This PS updates the armada manifests to delete all jobs for a release
via the `release_group` label. It also extends this to cover charts that
do not currently have jobs contained, to allow simple future expansion
of services.
Change-Id: I28bd9e2c2ebc22ca9c4319970c657298281e28d2
Signed-off-by: Pete Birley <pete@port.direct>
This PS makes some minor updates (links, formatting)
to the Multinode guide and adds some helpful warnings
and notes.
Story: 2002526
Task: 22064
Change-Id: I21a50b7126c2bb1fcd412a8ae713856e9fab4050
Keystone token expiration, rotation frequency and active keys
values should follow the formula:
max_active_keys = (token_expiration / rotation_frequency) + 2
max_active_keys by default is 3
token expiration set to 43200 (12h)
rotation frequency set to 12 hours
Change-Id: Ia04daec9b2905ef2d3f2d4fbb43557dda220dc70
Signed-off-by: Ruslan Khanbikov <rk760n@att.com>
This PS updates the Nova and Libvirt charts to mount the vm state
directories with bidirectional mount propagation for k8s >= 1.10.
This allows mounts created by some volume drivers to be used, and
unaffected by pod restart.
Change-Id: Idaf664efb23a424dd8d9e1376ea7231b8565e3fe
Signed-off-by: Pete Birley <pete@port.direct>
Ideally, this would completely own the postgresql.conf file that
is autogenerated by the container. This should not be done without
further deliberation though on what impact that may have. For now,
this allows some critical items to be manipulated at installation
time but does not meet the full need of complete configuration
flexibility.
Change-Id: I94fd3ac42398f8114c0b5c8b4ef0a6a96e530f96
This PS moves the neutron agents to run as child processes of either
the pause container or use the hosts init system (for k8s <1.10)
to prevent defunct process sprawl.
Change-Id: I3392bdc957144c1aa83314583d57183d35279336
Co-Authored-By: Hyunsun Moon <hyunsun.moon@gmail.com>
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves to use the swift backend for glance by default, which
in the case of OSH is currently served by keystone auth'd radosgw.
This change moves the chart to be inline with the current gates, and
deployments - which have been using swift by default for some time.
Change-Id: Ia9c954ae2bd833e7f449bfdf7c51f8df5c78ba57
Signed-off-by: Pete Birley <pete@port.direct>
This introduces a mechanism for generating the logging.conf
file for the openstack services via the values. This allows us to
define loggers, handlers, and formatters for the services and the
modules they're composed of.
This also allows us to take advantage of the oslo fluent handler
and formatter. The fluent handler and formatter give us the
following benefits: sending logs directly to fluentd instead of
routed to stdout/stderr and then through fluentbit to fluentd,
project specific tags on the logged events (enables us to define
more robust filters in fluentd for aggregation if required),
full traceback support, and additional metadata (modules that
created logged event, etc)
Depends-On: https://review.openstack.org/577796
Change-Id: I63340ce6b03191d93a74d9ac6947f0b49b8a1a39
This PS adds support for TLS on over-ridden fqdn's for public
endpoints for core OpenStack Services. Currently this implementation
is limited, in that it does not provide support for dynamicly loading
CAs into the containers, or specifying them manually via configuration.
As a result only well known or CA's added manually to containers will
be recognised.
Change-Id: I8f1b699af29cbed2d83ad91bb6840dccce8c5146
Depends-On: I535f38a8d92c01280d79926a1f0acd06984aabbf
Signed-off-by: Tin Lam <tin@irrational.io>
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates horizon to use internal endpoints by default.
Change-Id: I8fa9286859a710ef434d2321a6be19be978b1690
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the glance storage init job to use the internal
endpoint by default.
Change-Id: Id85946fbe3b897a45d671b972621f94ff9173e17
Signed-off-by: Pete Birley <pete@port.direct>
This PS fixes the ironic gate deployment, by adding the ceph namespace
ingress controller.
Change-Id: I21d8ae257dac4e0c268981bb253c86e543ed9218
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the ceph chart to use the ingress controller for
the radosgw.
Change-Id: Ie0ff4d9dd91d8228170e0ed4f2793599132077a7
Signed-off-by: Pete Birley <pete@port.direct>
This updates the values in the armada LMA and OSH manifests to
include similar overrides for ceph to those used in the standard
multinode gates
Change-Id: I435ae0ad761da626591fa45486764d71566fd966
This PS moves to use the internal endpoint for nova interaction.
Change-Id: Ifb796fb80314c97bc117d82a93a9cd0cfa95591e
Signed-off-by: Pete Birley <pete@port.direct>
As of Rocky, keystone creates a default "member" role upon bootstrap.
This change modifies any references to the manually created
"_member_" role to "member". In a future change, the manualy creation
of this role in keystone can be removed since it will no longer be
needed.
Change-Id: I65c63695976f38da21dc6dd8f40ad70e23da6f48
This PS updates the ceph daemonset over-rides function to
reference the correct key, rather than the chart name to
apply host/label specific configuration.
Change-Id: Id4004077a7cc0e7e4caceff6779165e8a7c3e6ef
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the dnsmasq pod that runs in the gate to allow vm's
API access to only bind to br-ex, as otherwise it collides with other
DNS servers running in the gates.
Change-Id: I85bb3043d56689ad8ee2996df61d23969a535de1
With libvirt 2.0, when using qemu cpu mode is not properly
evaluated and need to be set to cpu_mode = none.
Add this option when kvm is not supported, otherwise user
will still facing errors when launching instances over qemu.
Change-Id: Ib00fa257fb33fd3281f484a47a945640da8dda56
This change add the "nginx.org/proxy-max-temp-file-size" value
to the ingress chart's values file, sets it to "0" to
disable temp file caching, and allows serving files of any size.
Change-Id: I536ad98585e0270e033db2bc85d448981b3cfd90
