510 Commits

Author SHA1 Message Date
Mohammed Naser
8f0a154138 fix(nova): add default live_migration_inbound_addr
At the moment, if live_migration_inbound_addr is not defined it
will default to the hostname of the hypervisor which requires
DNS in order to work properly.

DNS can be complicated and it is possible that an environment
might not have it, so it makes sense to default to grabbing the
default route interface to do live migrations over in order
to allow live migrations when DNS is not setup.

Change-Id: I10eb63fc64d7cd34ef89df529637b1e81951e38c
2023-03-30 13:31:41 -04:00
Mohammed Naser
d77e5389f0 fix: vnc access
The VNC port option was changed long ago..

Let's catch up.

Change-Id: I9f45c7102422af20f03f95fa30271d51df6d72ee
2023-03-24 14:37:11 -04:00
Samuel Liu
73e696b3fb Replace node-role.kubernetes.io/master with control-plane
The master label is no longer present on kubeadm control plane nodes(v1.24). For new clusters, the label 'node-role.kubernetes.io/master' will no longer be added to control plane nodes, only the label 'node-role.kubernetes.io/control-plane' will be added. For more information, refer to KEP-2067[https://github.com/kubernetes/enhancements/tree/master/keps/sig-cluster-lifecycle/kubeadm/2067-rename-master-label-taint]: Rename the kubeadm "master" label and taint.

the kubernetes pr: https://github.com/kubernetes/kubernetes/pull/107533

Change-Id: Iad8c833371efb3ec35149c89eb8fafdf1150fa87
2023-03-21 09:02:00 +08:00
Sadegh Hayeri
c83582a866 Add ovn
Change-Id: Iacf6423399d51134af5b00b472ef6b42e17dfd6a
2023-03-17 21:31:48 +03:30
Stephen Taylor
884a734833 [ceph] Update all Ceph images to Focal
This change updates all Ceph image references to use Focal images
for all charts in openstack-helm.

Change-Id: I67cd294e2aabf3c3af404da42204f9b6157b06f7
2023-03-17 07:50:10 -06:00
Mohammed Naser
1885f46343 Remove deprecated config options
We have a few deprecated config options that are not being
used anymore as well as some that have been moved to other
groups for quite sometime.

Change-Id: Ibd447897f6399bab47b031ccab228188ebed8266
2023-02-11 04:14:38 +00:00
Markin, Sergiy
ccd6ab8cce Added backoffLimit control for nova-bootstrap job
This PS adds backoffLimit to nova-bootstrap job in nova chart. By default, this job was created from a template in helm-toolkit.

58291db1a6

In this commit the job was re-designed without controlling of the backoffLimit value.

Change-Id: Icb28363be8063d849fd22e9c2542edf1eb203d60
2022-11-15 17:42:16 -06:00
Gage Hugo
5ffefb60c1 Remove train and ussuri overrides
We dropped train support a long time ago now, and our latest efforts
are to drop ussuri/bionic images. This change removes any leftover
train overrides as well as any ussuri overrides. This also changes
any image defaults to use wallaby.

Change-Id: I818a3a79faa631ec1b7de625f2113c6f19610760
2022-10-24 16:00:59 -05:00
Gage Hugo
d044c0cf3d Remove list agents rally test
The list-agents rally test for nova was removed in wallaby, but it
was also only supported by the XenAPI hypervisor driver. We have
specifically overriden it for newer releases of openstack, but
with its removal and the specific driver usage, there's no real
need to keep it around.

Change-Id: I056b397444e8dc5d4b256a6fe03c23b53a0c0fff
2022-10-04 08:38:58 -05:00
okozachenko
f3ed56cc18 Use HTTP probe instead of TCP probe
Strictly speaking, open socket doesn't mean working API.
We experienced API stopped responding and the socket was still
open so API was unhealthy actually but kubernetes did not restart.

HTTP probe will fix this issue.

Change-Id: I95bb3ad3123d8a4a784d260477f037fa5506d290
2022-09-01 15:54:07 +10:00
josebb
b356cbe21f Support TLS endpoints in nova metadata-api
This allows nova metadata-api to consume TLS openstack endpoints,
typically identity endpoints.

Same idea with
https://review.opendev.org/c/openstack/openstack-helm/+/820212

Change-Id: I80e580badc96908f382fe8c6ddb2fae7caa957ed
2022-08-17 09:10:05 +03:00
josebb
6882155faf Distinguish between port number of internal endpoint and binding
port number in nova

Now binding ports of service and pod spec are configured using
internal endpoint values.
To support reverse proxy for internalUrl, need to distinguish
between binding ports and internal endpoint ports.

