This change adds the endpoint details for Nova to allow for online
resizes however a very key thing in this is that it is actually
using the Cinder credentials to talk to Nova.
OpenStack projects have historically arbitrarily decided to use
the user credentials of the _target_ service rather than the
source service which does not make sense, a mailing list discussion
seemed to have not brought up any negatives but only positives.
For the future, we can continue to do this which will simplify
our endpoints section but this is a start.
Change-Id: Ib9b500ef9a9bc34c8b64215bee57451494735573
Now we need to add external ceph configuration in values as yaml
format, then it is converted to ini format and added in cinder-etc
configmap.
Instead, we can just specify the pre-existing configmap name.
Configmap name takes precedence over plain configuration.
Change-Id: Ica1973798223207f6a453613a600d121db25edea
port number in cinder
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I40c3fc822e8ea9ef0eca8c15afe0d12b8bc926ff
This change removes the cinder v1 and v2 endpoint definitions
from the default values in the cinder chart.
Change-Id: I0ee35ad71c76df157e2c670a7899e4b6c1b91e46
Bring in option to be able to create and send service
tokens to prevent long-running job failures (default is OFF).
Change-Id: I5e5707001687e464386696b9c8d80ad8b2977e97
In this patchset, comfigmap of ceph.conf and secret of
cinder user keyring is created for externally managed ceph
Cinder backend.
Change-Id: Ie76bf207a7d42bd70a6be2648e060122f7daf5ad
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
Cinder default format of policy file is changed from
"json" to "yaml" in stein. This patch set modifies
Cinder chart templates to load policies in yaml format.
Change-Id: I28f3d5be6609cd28bbc1ce8e5fc1d1cf4730b760
This reverts commit 1c85fdc390e05eb578874e77fad9d4ec942da791.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
This PS updates the charts to use the htk function recently introduced
to allow oslo.messaging clients ans servers to directly hit their
backends rather than using either DNS or K8S svc based routing.
Depends-On: I5150a64bd29fa062e30496c1f2127de138322863
Change-Id: I458b4313c57fc50c8181cedeca9919670487926a
Signed-off-by: Pete Birley <pete@port.direct>
During the Queens cycle, Cinder introduced the ability to specify the
backup driver via class name and deprecated backup driver initialization
using the module name. (Id6bee9e7d0da8ead224a04f86fe79ddfb5b286cf)
Legacy support for initialization by module name was dropped in Stein.
(I3ada2dee1857074746b1893b82dd5f6641c6e579)
This change will support both methods of initialization and leave the
driver defaults enabled for module based initialization (valid through
Rocky images).
This change has been tested using the OSH default Cinder (Ocata) images
and StarlingX images based on master (Train).
Change-Id: Iec7bc6f4dd089aaa08ca652bebd9a10ef49da556
Signed-off-by: Robert Church <robert.church@windriver.com>
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the cinder-api and cinder-scheduler services.
This provides the ability to audit API requests for cinder.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: If81b88a4003bc4394ef4a378626cf5d6edb9c4ae
During the Stein development cycle, Cinder removed the deprecated
query_volume_filters configuration option with
Icd311db7f88c3c274d9a362eb96519e46c7e4d17.
This chart update will add resource_filters.json to the configmap and
provides the default values for the filter keys to enable filtering in
the list APIs.
Change-Id: I31263e9ce06d31773e961ae5d1252e062a38a4e5
Signed-off-by: Robert Church <robert.church@windriver.com>
This PS moves openstack components in OSH to use secrets to store
potentially sensitive config information.
Depends-On: https://review.openstack.org/#/c/593732
Change-Id: I9bab586c03597effea0e48a58c69efff3f980a92
Signed-off-by: Pete Birley <pete@port.direct>
This proposes changing the tags added to the openstack logs
gathered by the fluentd handler from `openstack.<service>` to
`Namespace.Release` to account for multiple instances of openstack
services being deployed into different namespaces. This allows for
fine tuning the search queries in elasticsearch/kibana to target
specific service deployments in specific namespaces
Change-Id: Ia12dceb4089e107e15d8e30c92c91f350dc31318
This PS allows the cinder-backup to use a separate ceph backend, you
can add a ceph ip and admin keyring to .Values.backup_ceph so that
cinder-backup can use the new ceph.
blueprint add-ceph-configuration-for-cinder-backup
Change-Id: Ib2c4ca3945a15107d77e36635bda52297de9f164
This introduces a mechanism for generating the logging.conf
file for the openstack services via the values. This allows us to
define loggers, handlers, and formatters for the services and the
modules they're composed of.
