By default when deploying the openstack AIO, it will deploy
openstack ocata release on ubuntu xenial, which by now is quite
old and largely unsupported. This change updates these default
overrides to train and bionic respectively in order to bring
the default settings to more recent/supported releases.
Change-Id: I9b6e1120101767356413b1341828dc8d39bc9b3c
This is to update ceph scripts to create loopback devices
in single script and also to update gate scripts.
Change-Id: I937ae79512ffc998d8dbd0b277a611347550044b
This is to update loopback devices creation script to take device names
from developers in case if default devices are busy.
Change-Id: Ie368ebdfdc64ea00ccf62cf61010beddcc2cf4ce
- This is to make use of loopback devices for ceph osds since
support for directory backed osds going to depricate.
- Move to bluestore from filestore for ceph-osds.
Change-Id: Ia95c9ceb81f7d253dd582a2e753a6ed8fe60a04d
OSH requires pip3 to install the openstackclient, and a recent
change in infra made the images no longer contain
pip by default. This change adds python3-pip in order to address
this.
Change-Id: I32febc7194ced6ab88794c6ac9fa2aa373909827
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
This patch set moves pip/2 to pip/3. This also removed a cap of
cmd2 package.
Change-Id: Ia0e377092d71416e96926215fe109cfbf54bc4ed
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set adds ingress network policy testcases for mariadb
in openstack namespace.
Depends-On: https://review.opendev.org/#/c/687162/
Change-Id: Ia2bc596baf623ef3f747fbd0534c8e058e1571f8
This adds network policy testcases for memcached in openstack
namespace.
Depends-On: https://review.opendev.org/#/c/685755/
Change-Id: I99a0598172453692817420ddefd8653f292124d9
setup-client.sh is the script which setups the openstack client.
This script is referenced in the installation guide and many CI
jobs. More than installing the openstack client, the script builds
all the charts by calling `make all`. This script is also called in
openstack-helm-infra project CI job[1]. The `make all` may break the
CI at some situations. For example in the following case:
We make some changes of helm-toolkit to enhancement a tool function.
In the enhancement the function parameters are changed. At this
moment, we can't build some up-layer charts, because they call the
function with old parameters.
Actually, we don't have to make all in the setup-client.sh as we
build every single chart when we install the component. We just need
to build the helm-toolkit here. So this patch is to replace the
`make all` with `make helm-toolkit`
[1] https://github.com/openstack/openstack-helm-infra/blob/master/zuul.d/jobs.yaml#L314
Story: 2007291
Task: 38822
Change-Id: If5efb1a108a36281f2459594ba6424491d909580
Signed-off-by: songgongjun <gongjun.song@intel.com>
Currently using envsubst to perform substitution of value overrides in
the feature gate caused conflicts as gotpl gets templated into those
overrides. This adds in '%%%REPLACE_${var}%%%' and uses sed to perform
the substitution instead to address the issue.
This is to achieve parity with OSH-infra patch in [0].
[0] https://review.opendev.org/#/c/697749/
Depends-On: https://review.opendev.org/#/c/697749
Change-Id: I3ed504c65900e7b84728019f3acdf706a40c0427
Signed-off-by: Tin Lam <tlam@omegaprime.dev>
This patch set adds in default horizon ingress overrides.
Change-Id: I5a7e8197b84bc5f1ad94d5d6a1d0662257404994
Signed-off-by: Tin Lam <tin@irrational.io>
This change adds two network policy zuul checks, one for the compute-kit,
and one for cinder/ceph, to test network policy for each OpenStack
service. These checks will be non-voting initially.
The network policy rules for each service will initially allow all
traffic. These ingress/egress rules will be defined in future changes
to only explicitly allow traffic between services that are explicitly
allowed to communicate, other traffic will be denied.
Depends-On: https://review.opendev.org/#/c/685130/
Change-Id: Ide2998ebb2af2832f24ca7abc398a82e4a6d70e3
This change removes the network policy overrides that are set in
the common memcache setup script. These override will be implemented
in a future change as part of the rest of the network policy work.
Change-Id: I8954b6d88a650a576208e33b6e6e6ef00bdbef66
This PS indroduces a simpler way to incorp over-rides into gate
runs, and also ensures that they are scoped to a single chart, rather
than all of the charts deployed within a gate run.