I added `service` section in endpoint items apart from admin,public
,internal and default.

Change-Id: Id5ce67f65374382d103c8a0aec78cb43713ce4d2
2022-08-13 12:01:37 +03:00
Brian Haley
ced30abead Support image registries with authentication
Based on spec
support-OCI-image-registry-with-authentication-turned-on.rst

Each Helm chart can configure an OCI image registry and
credentials to use. A Kubernetes secret is then created with this
info. Service Accounts then specify an imagePullSecret specifying
the Secret with creds for the registry. Then any pod using one
of these ServiceAccounts may pull images from an authenticated
container registry.

Related OSH-infra change:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/848142

Change-Id: I54540f14fed29622bc5af8d18939afd06d65e2d8
2022-08-11 00:18:37 +00:00
zhen
5598b7d6c4 Add missing configration [vnv]/novncproxy_host
[vnv]/novncproxy_host is necessary for novncproxy to binding to
specfied ip address.

Change-Id: Ib2a79e0901e9e31da37b162661f3491362378e87
2022-07-08 18:00:12 +08:00
Gage Hugo
89addfd4e1 Add Xena and Yoga values overrides
This change adds the overrides needed to run both the Xena and
Yoga releases in the OSH zuul jobs.

Change-Id: I65e016a4cb3fd52707ab29c37f025818fcb6c405
2022-06-08 17:21:57 +00:00
Graham Steffaniak
2e5b7f9cb7 add compute-kit to openstack umbrella chart
ADD: include new charts to the umbrella chart for comprehensive
     deployment of openstack-helm.

       * openvswitch
       * libvirt
       * neutron
       * nova
       * placement

Change-Id: I78d1c7c629024c3f9530239dff9f8eb9da598764
2022-05-19 17:07:31 -05:00
Schubert Anselme
8d5ddc9035
Migrate CronJob resources to batch/v1 and PodDisruptionBudget resources to policy/v1
This change updates the following charts to migrate CronJob resources to the batch/v1 API version, available since v1.21. [0]
and to migrate PodDisruptionBudget to the policy/v1 API version, also available since v1.21. [1]

- aodh (CronJob & PodDisruptionBudget)
- barbican (PodDisruptionBudget)
- ceilometer (PodDisruptionBudget)
- cinder (CronJob & PodDisruptionBudget)
- cyborg (PodDisruptionBudget)
- designate (PodDisruptionBudget)
- glance (PodDisruptionBudget)
- heat (CronJob & PodDisruptionBudget)
- horizon (PodDisruptionBudget)
- Ironic (PodDisruptionBudget)
- Keystone (CronJob & PodDisruptionBudget)
- magnum (PodDisruptionBudget)
- masakari (PodDisruptionBudget)
- mistral (PodDisruptionBudget)
- neutron (PodDisruptionBudget)
- nova (CronJob & PodDisruptionBudget)
- octavia (PodDisruptionBudget)
- placement (PodDisruptionBudget)
- rally (PodDisruptionBudget)
- senlin (CronJob & PodDisruptionBudget)

0: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#cronjob-v125
1: https://kubernetes.io/docs/reference/using-api/deprecation-guide/#poddisruptionbudget-v125

Change-Id: I2fc0692e1c8e2c4fa4d4ca1da96b5c6a832343fa
2022-05-19 10:08:18 -04:00
Gage Hugo
a8f1474d15 Update nova default image values
This change updates the default image values for nova from ocata
to ussuri to match the rest of the defaults.

Change-Id: I8c5c4e1cd743236b9403293e695e1c4ac096f879
2022-04-27 17:52:44 +00:00
Gage Hugo
d1b72aa35e Remove nova-placement from nova chart
nova-placement has been removed as of train, since we
do not support openstack releases before train, it
is no longer needed. This change removes nova-placement
from the nova chart and all the overrides, as well as
changes the compute-kit scripts to always deploy
the placement chart.

Change-Id: Ic8649371fe9e954806cbe4bf11c589fb58c7a88d
2022-04-07 14:50:29 -05:00
josebb
8b2ba7b029 Support TLS endpoints in nova
This allows nova to consume TLS openstack endpoints.
Jobs consume openstack endpoints, typically identity endpoints.
And nova itself interact with other openstack services via
endpoints.

