This allows barbican to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And barbican itself interact with other openstack services via
endpoints.
Change-Id: I890f909fc6466b696ee64aa7dfdd528934fccb2d
Strictly speaking, open socket doesn't mean working API.
We experienced API stopped responding and the socket was still
open so API was unhealthy actually but kubernetes did not restart.
HTTP probe will fix this issue.
Change-Id: I95bb3ad3123d8a4a784d260477f037fa5506d290
port number in keystone
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I79b867a4e6771e07d1eebec89235352d7613e8eb
This allows cinder to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And cinder itself interact with other openstack services via
endpoints.
Change-Id: Id5668f9dde1f63fe472fef639571936de831e217
port number in cinder
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I40c3fc822e8ea9ef0eca8c15afe0d12b8bc926ff
Volumes (pod-shared and cinder-conversion) should be created
regardless of ceph backend existence but those are created
conditionally.
This bug has been existing but never revealed because conditional
check for ceph backend was wrong before. After this change
https://review.opendev.org/c/openstack/openstack-helm/+/852809,
started happening.
Change-Id: Ifc90e40bc201245d3d9e2b472573948ff64e0c61
This allows heat to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And heat itself interact with other openstack services via
endpoints.
Change-Id: I7af6c52377db479b7f7e28ade23582dcc6f8f2f9
port number in glance
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,
public, internal and default.
Change-Id: I8fc8ea4e81648f3b98006491a7cb2aa9c0f479b6
port number in placement
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I0bfd05bd419dd55b986ab6c1f706a5fcfbe19bbe
port number in barbican
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: I33dbc62338ef8e21fab774e3b91bc474efd6bf36
port number in nova
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: Id5ce67f65374382d103c8a0aec78cb43713ce4d2
This allows neutron to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And neutron itself interact with other openstack services via
endpoints.
Change-Id: I204b8a1a5a1fb253ea4207f5f5d76d47fac41bef
This allows glance to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And glance itself interact with other openstack services via
endpoints.
Change-Id: I35ab5d1bbaa20bfc73d0dc7af2710ca1d14b0627
port number in heat
Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.
I added `service` section in endpoint items apart from admin,public
,internal and default.
Change-Id: If393517aeb983e0cef7f370376f2bf4d12f65f4f
Current check uses cinder.utils.has_ceph_backend template which
returns bool-like string values("true" or "false"), and consider it
as bool type. So it is always true regardless of whether there is
ceph backend or not.
To fix this, this change uses string comparision.
Change-Id: Ie2e54c00d536874562eb93e70a2836cac102c992
Based on spec
support-OCI-image-registry-with-authentication-turned-on.rst
Each Helm chart can configure an OCI image registry and
credentials to use. A Kubernetes secret is then created with this
info. Service Accounts then specify an imagePullSecret specifying
the Secret with creds for the registry. Then any pod using one
of these ServiceAccounts may pull images from an authenticated
container registry.
Related OSH-infra change:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/848142
Change-Id: I54540f14fed29622bc5af8d18939afd06d65e2d8
This reverts commit 24e98899d2066a72abaa08e1fb082e335311db2b.
Reason for revert: Seems to have broken lint in a subsequent
change in this repository, revert to fix gate.
Change-Id: I5d19abb172a45126438f7179f80bdb0a64bc098c
The Xena and Yoga jobs have been unstable lately, the compute-kit
job does not run reliable in Zuul. While we diagnose and fix the
issue, this change comments out both X & Y release jobs to reduce
the number of blocked developers and wasted rechecks.
Change-Id: I53f1a9cd8c24939cf73729c5c2a8bb674403fdd6
Before if we tried to add an address that was already added to the
br-ex device the script would error out. Now, use replace which is
idempotent.
Change-Id: I34bbb361c4fa2f347431629f79753f75b458926f
This will add a value override for neutron_netns_cleanup_cron release image so that we don't use stein release images by default in the respective Openstack release jobs.
Change-Id: Ie856090ac3ed2f8c60afeacc2ed729c36b7d3372
