port number in neutron
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I38dca50a8462faa4e9a7eeed56839b1b996eae06
ADD: include new charts to the umbrella chart for comprehensive
deployment of openstack-helm.
* openvswitch
* libvirt
* neutron
* nova
* placement
Change-Id: I78d1c7c629024c3f9530239dff9f8eb9da598764
As dnsmasq.conf data in configmap-etc secret was empty, there was no option
to override it. Added the section in the values.yaml file where the dnsmasq.conf
config can be added which will be reflected in dhcp-agent.
Change-Id: If11c33f6f837dbf0d16e54cc92cabf399e773968
In the Victoria cycle oslo.policy decided to change all default policies
to yaml format. Today on openstack-helm we have a mix of json and yaml
on projects and, after having a bad time debugging policies that should
have beeing mounted somewhere but was being mounted elsewhere, I'm
proposing this change so we can unify the delivery method for all
policies across components on yaml (that is supported for quite some
time). This will also avoid having problems in the future as the
services move from json to yaml.
[1] https://specs.openstack.org/openstack/oslo-specs/specs/victoria/policy-json-to-yaml.html
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: Id170bf184e44fd77cd53929d474582022a5b6d4f
Updated neutron to use an Nginx sidecar to terminate internal TLS rather
than using Apache with a separate RPC servers. Multiple RPC servers (in
sidecar) causes communication issues with RabbitMQ causing expected
errors.
Change-Id: Iaa6d3d64b730a54b1b85a338517bcb5be1842bda
Signed-off-by: Tin Lam <tin@irrational.io>
The lack of quotes means if it defaults to nothing, Kubernetes is not
happy because it is trying to set a nil value instead of an empty
string.
Change-Id: I7af08b93a4df92acd9d428266aaa7922a66cf599
This commit enables user to update dpdk bond config
only when required using the flag UPDATE_DPDK_BOND_CONFIG.
This helps in avoiding disruption in ovs dpdk during ovs
agent restart or when there is a update in bond config.
Setting UPDATE_DPDK_BOND_CONFIG to true will have default
behavior.
Setting UPDATE_DPDK_BOND_CONFIG to false will disable
configuration of bonds after the first run and can be
set to true when required.
Change-Id: I4c8ec145c8f1c1c1b5f7a5201f792e040fdd89a2
The charts changes are required for deployment
of various clouds based on Tungsten Fabric SDN.
Right now it's tested for Airship-in-a-bottle.
The code cannot be tested currently in
OpenStack Helm project because of absence of
tests and platform for that.
This patchset doesn't have Heat-related changes,
they'll be added later.
Change-Id: I73f2ced2b09dbb93146334b59fe4571fa13dbfb0
Depends-On: https://review.opendev.org/#/c/734635/
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
This PS adds octavia chart and its deployment scripts.
Blueprint name : openstack-helm-octavia
- Deployments : api, worker, housekeeping
- Daemonset : health-manager
- health-manager daemonset creates o-hm device on each controller node.
- This is for multi node deployment.
- 180-create-resource-for-octavia.sh : Create openstack resources
(network, sec groups, flavor, keypair, image for development)
- 190-create-octavia-certs.sh : Create certificates to use Octavia
(the certs is passed into pod using secret and volume for development)
- 200-octavia.sh : Deploy Octavia chart
Note: This chart doesn't include amphora image itself and its build.
Change-Id: I0bb7dfc7c15d77287c05a8542347e19fc269aba4
Signed-off-by: hagun.kim <hagun.kim@samsung.com>
Extending the Neutron with configuration parameters and scripts for
deploying OVS with DPDK support enabled. The new functionality takes
care of binding NICs to DPDK and adding those to OVS bridges of type
'netdev'.
Co-Authored-By: Rihab Banday <rihab.banday@ericsson.com>
Change-Id: I9932123986a0b723d7523136940d325bcfde983d
BGP-MPLS VPN extension allows attachment of Neutron networks and/or
routers to VPNs built in carrier provided WANs using these standard
protocols.
Change-Id: Ib0ec8cb22e9c113d4be1c992d895b565db5e30b0
L2 Gateway (L2GW) is an API framework that offers bridging 2+
networks together to make them look as a single broadcast domain.
A typical use case is bridging the virtual with the physical networks.
Change-Id: I95ff59ce024747f7af40c6bef0661bb3743b0af1
This PS updates the charts to use the htk function recently introduced
to allow oslo.messaging clients ans servers to directly hit their
backends rather than using either DNS or K8S svc based routing.
