This PS moves the keystone endpoint jobs to be driven by
a helm-toolkit function providing greater consistency
to the charts in OSH, and reduced tech debt.
Change-Id: I06555171ce93a2b0a8798bc891a2990ea9626276
This PS moves the keystone service jobs to be driven by
a helm-toolkit function providing greater consistency
to the charts in OSH, and reduced tech debt.
Change-Id: I36e012854473fcb942d62391d182ee6a8406bb72
This PS updates the Keystone user job template to use default
values when not specified via the input dict.
Change-Id: I937e720ab3ab4ba70c33ea981d7693ebfd01c894
This PS moves the keystone user jobs to be driven by
a helm-toolkit function providing greater consistency
to the charts in OSH, and reduced tech debt.
Change-Id: Ic5eb172b0443f61b8ecab8b3a607c764fb145c75
- corrected the path of "socket" volume, which is used for sharing
metadata proxy unix socket among the agents
- and give neutron user permission to write to the dir
- set the default nova_metadata_ip to full hostname of metadata
so that it could be accessed properly via ingress
- removed unnecessary configurations from values
Change-Id: I4d20dc670fecebd9799851d659c5f42edb4821ac
Closes-Bug:1745370
This PS removes the user managemnt from the rally driven helm tests
which allows LDAP and other read only sources being used to validate
service functionality, in addition to reducing false -ve results in
the Zuul gates.
Change-Id: I1cc0e99bf74d578648b3cd40eaf60c1804044d88
This PS moves all credentials for OpenStack services from 'user' to
the service name. This allows a single yaml snippet to articulate
the credentials for a deployment.
Change-Id: Ic720109f2ba854561b23767cb480bcae91f74b6b
This PS allows the ingress rules to be dynamicly driven from the
values.yaml, permitting the ingress cotnroller to ba changed and
custom rules to be applied: eg whitelisting of clients.
Change-Id: Ica6b4692ff9b6b77d1efe6bae212a1227e56ca66
This updates the names of the helm test pods to give all services
in OSH-infra/OSH a uniform '{{ .Release.Name }}-test' name, which
allows for easier gathering of test results across all deployed
services
Change-Id: I24df7a18d32b99d1ffaad19647ef724316e2fe20
This patch set makes the service-specific images for neutron
have explicit names, allowing simple over-riding of images
for an entire site.
Change-Id: Ica7e1f77f43936971d44ac0e6645ac656ca83b96
External traffic policy "local" would be preffered when openstack
service is accessed from external via node port. This option has an
effect only when service node port is enabled.
Change-Id: Ic68cfc59dc39dc842d4790deffa70efe433dd7a6
This PS moves the loading of kernel modules required by services to
being perfromed via a chroot on the host, this ensures that the correct
module is found and provides compatibility across distros.
Change-Id: I889fdd047a24bf4b123dadf9f6d6e6e8079d69d1
This PS updates the values file layout for images to allow simple
parsing of the images in use by charts, allowing them to be queried
and modified much more simply. By moving the image tags to a 'tags'
key, we can extend the options used simply to accomodate extra
options simply (eg prefixing the tag for use with an internal
registry) or pre-pulling the images to reduce chart deploy failure.
Change-Id: I9ec1dbb00d997ab6cb021bf0b698f7aae740e95d
This PS updates nova to set metadata's clusterIP dynamically and
neutron to set nova_metadata_ip from metadata hosts
If specify a clusterIP, it is hard-coded as before also.
Change-Id: Ib0d6df8272bd8494bb59ffc8e6b2cfa36a901f60
Closes-Bug: #1715553
This PS update the logic used to determine the default tunnel
interface if one is not specified, as the original method could fail with
complex device names.
Change-Id: Ifec81f517ee29bef0926779591ab9cf5fe0e63c4
This PS moves the rally test config into values.
Partially implements: blueprint remove-pregenerated-config-templates
Change-Id: Ic051e762d792308de1d6038c37ca71c3efc9698c
This PS moves the nova credentials from the config section
of the values.yaml to the endpoints section, seperating them from
the service configuration.
Change-Id: Idfc696e0fc907b702a8ca81d81e50cb252cb7af8
Implemented Kubernetes jobs to drop a database for an OpenStack service
on deletion of Helm chart. This job is configurable to be enabled or
disabled in the values.yaml file for each chart.
Change-Id: Ia1a0834cb43c7e883aaf507a7c7683fa1cf4e838
This PS removes the modified oslo-genconfig from neutron.
Partially implements: blueprint remove-pregenerated-config-templates
Change-Id: I73091b7ad1af74e3a660ff17031f09628b33d17f
Grep the output from 'ip route' command matching first word after match.
The OVS was fixed some time ago, but in new linuxbridge the default
tunnel interface was following wrong grep expression.
Making both OVS and linuxbridge to follow the same reg exp.
