Currently, the rbac logic would allow for ``jobs`` or ``daemonsets``
if it is specified in the dependencies, even if they may just be empty
or null. This patch set addresses this by checking the jobs or
daemonsets map in the value.yaml is non-empty before including it
in the Role.
This mirrors the fix in OSH-infra in [0].
[0] https://review.openstack.org/#/c/530337/1
Change-Id: I37e8d8c1a0d587410811c544e049bbafed73cba8
Signed-off-by: Tin Lam <tin@irrational.io>
This PS removes references to out of date versions in the
multinode install guide and also RBAC rules, which was causing
confusion with new developers.
Change-Id: I89ae35896367c17e0d43c1d5b7a9183109aa61df
This PS updates the output from the troubleshooting guide to reflect
the expected output and commands for ceph luminious.
Change-Id: I8351d782d3b1ddbf2fc121b7096548e1ba38f7bd
This PS fixes the RBAC object creation for storage-init job, by
removing the helm hook annotation that was erroniosly applied to
the object manifests.
Change-Id: I98d2cec660199f607a8c18c1a2cc9e54937e3cb8
This PS adds a warning for the CIDRs consumed by Calico and K8s.
It should be replaced by better documentation and/or a sanity
checking chart/script when possible.
Change-Id: Ib87b773b7c19ed65330a54546c4613c16aa9ab75
Horizon has used the Kolla 4.0.0 image for some time as the 3.0.3
image pushed to dockerhub had several bugs in it. The 4.0.0 image
also has a bug where the topology view is not enabled for heat.
The 4.0.0 image is based on ocata, by moving to the `ocata` tag
we can use a image where this bug has been fixed.
Change-Id: Icca1563561454c92fcebd61f14e08f1d19289d24
This PS updates the dependency tree in ceph to take into account
the keyring jobs and also the tollerance for unready endpoints
introduced in the k8s 1.6 era.
Change-Id: If76efeafdbcbe88ee699e7553f0effd5da7ce624
With Docker >= 1.13.1 the default the default FORWARD chain policy
is configured to DROP, for the l3 agent to function as expected and
VMs reach the outside world correctly this needs to be set to ACCEPT.
Change-Id: I6bea3304f5eb4ab6b37283e94e20cda7e4119a44
The ceph mon daemonset had a typo, and referenced the osd
resource limit specification in Values instead of its own.
Change-Id: I06433b9039842322786e73eff89da2836c17bb7f
This PS adds support for Nova to run with native kvm when possible
using the developer deployment guide scripts.
Change-Id: I5d03dabfcb007f8a23ad65d3f129cb281b7aa87e
This PS updates the dev-deploy guide and scripts to set the
gateway device to match that used for the default route on the
developers machine.
Change-Id: I420ceb8cd845ae85f524f7b615ace753642d8e1d
Give things time to start and probe only as needed. This avoids
premature health warnings such as:
Normal Created 14s kubelet, node-0 Created container
Normal Started 14s kubelet, node-0 Started container
Warning Unhealthy 10s kubelet, node-0 Readiness probe failed:
Change-Id: I224aed14a03a3690f1ba2a07a2d9fad54b7dd550
This patch sets fixes the make clean target as it currently attempts
to delete the generated */charts up the parents, where the directory
is guaranteed to be non-empty.
Change-Id: I6575cb9e1e7da8b6c690e433418d1115130e0eff
This updates the names of the helm test pods to give all services
in OSH-infra/OSH a uniform '{{ .Release.Name }}-test' name, which
allows for easier gathering of test results across all deployed
services
Change-Id: I24df7a18d32b99d1ffaad19647ef724316e2fe20
init osd: Ceph luminous release init osd differently. This fix detects
ceph releases and use the right process to init osd directory
mgr: Set mgr daemonset that is in Luminous
Change-Id: I99a102f24c4a8ba18a0bba873e9f752368bea594
Signed-off-by: Huamin Chen <hchen@redhat.com>
Depends-On: I17359df62a720cbd0b3ff79b1d642f99b3e81b3f
This PS updates .zuul.yaml to make the voting job
openstack-helm-dev-deploy a gate check, as that is the infra
convention [0]:
"Non-voting jobs should only be added to check queues." (So
voting jobs should be added to both.)
While there are currently openstack-health statistics for the
job yet, going off the following data:
http://zuulv3.openstack.org/builds.html?job_name=openstack-helm-dev-deploy
the job currently has a roughly ~83% success rate
(11 fail, 25 pass, 36 total).
[0] https://docs.openstack.org/infra/manual/creators.html#non-voting-jobs
Change-Id: I2577d9c435be3688fc6ebc02dc97d809861b00da
This patch set updates the zuul job to not execute a full
dev-deploy job when the change only impacts documentation,
so it is inline with other jobs that runs the full deployment.
Change-Id: Ica18b5bf903765acde91e686bf6d4453fd366d06
This PS updates the developer documentation to make use
of the openstack-helm-infra repo and new developer
environment.
Implements: blueprint developer-environment
Change-Id: I45b627f78b9504dc0abfbe7d0061ea3475ee4748
This patch set makes the service-specific images for mistral
have explicit names, allowing simple over-riding of images
for an entire site.
Change-Id: I49a105a29660bbcc500e31352d639389f5636ed5
This patch set makes the service-specific images for senlin
have explicit names, allowing simple over-riding of images
for an entire site.
Change-Id: I16ba85b20c84354d7e2c35b52ccc4f766e9fecb6
This patch set makes the service-specific images for neutron
have explicit names, allowing simple over-riding of images
for an entire site.
Change-Id: Ica7e1f77f43936971d44ac0e6645ac656ca83b96
This patch set makes the service-specific images for magnum
have explicit names, allowing simple over-riding of images
for an entire site.
Change-Id: I6d1dfe6bbd5a0911cc176958b932aaaf31131620
Replace socket-based liveness checks with scripts
The current TCP socket-based liveness/readiness check for Ceph
doesn't accurately reflect when daemons are live, doesn't handle
multiple OSDs on a host, and doesn't work when hostNetworking is
in use and the Ceph network is different from the one associated
with the hostname. This change adds new scripts for checking
Ceph monitor and OSD liveness/readiness that query the Ceph Unix
domain sockets to get daemon status and exits 0 iff all sockets
report that their daemons are in an "active" state.
This isn't perfect: we don't know how many daemons SHOULD be
active, so if only a subset is live and the others have no
sockets (yet?), we'll still claim the pod is ready. The scripts
also don't distinguish between liveness and readiness for OSDs.
Change-Id: I5d370b4bc4025fece2e640355c3a29167afca871
This specification proposes to add an nginx sidecar container to support
TLS offloading and termination.
Change-Id: I6d7e19539b5411d8ab15dc2d39e2051da1cce126
External-tracking: F#47
