This PS seeks to reduce the load exerted on the node in the single
node gate test - as a the single node gate is currently broken
due to resource starvation on the nodes.
Change-Id: I34db5108b4abb48bb452eed73067644cc03270c0
This PS changes the MVP deployment of Neutron to use the native
interface rather than shelling uout to the clients. The values
were inserted during the original development of the MVP deployment
and subsequently left.
Change-Id: Ie098dc71a0fc82f000b7c40048e9f35913f05a79
This PS adds a functional test of heat in the OSH gates, it also moves
most params to a seperate file - making config of the gate in non-zuul
environments simpler.
Change-Id: I37a1bc0dcc8000c5da8067a8d376c78f7cd6f7ab
This PS adds heat to the single node and Armada based deployment
checks in the gate scripts. Additionally it moves the client calls
in the check scripts to use the heat engine pod.
Change-Id: Iccc996fb2b2140ed19c6708d6033b4a9dd1bfc46
This patch set adds basic barbican test using the OpenStack Client. This
patch set also addressed an issue where the href contains a duplicate
version in the path, e.g. http://URL:xxxx/v1/v1/secrets in secret path.
Change-Id: Ie66d00d5a0b02721ba41e6bf4b5e784fb49adce8
Armada is a tool for managing multiple helm charts with dependencies by
centralizing all configurations in a single Armada yaml. This yaml is
used for a full OpenStack deployment.
Co-Authored-By: Alexis Rivera <gardlt@tetrasol.org>
Co-Authored-By: Pete Birley <pete@port.direct>
Change-Id: I70b41f038c2819aeaa4b2c7bb617b7b2c38441d1
This PS should make the multinode gate more reliable for ceph.
It's not perfect in that is uses the default route IPs in zuul, which
has a performance hit. The bash is also ugly as sin - but it gets us
moving again until somone has time to implement a more eligant solution
that works both in infra supplied nodes and other CI systems.
Change-Id: Ie1326f048c43d04a945ca155bde8824d17ddcbec
While trying to regenerate the .conf files, the gen-oslo-openstack-helm
tool spits back an error because of the removal of log translations in
OpenStack [0]. This patch set replaces the removed _LW() with the default
_() so the tool does not error out unexpectedly.
[0] d5e3652d12
Change-Id: I665775ae075b6ce0d1aa74ca5732e9e6566ff174
Keystone supports (and that's a default setting since Ocata) using
non-persistent fernet tokens instead of UUID tokens written into the DB.
This setting is in some cases better in terms of performance and
manageability (no more tokens DB table cleanups). OpenStack-Helm should
be able to support it.
General issue with fernet tokens is that keys used to encrypt them need
to be persistent and shared accross the cluster. Moreover "rotate"
operation generates a new key, so key repository will change over time.
This commit implements fernet tokens support by:
* A 'keystone-fernet-keys' secret is created to serve as keys repository.
* New fernet-setup Job will populate secret with initial keys.
* New fernet-rotate CronJob will be run periodically (weekly by default)
and perform key rotation operation and update the secret.
* Secret is attached to keystone-api pods in /etc/keystone/fernet-tokens
directory.
Turns out k8s is updating secrets attached to pods automatically, so
because of Keystone's fernet tokens implementation, we don't need to
worry about synchronization of the key repository. Everything should be
fine unless fernet-rotate job will run before all of the pods will
notice the change in the secret. As in real-world scenario you would
rotate your keys no more often than once an hour, this should be totally
fine.
Implements: blueprint keystone-fernet-tokens
Change-Id: Ifc84b8c97e1a85d30eb46260582d9c58220fbf0a
This PS adds loopback device support to the gate scripts.
Rather than using simple loopback devices we use iscsi to
allow is to target the created devices via the bus they are
connected to. An arbitary number of devices of a desired size
can be created, and controlled via env vars.
Change-Id: I05fb7f3a1564bc36903aed2c46ed996bb8cc57c8
Ceph's health when running in the single node gate currently
is 'HEALTH_WARN'. This PS adds an extra config option such that
the ceph cluster will not attempt to perform replication when deployed
on a single node, as well as introduces a mvp yaml file for ceph
deployments in the gate.
Change-Id: Ib2ec3345140f541c94da044ff9d77723ea3ee2bd
This enhances the stability and recovery of ceph by leveraging
hostNetworking for monitors as well as OSDs, and enables the
K8S_HOST_NETWORK variable within ceph-docker. This enhancement should
allow recovery of monitors from a complete downed cluster.
Additionally, ceph's generic "ceph-storage" node label has been
split out for mon, mds, and osd.
Co-Authored-By: Larry Rensing <lr699s@att.com>
Change-Id: I27efe5c41d04ab044dccb5f38db897cb041d4723
This PS adds a chart to setup the resolv.conf on hosts running
openstack-helm. The purpose of this is to reduce friction when
performing basic deployments of OS-H.
Change-Id: I6c6348afb01869cff9a90328ede795d92a91fb12
This patch set addresses an issue where the ``arp`` command cannot
be found by a non-root user due to path.
Change-Id: Ibfca30f38d72c5be0b98d92bd03ec40160196160
Signed-off-by: Tin Lam <tin@irrational.io>
This PS changes the basic_launch .sh script to use the local chart
dirs to launch services - making it much easier to rapidly develop
charts locally.
Change-Id: Ib62cb8373708457b892e75cd916942620ca24fb6
gen-oslo-openstack-helm generated configuration file templates in
incorrect form, causing setting mulitple values in Values.yaml to
produce something like:
foo=barfoo=baz
This commit fixes this in the generator and updates config file
templates to generate configs correctly:
foo=bar
foo=baz
Change-Id: Iea661dcf1710987b2e111d7141ba888f01c44a50
Closes-Bug: 1699581
This PS adds soft anti-affinity to all pods in OS-H. By doing so
resiliancy is improved by attempting to ensure that pods are created
on seperate nodes.
Change-Id: I0c1092498f7a1e44218ef785ca3f73fa9f49819c
This PS changes the services launched in the single and multinode
gates to reflect the resources avalible.
Change-Id: I6b2824ef98fefb5532ebaae315c3c5a4c6f730da
This PS organizes the installation document tree for easier navigation
and updating relevant content.
Change-Id: I51951d99dfc06bf441bd65ca817119cbca061851
Originally, the function to execute helm tests expected the helm
release to be in the openstack namespace. This changes the
function to get the namespace directly from the helm releases to
allow for the gathering of logs and removal of resources from the
namespace a release was installed to
Change-Id: Ic9d1215f363a6251bcc33bead311aba1ba67a658
This PS changes the install guide in order to have users pull our
custom kube-controller-manager image prior to initializing their
Kubernetes cluster. Also changes the reference in the gate to remove
redundant lines.
Change-Id: Ic32742b1df8145a99c8333a3d0711113e3cce30e