Depends-On: https://review.opendev.org/666957
Change-Id: I49edf52cc1fc5ec60ee9754c28880c9c0c54492e
Signed-off-by: Pete Birley <pete@port.direct>
This updates the single node jobs to use the recently
added minikube deployment, with the intent to reduce
overall runtime for the single node jobs
Change-Id: I6efdbf890d86bf916cef2d1a3b7eba1f6132c2f9
This begins the reordering of the openstack-helm gates. This
deprecates the single node checks/gates that deployed the entire
stack in favor of single node checks/gates that are focused on
deploying charts with only their dependencies to reduce the
number of checks/gates required for a particular change. This also
moves the armada check to experimental, and moves the multinode
checks/gates to run as periodics. This will be followed up by
additional efforts to streamline these changes and incorporate
previous work targeting the same.
Change-Id: I63b87aceefc79a7a42c325669f2b4e3abb0c961c
This patch set updates the gate to by default uses network policy
for all components and enforces them in Openstack-helm.
Change-Id: I70c90b5808075797f02670f21481a4f968205325
Depends-On: I78e87ef3276e948ae4dd2eb462b4b8012251c8c8
Co-Authored-By: Mike Pham <tp6510@att.com>
Signed-off-by: Tin Lam <tin@irrational.io>
This updates the make command for the osh-infra charts in the
deployment scripts to account for the charts residing in
openstack-helm-infra instead of the openstack-helm working
directory
Change-Id: I9f492e586f69b0caf908366a9cae2b55da0d4cfc
adding "--ignore-installed" option to pip command
allow the script to be executed on centOS 7.5.
Story: #2003603
Change-Id: Ibb756b3b658993eb999d4a07e35c76b5811913fe
This PS disables the v2 keystone API, and finishes the migration to
full v3 support.
Change-Id: I3021ebe0bee668db9f28e7fb18e2d4b26172f209
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves to use port 80 by default for the keystone
asdmin endpoint, and adjusts paths accordingly.
Change-Id: Iccae704dadc17eba269e857301654782f64763c9
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves the Memcached chart to OSH-Infra
Story: 2002204
Task: 21727
Depends-On: https://review.openstack.org/#/c/585553
Change-Id: Iabf15db6d14df7e6b7246f8abb9d2e97f6d96172
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds support for TLS on over-ridden fqdn's for public
endpoints for core OpenStack Services. Currently this implementation
is limited, in that it does not provide support for dynamicly loading
CAs into the containers, or specifying them manually via configuration.
As a result only well known or CA's added manually to containers will
be recognised.
Change-Id: I8f1b699af29cbed2d83ad91bb6840dccce8c5146
Depends-On: I535f38a8d92c01280d79926a1f0acd06984aabbf
Signed-off-by: Tin Lam <tin@irrational.io>
Signed-off-by: Pete Birley <pete@port.direct>
The python "cmd2" package installs version 0.9+ on Python 2.7,
which only support Python 3.4+. This causes a dependency error in
the gate due to issue outlined in [0]. We will pre-install a
capped version of "cmd2" that would work with Python 2.7.
[0] https://github.com/python-cmd2/cmd2/issues/421
Depends-On: I34cbde65b74efc2805bd7785f84878783d2badbf
Change-Id: I35c5b1cf2253bd3ab953745a795be8ac42668053
Signed-off-by: Tin Lam <tin@irrational.io>
This PS stops pulling the charts default images, as the make file
target cannot target over-rides - resulting in longer gate runs with
twice as many images pulled than required in some cases.
Change-Id: I2a49ab0e8034b0aadc2c06cc347f7d76ef71784a
This PS allows the neutron and nova charts to dynamicly adapt to
various backends.
Depends-On: I0ec13f45fd4561fec59d08b08eb78390a3866156
Change-Id: I1891af4b0e49237e229ff5e61e907dc3e413cf87
This PS moves the default image in OSH for most services to use LOCI
and also provides a Kolla gate for newton openstack.
Change-Id: Ice6cb9f89bc3ce6e8280e580d215aedda9e71904
This PS updates the multinode deploy scripts to show output in the
gates, stop proxying the kubedns service, and use a pvc to back mariadb.
Change-Id: I78caf3f15e4c5ca33eaa1e592e8df958f13be90b