Change-Id: Iff4422360ca51e94fd1b00854693e266cc202390
2022-04-01 19:05:59 +03:00
Thiago Brito
45ea26175b Enable taint toleration for nova
This changes use the helm-toolkit template for toleration
in openstack services

Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Story: 2009276
Task: 43531
Depends-On: I168837f962465d1c89acc511b7bf4064ac4b546c
Change-Id: I72a4f6073eaf19c662ccd0b3e35ca62c5b88ad65
2022-03-28 10:44:19 -03:00
Gage Hugo
f3de6d808a Remove consoleauth in nova
Nova consoleauth was removes several releases ago and most of our
overrides were specifically needing to disable it in order to
deploy. Since it is no longer in nova, this change removes the
nova consoleauth support from the nova chart.

Change-Id: I0a27265330156a11f6049e9beaaa14a38d8a4a93
2022-03-26 18:49:30 -05:00
Gage Hugo
03d401970c Cleanup old releases in nova
This change removes several older openstack release overrides
that are no longer used for nova. Also updates the default
image values to use the ussuri release of openstack.

Depends-on: https://review.opendev.org/c/openstack/openstack-helm/+/835112

Change-Id: I4798ead36de9b41e085796792dbcf5adc7f3c8d6
2022-03-24 19:48:27 +00:00
Mitya_Eremeev
9f5e397f3b Host of compute ironic service equals pod name.
If compute ironic pod migrates to another host,
old compute ironic service is not deleted and
in 'down' status forever. Unless it's deleted manually.
New compute ironic service is
created successfuly and in 'up' status.
This error behavior is due to host of compute
ironic service equals node name because of host networking.
The patch disables host networking which solves the issue.

Story: #2009843
Task: #44446
Change-Id: Iec86be4961cbf3a74c8028cd981ed2a9f6584add
2022-03-21 12:36:17 +03:00
Gage Hugo
b09f5c0bf0 Update oslo messaging get_transport
oslo_messaging.get_transport is currently deprecated. This change
moves the health prove to use get_notification_transport instead.

Change-Id: Iea7c914b41dec70b36ebe93fa8ce91e00894f50e
2022-02-28 02:04:15 +00:00
Anderson, Craig (ca846m)
d514395d81 Improve health probe logging for nova and neutron
1. Log specific compute services failing rabbitMQ socket tests in nova
   health probe
2. Log specific compute services failing Database socket tests in nova
   health probe
3. Make log level configurable for nova and neutron health probes

Change-Id: I5e5d909d598af734596eb1732ae42808c1f6cd12
2022-02-22 10:05:15 +00:00
Hugo Brito
3ff41ce11c Remove ssh-config
All ssh configurations for the nova-compute pods
are now done by _ssh-init.sh.tpl . This patch removes
the ssh-config that is not needed anymore.

Signed-off-by: Hugo Brito <hugo.brito@windriver.com>
Change-Id: Ib1b24466678a0df28a3ce7ba4d3fe94bfb169702
2022-02-04 10:05:14 -03:00
Ritchie, Frank (fr801x)
dac65cc6f6 Correct ssl_minimum_version
This setting needs to be in the console ini section:

https://docs.openstack.org/nova/latest/configuration/sample-config.html

Change-Id: I8c4f71bf72994f55001fc0e83d23a43dd1264a44
2022-02-01 08:49:00 -06:00
Ritchie, Frank (fr801x)
3f4b2b97b6 Add ssl_minimum_version tls1.2 to tls overrides
This change adds the minimum version of tls1.2 to not allow insecure
older tls versions to be allowed.

Change-Id: I880ac1caf31d2a26ca78389d5f96b07cf42b61ac
2022-01-24 12:20:52 -06:00
Thiago Brito
c63b1920d5 Fix nova-compute-ssh init to execute as runAsUser
On _ssh-init.sh.tpl, despite one change the runAsUser for the
nova-compute container on the securityContext, the ssh keys are always
being copied into the 'nova' user's folder. This change fixes it by
getting the correct user defined on the securityContext and copying the
keys to its correct folder.

Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: Ia7883dc4626a295892eb4637ef717b0b1725ac89
2022-01-12 17:32:12 -03:00
Huy Tran
1d7f880c42 Add check for number of computes in cell-setup-init script
This PS further enhances [1] to handle case where present
computes are up, but the number of present computes is not
equal to total number of expected computes.