Change-Id: I222d694b06285d5ec3d848ee157542796dfc1cc7
Closes-Bug: #1700323
Add neutron prefix to lb-agent and ovs-agent.
Rename ovs-db and ovs-vswitchd to openvswitch-db and openvswitch-vswitchd.
Change-Id: Iad69b0c00d17e59a9f0eb66003e4512ccaeab128
This PS adds namespace and fqdn support to endpoint lookup functions,
it also permits over-riding of the puplic endpoint for ingress.
Change-Id: Ib61c5c00a214d75fe85fbffe9080c2ae88bd8cb9
This PS moves OpenVSwitch into its own chart - decoupling it from neutron,
both making it easier to deploy and use seperately and permitting
use of other network backends.
Partially implements: blueprint split-nova-and-neutron-infra
Change-Id: Ifd637136b950ddf1ba1c26ce76c9bbdeafc232c3
Adding daemonset for Linux bridge. Using node selector
"linuxbridge enabled".
network.backend added in neutron/values.yaml to support scenario for
different SDNs using the same networking software, like OVS is used
for reference Neutron L2 agent, ODL, OVN and SONA. The other option for
network.backend can be linuxbridge and calico.
network.backend impacts configuration of DHCP, L3 and metadata agents.
Those agents are dependent on ovsdb_connection flag (officially it is
placed in openvswitch_agent.ini file).
Added daemonset_lb_agent flag in manifests section. Currently
OVS and LinuxBridge L2 agents can be turned on/off to be deployed.
OVS L2 agent and OVS as a network virtualization SW can be deployed
independently.
Removed conf.neutron.default.neutron.interface_driver, since it was not
used anywhere.
Marked places in neutron/values.yaml where changes are needed in order
to use linuxbridge for:
- neutron.conf interface_driver
- ML2 mechanism driver
- dhcp and l3 agents interface_driver
Added example of neutron values overrides in:
tools/overrides/mvp/neutron-linuxbridge.yaml
Change-Id: I7cdcfaa9a73af392a0d45f7df29b7b3ae3cc4c76
Implements: blueprint support-linux-bridge-on-neutron
Before this change, there was no ability to append custom volume for
any of the services. The reason was a missing new line character, so
the templates were formatted like this:
- name: pod-shared
mountPath: /tmp/pod-shared - mountPath: /tmp/test2
name: test2
Apart from that, for some of the services (mostly job-bootstrap) invalid
indentation for custom volumes (and their mounts) was set.
Closes-Bug: 1712745
Change-Id: Ib57c76a34c0e28ad9e67ea47d1fc250b17711a42
Signed-off-by: Mateusz Blaszkowski <mateusz.blaszkowski@intel.com>
This PS adds a configmap teplater helper to helm-toolkit. It makes it
simpler to write consistent charts that supports over-riding of all
values.
Change-Id: I9a587999859ea02802485eb25a3f0ebec8c712a8
Now, openstack-helm support "helm test" function, and It execute rally
container.
Rally also can test Tempest itself, so this fix will be add tempest
test in rally container.
Change-Id: I2c2f684f6583f2a3d9c7279a3d85cb242934e90e
Implements: blueprint add-tempest-in-helm-test
This patch set enables keystonemiddleware memcache encryption by providing a
random string key into the service configuration file, and setting the
memcache_security_strategy as ENCRYPT.
Change-Id: Ia030f5414308a29096c644bae70047a323eaffde
This PS removes the licence header from rendered output from tiller,
significantly reducing the configmap size of charts deployed to the
cluster.
Change-Id: I5d1b246f2068f3b83bf59ba79fe8b88bbc9a6161
This PS allows the rendering of manifests to be controlled. It enables
both increased control over deployment when required but also makes
development of a feature easier to target.
Change-Id: I1716e8ee23fe5c53f935bd739ea283bc4a2a9963
This PS adds labels to all jobs in OpenStack-Helm, allowing them to be
found by label searches. This makes management of large clusters using
tools like Armada easier.
Change-Id: I49b2cb7a94fab96958f187ca11e2c2a0c80ff843
This PS moves the mounts key to be under the pod key in the values.
It brings further consolation of related configuration params to be
nested under common keys across all charts.
Change-Id: If9963e4f8b438847e2fcad3bdd8c0d71ca9ecdd8
This PS move s the replicas key to be under the pod key in the values.
It brings further consolation of related configuration params to be
nested under common keys across all charts.
Change-Id: I420b06debd0a62ba5d83497be43ff6c49c49d339
Hardened the grep/awk that extracts the default interface for use
as the tunneling interface. The command failed on multiple
Ubuntu machines as-was.
Change-Id: Ib7d0a8e55e67391d6cb7a58910cfc2ed617a4cbc
This patchset enforces stricter file permission on *-etc configmap and
sets readOnly flag to true in a number of charts.
Change-Id: I233689a5d56dd1352e0d81997a94b4cdd6bed5d2
Signed-off-by: Tin Lam <tin@irrational.io>
