This adds taint toleration support for openstack jobs
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I8e1a719235b364907491df25ce7e32133163ecf9
With "hostPid: true" we want the entrypoint process to be libvirtd not a wrapper so that process lifecycle management works as expected.
The fix for now is
* start libvirtd
* create secrets (libvirtd needs to be running for this)
* kill it
then start it again using exec so libvirtd is the entrypoint pid
and container lifecycle should work as expected.
Change-Id: I9ef8a66da0fba70e8db4be3301833263de0617e8
This PS enables overriding liveness/readiness probes configurations
for libvirt pods via values.yaml. In addition, updating the values
for some of the fields of the probes as the default values seem to
be too aggresive.
Change-Id: I64033a1d67461851d8f2d86905ef7068c2ec43b6
Co-authored-by: Huy Tran <ht095u@att.com>
Change-Id: Ib10379829e2989d3de385ad6d1944565b2f9953f
Motivation: libvirt 127.0.0.1 listen is terrible for live migration.
To resolve that, we can use 0.0.0.0 but it is not secure so tried
to realize SSL.
Once create secrets for cacert, client&server cert and keys then it will
mounted on libvirt daemonset.
It means all instances use the same key and cert. This is not ideal
but can be considered as the first stage.
Change-Id: Ic3407e484039afaf98495e0f6028254c4c2a0a78
This patchset adds a libvirt secret for the Cinder uuid of external
ceph backend when Cinder externally managed ceph backend is
enabled.
Change-Id: I3667c13c31e49f00d2be02efa6d791ce0a580a8d
Unrestrict octal values rule since benefits of file modes readability
exceed possible issues with yaml 1.2 adoption in future k8s versions.
These issues will be addressed when/if they occur.
Also ensure osh-infra is a required project for lint job, that matters
when running job against another project.
Change-Id: Ic5e327cf40c4b09c90738baff56419a6cef132da
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: I1882738cf9757c5350a8533876fd37b5920b5235
This is to update two of init containers to use ceph confighelper image as
they are executing ceph based scripts and the image also will have latest
clients installed for ceph activities.
Change-Id: Ie4fbd8af2645d5bc5b7e4f0fd22874987a0f55f6
The work of enable dpdk in starlingx needs to achieve the overrides
of parameters such as images, tags, labels, and pods. This function
is being implemented through the support of ovs per-host overrides.
In order to transfer the parameters such as images after overrides
to the daemonset file to achieve the corresponding functions, the
functions of overrides need to be upgraded. Move the $daemonset_yaml
parameter in the daemonset file to the overrides file, so that
daemonset file uses parameters after overrides.This patch and
https://review.opendev.org/#/c/707775/ depend on each other.
Change-Id: I210e54b28e32ba1b8e281659fee8e6eda38d79d0
Story: 2007291
Task: 38754
Depends-on: https://review.opendev.org/#/c/708894/
Signed-off-by: songgongjun <gongjun.song@intel.com>
In the startup script of libvirtd, existing libvirt process,
if any, is killed before new process is created.
Change-Id: If0276353e38896962697a3f451d25d4930745c53
This PS adds emptydirs backing the /tmp directory in pods, which
is required in most cases for full operation when using a read only
filesystem backing the container.
Additionally some yaml indent issues are resolved.
Change-Id: I8b7f1614da059783254aa6efc09facf23fca3cad
Signed-off-by: Pete Birley <pete@port.direct>
This commit adds support for per-node overrides to the libvirt chart.
For example, to enable a relaxed ACS check on one host, but not another,
one may have the following in the override values file:
conf:
overrides:
libvirt_libvirt:
hosts:
- name: host1.fqdn
conf:
qemu:
relaxed_acs_check: 1
- name: host2.fqdn
conf:
qemu:
relaxed_acs_check: 0
Story: 2005283
Task: 30140
Change-Id: Ia3431db6b78692ec0140cce1bab9bae5937318a4
Signed-off-by: Steven Webster <steven.webster@windriver.com>
This adds the release-annotation to the pod spec for the charts in
openstack-helm-infra. This also adds missing configmap annotations
to charts in openstack-helm-infra
Change-Id: Ie23f0c16a7a21d3929e98928db2bbcef69ae6490
This modifies the libvirt chart to write logs directly to the
host by default. This also modifies the fluentbit and fluentd
charts to capture libvirt logs from the host and index them into
Elasticsearch
Change-Id: I0bbc49d2c0d4cf4895f797e48f309f308ffd021f
The update makes sure the Openstack service's cephx
user capabilities match best practices in terms of
security permissions after a site or software update.
Change-Id: I7c241cdb5d92463ac59c557ca7847ca5688d158b
This patch set implements the helm toolkit function to generate a
kubernetes network policy manifest based on overrideable values.
This also adds a chart that shuts down all the ingress and egress
traffics in the namespace. This can be used to ensure the
whitelisted network policy works as intended.
Additionally, implementation is done for some infrastructure charts.
Change-Id: I78e87ef3276e948ae4dd2eb462b4b8012251c8c8
Co-Authored-By: Mike Pham <tp6510@att.com>
Signed-off-by: Tin Lam <tin@irrational.io>
This PS moves to run the Libvirt process as a transient unit
on the host, free fom k8s controlled cgroups. In addition it
also uses the cloud archive provided libvirt/qemu packages.
Change-Id: Idfe9ae6f072acd86f877df0c3dfe3db4c20902d6
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds the ability to attach a release uuid to pods and rc
objects as desired. A follow up ps will add the ability to add arbitary
annotations to the same objects.
Change-Id: Iceedba457a03387f6fc44eb763a00fd57f9d84a5
Signed-off-by: Pete Birley <pete@port.direct>
This moves the libvirt chart to openstack-helm-infra as part of
the effort to move charts to their appropriate repositories
Change-Id: I02ce197f8d100da74c086d84e2f9d2b902a69e97
Story: 2002204
Task: 21723