[1] https://review.opendev.org/c/openstack/openstack-helm/+/815086

Change-Id: Idb2a7aeb202fe29fc528ba0dde987e7e0ee65a95
2021-11-03 11:09:02 -05:00
Phil Sphicas
46692e21d9 Fix nova-bootstrap job labels
Similar to earlier changes [0] [1], this change ensures that the labels
for the nova-boostrap job are consistently applied under .metadata and
.spec.template.metadata.

Unfortunately, there was a conflict in the "application" label that was
unresolvable in a backwards-compatible way.

    metadata:
      labels:
        application: nova-bootstrap
    spec:
      template:
        metadata:
          labels:
            application: nova
            ...

The standard helm-toolkit labels are now applied in both places, and the
application: nova-bootstrap label is removed.

0: https://review.opendev.org/c/openstack/openstack-helm/+/812233
1: https://review.opendev.org/c/openstack/openstack-helm/+/813300

Change-Id: I72275f3cf59ca8c1677922ca3b6f2e10b5578ab0
Depends-On: I0c892be5aba7ccd6e3c378e4e45a79d2df03c06a
2021-11-02 14:38:19 +00:00
Huy Tran
6b785b16dc Add option to extend the wait for cell-setup-init
In some deployement environments, nova compute processes took a bit
longer to register on all hosts, and vm/server is instantiated almost
immediately before the process is registered on remaining hosts.
This PS enhances the cell-setup-init script to enable option to
extend the wait before performing discover hosts.

Change-Id: Ie9867e64c554d4f39fdc7432823a1869f0b4a520
2021-10-26 19:03:48 +00:00
Gage Hugo
c20c1e4400 Update htk requirements repo
As part of the move to helm v3, all the charts in the OSH repos
will no longer lint/build properly due to a lack of helm serve
in helm v3.

This change modifies the helm-toolkit repo location to the
osh-infra repo in order to account for the removal oh helm serve.

This work is part of the migration to helm v3 and will be utilized
in future changes.

Change-Id: I90d25943d69ad6c76455f7778a4894f00c525c46
2021-10-10 18:45:28 -05:00
Gage Hugo
1e651dc3c3 Helm 3 - Fix Job Labels
If labels are not specified on a Job, kubernetes defaults them
to include the labels of their underlying Pod template. Helm 3
injects metadata into all resources [0] including a
`app.kubernetes.io/managed-by: Helm` label. Thus when kubernetes
sees a Job's labels they are no longer empty and thus do not get
defaulted to the underlying Pod template's labels. This is a
problem since Job labels are depended on by
- Armada pre-upgrade delete hooks
- Armada wait logic configurations
- kubernetes-entrypoint dependencies

Thus for each Job template this adds labels matching the
underlying Pod template to retain the same labels that were
present with Helm 2.

[0]: https://github.com/helm/helm/pull/7649

Change-Id: Ib5a7eb494fb776d74e1edc767b9522b02453b19d
2021-10-06 13:54:58 -05:00
Gupta, Sangeet (sg774j)
a772a30f07 nova: Update script to true of grep does get anything.
Change-Id: I54addea00b4ab91d8fe4925f88cacd582888a7f3
2021-10-06 14:02:45 +00:00
Gupta, Sangeet (sg774j)
b75545d0c6 nova: Define service cleaner sleep time
This makes the service cleaner sleep time if any service is down
provisionable.

Change-Id: If55a22c4f22ff0a48767dae3d57aca6c3c8cccac
2021-10-05 14:34:13 +00:00
Gupta, Sangeet (sg774j)
0c80a415bf nova: Give service time to restore
nova-service-cleaner job deletes the service which are down. If the
database is down, the service will go down as well. When database comes
back up, all the services starts to come back to up status. If the
nova-service-cleaner is run in this interim time, the service that
were down gets deleted. These would have come up if the job had not
run. Adding sleep to this job to give service time to come back up
if recovering. The sleep is set to 2 times the report_interval.

Change-Id: Ia292d19508e9449ccb40d1100b1d56b1283e5d53
2021-10-05 05:10:39 +00:00
Thiago Brito
b4c58ca27b Fixing nova's helm.sh/hook disablement
It's impossible to disable the helm.sh/hook for the nova-ks-service
job since the hook is being added in duplicity to the job dictionary
before the check for Values.helm3_hook. This commit removes the
duplicity so we can disable it properly.

Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: Ie72a13afc81bce4424b10bbc542dc7c44dd38975
2021-10-01 15:46:00 -03:00
xuxant02@gmail.com
a33ea84f91 Removed policies from values file
Removing the hardcoded policy document from the values file of helm chart in favor of policy in code.

