumes from that image will clone
the cached version instead of downloading the image contents and
copying data to the volume.
[0]: https://docs.openstack.org/cinder/stein/admin/blockstorage-image-volume-cache.html
Change-Id: I1eae74b7058f0c6c0826289cf468033eccecaa8a
In this Patchset, Cinder configuration is added to values_overrides
for supporting PURE as one possible Cinder block storage backend.
Please note: updated images are needed for Cinder and Nova to
include package purestorage for the support of pure backend.
Change-Id: Ic0f1116045d74ec624449fbaf92858ccf8d4d936
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
Co-Authored by gage Hugo <gagehugo@gmail.com>.
This Patchset creates Zuul Gate Jobs for apparmor to support Cinder.
Change-Id: I7705512a3b50560b183e19f0868be40078241cdd
In this patchset, the iSCSI protocol support is added
to enable Cinder to use iSCSI based storage backends.
Bootable volumes are not supported, only VM attached
volumes are supported for this initial patchset.
Change-Id: I1b35290b62d2cebae4bd8be62126a53f230ac6c0
This patch set adds in job to test the OpenStack train releases.
Depends-On: https://review.opendev.org/#/c/706456/
Change-Id: I89fef1264f68dab7e921a9e5503c29d6a051f342
Signed-off-by: Tin Lam <tin@irrational.io>
Security_context'readOnlyRootFilesystem' under container cinder-backup
is misspelled as' redOnlyRootFilesystem', this commit fixed this
Change-Id: I5a1a9c1a9ae66d027199057a13e3119a326ef015
Cinder default format of policy file is changed from
"json" to "yaml" in stein. This patch set modifies
Cinder chart templates to load policies in yaml format.
Change-Id: I28f3d5be6609cd28bbc1ce8e5fc1d1cf4730b760
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
The gotpl script that determines if a cinder backend is ceph-backed
is not properly handling additional backends that does not have the
driver "cinder.volume.drivers.rbd.RBDDriver". This patch set fixes
the gotpl so it no longer causes a rendering problem.
Change-Id: I902e82301019531832afebce7a1e2f0b28bac8f3
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set adds in a script that cleans up orphaned or
lingering rally helm test pods.
Depends-On: https://review.opendev.org/#/c/683759/
Change-Id: I94fc8d067b421248cf74fe40b2e8520f63d4417c
Signed-off-by: Tin Lam <tin@irrational.io>
