This change updates many of the deployment scripts to properly
handle deploying each service via helm 3 and updates each job
to use the helm v3 install script.
Change-Id: I90a7b59231376b9179439c2554e46449d59b9c15
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: Idd97b6c8d2531c8cd55629a3ce91b2581af904f4
1)Moved Apparmor changes to overides so as to use experimental Jobs.
2)Changed Numerical Convention to openstack exporterw
Change-Id: I9ac1f6399c09fc54fcdb98eb0c6cf91912bc93c1
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
1) Added to service account name insted of traditional pod name
to resolve for dynamic release names.
2) Added Apparmor Job to Prometheus Alert Manager.
Change-Id: Ib65f721c5b99b3ae3d3af924ca5187ad6174ed20
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
If the test pod still exists, then the new test run
fails with ERROR: pods "abc-test" already exists
So, Removing remaining test pods before new test run
Change-Id: I3b3ed5ceaf420aa39a669b4a50a838ad154b1fdd
Closes-Bug: #1882030
This is to update ceph scripts to create loopback devices
in single script and also to update gate scripts.
Change-Id: Id6e3c09dca20d98fcbcc434e65f790c06b6272e8
The image for the npd is updated to use from the openstackhelm images
repo rather than the k8 image . The k8 image had some security
vulnerabities.
The version for the image is updated to latest ie v0.8.2.
Added the apparmor file.
Change-Id: I4cb40d8bac0533d516d2105f9589636c81fa4111
1) Updated docker image for heat to point to Stein and Bionic
2) Enabled Apparmor Job for prometheus-openstack exporter.
Change-Id: I1ee8acb848ece3c334b087309d452d5137ea0798
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
- This is to make use of loopback devices for ceph osds since
support for directory backed osds going to deprecate.
- Move to bluestore from filestore for ceph-osds.
- Seperate DB and WAL partitions from data so that gates will validate
the scenario where we will have fast storage disk for DB and WAL.
Change-Id: Ief6de17c53d6cb57ef604895fdc66dc6c604fd89
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: I1882738cf9757c5350a8533876fd37b5920b5235
This adds Apparmor profile to Openvswitch. This change also refactors
the apparmor job to utilize the feature gates system instead of relying
on separate scripts
Change-Id: Ie53162cfdea5553191d3b5dbdfec195e4001b255
Signed-off-by: diwakar thyagaraj <diwakar.chitoor.thyagaraj@att.com>
This moves from using the docker profile to the default
runtime profile - which allows container engines other than
docker to work out of the box.
Change-Id: Ica5a48f8c43b90f07969b41e10dc472a772b5b43
Signed-off-by: Pete Birley <pete@port.direct>
This updates the overrides used in the apparmor nonvoting job, as
recent changes to the Elasticsearch chart values structure have
resulted in this jobs repeated failure
Change-Id: Id5427cd19a382e72435ab361003bbd5f99d678ce
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This patch set adds the feature gate capability to OpenStack-Helm-Infra
repository without depending on the main OpenStack-Helm repository.
Change-Id: I70b8fac4fd2365f8eedcf50519f125eb34534f2f
Signed-off-by: Tin Lam <tlam@omegaprime.dev>
Signed-off-by: Tin Lam <tin@irrational.io>
This updates the apparmor job to account for the splitting of the
fluent-logging chart, as it was missed during that change. Now,
the apparmor job will deploy fluentbit as well as fluentd deployed
as a daemonset running as a collecting agent
Change-Id: Iefa50f474b57a10c5e7e5a9032c7b23d26d97640
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This fixes the ceph deployment in the apparmor job as the previous
overrides weren't entirely correct. This also reorders the
deployment steps in the apparmor job to enforce the sequential
naming scheme used
Change-Id: I161bae649d4ff67307abeadc12b3c7d321af31c7
This updates the apparmor job to only use the docker default
profile for memcached, as the custom apparmor profiles used didnt
allow for a successful deployment. This also updates the libvirt
overrides, as the current change to use daemonset-overrides
required updating the container name.
Co-authored-by: wilkers.steve@gmail.com
Co-authored-by: ld366r@att.com
Change-Id: I00cb4c62a38e0e1178e45b4e34c946b3b53da6d5
This patch place in a sample for an init container, generated by
helm toolkit, to load an apparmor profile included in the chart.
Change-Id: I309e3b550fd1d683745c319aa39bcfb96b77ea14
Signed-off-by: Tin Lam <tin@irrational.io>