This also allows us to take advantage of the oslo fluent handler
and formatter. The fluent handler and formatter give us the
following benefits: sending logs directly to fluentd instead of
routed to stdout/stderr and then through fluentbit to fluentd,
project specific tags on the logged events (enables us to define
more robust filters in fluentd for aggregation if required),
full traceback support, and additional metadata (modules that
created logged event, etc)
Depends-On: https://review.openstack.org/577796
Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
This PS removes the use of the `quote and truncate` approach to
suppress output from gotpl actions in templates and replaces it
with the recommended practice of defining `$_` instead.
Change-Id: I5f35c5f7e70b4f7f461d772e3b72ed1c695c56a8
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves all the config files to be directly values driven,
both simplifying over-ride and allowing configs to be targeted
to pods in future work.
Change-Id: I286af7434aab6de941f9700a7fbf70c6dd0ee4cb
The cinder_sudoers entry in the cinder configmap-etc was consuming
the neutron_sudoers entry in the values.yaml. This corrects it to
point at cinder_sudoers instead
Change-Id: I214912b3ed4185a201f4f94e82eaa50d6d321018
This PS allows a cache secret key for all instances of keystone
middleware to be defined in a single location.
Change-Id: I3d5c78732d8a8bb9110117130f0d886fea609526
Partial-Bug: 1753251
This PS moves all credentials for OpenStack services from 'user' to
the service name. This allows a single yaml snippet to articulate
the credentials for a deployment.
Change-Id: Ic720109f2ba854561b23767cb480bcae91f74b6b
This PS moves the rally test config into values.
Partially implements: blueprint remove-pregenerated-config-templates
Change-Id: Ic051e762d792308de1d6038c37ca71c3efc9698c
This PS removes the modified oslo-genconfig from cinder.
Partially implements: blueprint remove-pregenerated-config-templates
Change-Id: Id027319e96cecbeadb332c401955ec0ebc5eda16
This PS moves the cinder policy.json to be fully driven by gotpl,
allowing full configuration without editing the template.
Change-Id: Ib3e9582492231860870c3907ab0983405d88b8c8
This PS adds a configmap teplater helper to helm-toolkit. It makes it
simpler to write consistent charts that supports over-riding of all
values.
Change-Id: I9a587999859ea02802485eb25a3f0ebec8c712a8
Now, openstack-helm support "helm test" function, and It execute rally
container.
Rally also can test Tempest itself, so this fix will be add tempest
test in rally container.
Change-Id: I2c2f684f6583f2a3d9c7279a3d85cb242934e90e
Implements: blueprint add-tempest-in-helm-test
This patch set enables keystonemiddleware memcache encryption by providing a
random string key into the service configuration file, and setting the
memcache_security_strategy as ENCRYPT.
Change-Id: Ia030f5414308a29096c644bae70047a323eaffde
This PS removes the licence header from rendered output from tiller,
significantly reducing the configmap size of charts deployed to the
cluster.
Change-Id: I5d1b246f2068f3b83bf59ba79fe8b88bbc9a6161
This PS allows the rendering of manifests to be controlled. It enables
both increased control over deployment when required but also makes
development of a feature easier to target.
Change-Id: I1716e8ee23fe5c53f935bd739ea283bc4a2a9963
This PS unifies and normalises Kubernetes resource allocation and
update strategy across all OpenStack-Helm elements.
Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
This PS moves keystone credentials to the endpoints section within
the values.yaml, and also adds a 'secrets' key, allowing standardiation
of secrets and credential management across OpenStack-Helm.
Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
Add rally tests in cinder helm chart.
It only test create a volume because volume driver is fake_driver.
Change-Id: Iba5df74df427a414c70dda6baf9bc7e775b1716d
Partial-Implements: blueprint implement-helm-test-for-charts
This PS refactors the ceph chart and secret generation process.
The updated chart replaces the existing "bootstrap" chart.
Additionally, Ceph manifests and deployment guides were modified
accordingly.
Change-Id: I6f5bb88fc0f40cfee8865d9dab83859d765e7537
Co-Authored-By: Larry Rensing <lr699s@att.com>