Change-Id: I5c3c4699cafc76d3aa7d9c94f6e15eeff3f22b6c
2021-09-24 15:18:20 +05:45
xuxant02@gmail.com
e4fffb30e5 Fix for before option in archive_deleted_rows
Script fails with too many arguments when provided command like "$(date -d 'now - 2 days')" as the value for --before option. Addition of quotes fix the issue.

Change-Id: I0639d8aea368988976d5990c42e960de44844f61
2021-09-21 11:42:24 +05:45
Susanta Gautam
bd825495a4 Added helm.sh/hook annotations for nova chart
Chart upgrading was failing due to some immutable fields are needed to be upgraded before the jobs can be upgraded. For solving this issue, helm.sh/hook annotations with post-install and post-upgrade has been added. As for hook-weight annotations, we have added these to control the flow of the jobs with hook creation as the jobs are dependent. Like, db-init jobs need to run before db-sync and so on. Also, helm3_hook value is added in values.yaml file in case hooks needs to be disabled if needed.

Change-Id: I4d489f5ded94f19dd3fcf58dafde00b18ff5bcae
2021-08-17 21:10:38 +05:45
Chris Wedgwood
3a5c7afba1 [nova] add missing 'runlock' hostMount when enable_scsi
Change-Id: Ia6c9b50ae81bec238c4cabc422fe7140347a50a6
2021-08-06 12:51:42 -05:00
DeJaeger, Darren (dd118r)
9a8a476d9f Nova bootstrap job efficiency
This PS attempts to make the Nova bootstrap job a little speedier.
It's been noticed that flavor check/creation on initial deployment
are rather slow, so this backgrounds the creation of each flavor,
so that the defined flavors can be checked/create in parallel,
rather than one at a time. Waits for the jobs to finish at the end.

Change-Id: Ib9ab345e5aee697a41414e927910335dd286072f
2021-08-02 21:19:30 -04:00
Andrii Ostapenko
3ac3caa013 Add support for Victoria and Wallaby
Defines compute kit and cinder jobs for new releases with
corresponding values overrides.

Disables compute agent list test for Wallaby since related API
is removed [0].

Since Wallaby with switch of osc to sdk '--id auto' is no longer
treated specially in 'openstack flavor create'. The same behavior
can be achieved w/o specifying --id flag for flavor creation [1].

Starting Wallaby 'nova-manage api_db version' returns init version
for empty database greater than 0 [2]. _db-sync.sh.tpl logic prior to
this commit does not work due to this. We need to either remove
(done in current commit) or justify and alter previous logic.

[0] https://review.opendev.org/749309
[1] https://review.opendev.org/750151
[2] https://opendev.org/openstack/nova/src/branch/stable/wallaby/nova/db/sqlalchemy/migration.py#L32

Change-Id: I361431d9aa8c1a06c5d59f479fb161ecd87e2ee2
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
2021-08-02 15:46:07 +00:00
Haider, Nafiz (nh532m)
2065ccd523 Mount rabbitmq tls cert for nova-novnc communication
Change-Id: I80b2515c2f36d0167ee9ef8049bf6b167a5e399d
2021-07-28 17:07:29 +00:00
Gupta, Sangeet (sg774j)
7d3cd164ab nova: Add image clean up to rally test
Clean any images created by rally after the test is complete.

Change-Id: I266d0c94959971d259742958802ffce25448eaa7
2021-07-06 12:20:17 +00:00
xuxant02@gmail.com
c050456bdb Fix for the values in archive_delete_rows script
There was a mistake in the script for the archive_delete_rows cron for
rendering the values from the values files. Fix for taking the values
from the values file for --max-rows and --before options when enabled
using the values.yaml file.

Change-Id: Ib63920c497bbf9ac74e41bdfd0b2e580b95bebb0
2021-07-02 19:12:04 +05:45
Kabanov, Dmitrii
b1abce9a75 Add Ussuri release support
The PS adds the set of overrides for Ussuri release.

Change-Id: I6b3055e376aa14d0c2ecbea638e6e9ba3b03bde5
2021-06-30 16:47:22 -07:00
xuxant02@gmail.com
f3d361d2f7 Added cronjob for nova which will be cleaning the databases.
Script has been created with archve_deleted_rows which will run as
cronjob to move the deleted rows from production table to shadow table.

Change-Id: I1cd3e523301b1aaeb3366288d128e23aae5e0780
2021-06-24 15:49:35 +05:45