Depends-On: I5150a64bd29fa062e30496c1f2127de138322863
Change-Id: I458b4313c57fc50c8181cedeca9919670487926a
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the neutron secret to conform to K8s schema
validation.
Change-Id: Id477510873362224ba919b0c97e09664d5c1b205
Signed-off-by: Pete Birley <pete@port.direct>
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the neutron-server service.
This provides the ability to audit API requests for neutron.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: I86b4df1436ae59bc9a151c28337af7c06c83e45f
.Values.network.auto_bridge_add is a global config. So in multi nodes
deployment, it requires that all hosts have the same nic names. This is
a strict limit.
This patch is to support per-host auto_bridge_add, so that we can define
different auto_bridge_add for hosts.
Also, this patch move .network.auto_bridge_add to .conf.auto_bridge_add
Change-Id: I4a4d6efbbfe073d035bc5c03700fbe998e708d0f
Story: 2005059
Task: 29601
This is the second draft to enhance neutron in ocata to support
Tap-as-a-service (TaaS) as a L2 Extension.
Change-Id: I96951b38dd43ab4904339b778b5726a579c76a4c
This PS moves openstack components in OSH to use secrets to store
potentially sensitive config information.
Depends-On: https://review.openstack.org/#/c/593732
Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92
Signed-off-by: Pete Birley <pete@port.direct>
This proposes changing the tags added to the openstack logs
gathered by the fluentd handler from `openstack.<service>` to
`Namespace.Release` to account for multiple instances of openstack
services being deployed into different namespaces. This allows for
fine tuning the search queries in elasticsearch/kibana to target
specific service deployments in specific namespaces
Change-Id: Ia12dceb4089e107e15d8e30c92c91f350dc31318
This introduces a mechanism for generating the logging.conf
file for the openstack services via the values. This allows us to
define loggers, handlers, and formatters for the services and the
modules they're composed of.
This also allows us to take advantage of the oslo fluent handler
and formatter. The fluent handler and formatter give us the
following benefits: sending logs directly to fluentd instead of
routed to stdout/stderr and then through fluentbit to fluentd,
project specific tags on the logged events (enables us to define
more robust filters in fluentd for aggregation if required),
full traceback support, and additional metadata (modules that
created logged event, etc)
Depends-On: https://review.openstack.org/577796
Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
This PS removes the use of the `quote and truncate` approach to
suppress output from gotpl actions in templates and replaces it
with the recommended practice of defining `$_` instead.
Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves all the config files to be directly values driven,
both simplifying over-ride and allowing configs to be targeted
to pods in future work.
Change-Id: Ifcbc19b17aa1d145f12ed1aed8b15a69ca045bb7
This PS adds the ablity to target different configs to different
hosts for the nutron agents, in the same manner as nova-compute.
Change-Id: Iebd87e30014d6cac2127c7e1a14259b10d74fbf8
This PS allows a cache secret key for all instances of keystone
middleware to be defined in a single location.
Change-Id: I3d5c78732d8a8bb9110117130f0d886fea609526
Partial-Bug: 1753251
This PS allows the neutron and nova charts to dynamicly adapt to
various backends.
Depends-On: I0ec13f45fd4561fec59d08b08eb78390a3866156
Change-Id: I1891af4b0e49237e229ff5e61e907dc3e413cf87
- corrected the path of "socket" volume, which is used for sharing
metadata proxy unix socket among the agents
- and give neutron user permission to write to the dir
- set the default nova_metadata_ip to full hostname of metadata
so that it could be accessed properly via ingress
- removed unnecessary configurations from values
Change-Id: I4d20dc670fecebd9799851d659c5f42edb4821ac
Closes-Bug:1745370
This PS moves all credentials for OpenStack services from 'user' to
the service name. This allows a single yaml snippet to articulate
the credentials for a deployment.
Change-Id: Ic720109f2ba854561b23767cb480bcae91f74b6b
This PS moves the rally test config into values.
Partially implements: blueprint remove-pregenerated-config-templates
Change-Id: Ic051e762d792308de1d6038c37ca71c3efc9698c
This PS moves the nova credentials from the config section
of the values.yaml to the endpoints section, seperating them from
the service configuration.
Change-Id: Idfc696e0fc907b702a8ca81d81e50cb252cb7af8
