This PS fixes the heat cadf values key, to use the correct value.
Change-Id: I3efeccc2ba9bbebd7dc4b175244f00173c39d1ef
Signed-off-by: Pete Birley <pete@port.direct>
Create the overrides file necessary for Rocky release:
- api-paste entrypoint neutron.api.versions:Versions.factory deprecated
Deployment script needs to be executed with OSH_OPENSTACK_RELEASE value.
Change-Id: If0d3553bd004426d8e97e1fa62ee9b99f4a895a9
Currently there is fake rpc call "pod_health_probe_method_ignore_errors"
that is passed to the service, just to find out if it is responding. Because
such method does not exist, it is needed to catch and handle the exception
that is inevitably thrown by the service.
While this is technically working correctly, the exceptions pollute the
log files and make it harder for user to see possible real errors.
This is how the error looks like:
ERROR oslo_messaging.rpc.server [-] Exception during message handling: oslo_messaging.rpc.dispatcher.UnsupportedVersion: Endpoint does not support RPC version 1.0. Attempted method: pod_health_probe_method_ignore_errors
ERROR oslo_messaging.rpc.server Traceback (most recent call last):
ERROR oslo_messaging.rpc.server File "/var/lib/openstack/lib/python3.6/site-packages/oslo_messaging/rpc/server.py", line 163, in _process_incoming
ERROR oslo_messaging.rpc.server res = self.dispatcher.dispatch(message)
ERROR oslo_messaging.rpc.server File "/var/lib/openstack/lib/python3.6/site-packages/oslo_messaging/rpc/dispatcher.py", line 276, in dispatch
ERROR oslo_messaging.rpc.server raise UnsupportedVersion(version, method=method)
ERROR oslo_messaging.rpc.server oslo_messaging.rpc.dispatcher.UnsupportedVersion: Endpoint does not support RPC version 1.0. Attempted method: pod_health_probe_method_ignore_errors
This situation is new since https://review.openstack.org/#/c/639711/
which (correctly) increased the default level of logging. Before 639711
error messages from oslo (both real and ones that could be ignored) were not
present in nova logs at all.
Fortunatelly, nova's BaseAPI class provides 'ping' method that is can
be used for this basic purpose by all nova components.
Change-Id: I0062e74bed399206becb8d9e00f9ec805da864a3
In _ironic-conductor-pxe-init.sh.tpl file,
there are only codes for ubuntu system.
However in Openstack-Helm especially in kolla image,
there are Ubuntu version and CentOS version.
So add codes for OS dependency check and ipxe file PATH for each OS.
Change-Id: I04886da64ae0dfda782bcd8d8d2cde960ab1db1d
Signed-off-by: TaewooLee <tw0410.lee@samsung.com>
This change adds a conditional to the _fernet_setup to avoid
overwriting credential-keys when keystone-manage credential-setup
is ran and there are already existing credential keys. This will
mitigate issues where encrypted credential blobs in keystone were
becoming un-decryptable when the credential keys were being
overridden or lost upon upgrading.
Change-Id: Iac2b080d5d44bdf07534126419a1d5dd86055d6b
This change reenables the create and list ec2 credential test.
The previous issue of undecryptable credential blobs being
left over was fixed in a previous change.
Change-Id: I81014489dd16d6c57a89ddb3ac3d205209e4acdf
This patch fixes several typos I found while reading the documentation
Change-Id: I01b1766403761c7e85303a214baeb0c5337fd0c2
Signed-off-by: Manuel Buil <mbuil@suse.com>
This PS adds emptydirs backing the /tmp directory in pods, which
is required in most cases for full operation when using a read only
filesystem backing the container.
Additionally some yaml indent issues are resolved.
Change-Id: I9df8f70e913b911ff755600fa2f669d9c5dcb928
Signed-off-by: Pete Birley <pete@port.direct>
Currently openstack volume type list --default
returns 404 if the openstack environment is
deployed using openstack-helm. The value
default_volume_type was previously unimplemented
in values.yaml for cinder.
Change-Id: Ifb6d54d875d5cbaffc8330d15d999ef830010177
When novnc pod is re-run because of host reboot and so on,
novnc pod has existing volume /tmp/usr/share, which has 0444 permissions.
So init container occurs an error while it tries to copy asset files.
cp: cannot create regular file '/tmp/usr/share/novnc/index.html': Permission denied
With -f option, the init container can copy without errors.
Change-Id: I56d928b7f4a30a6be29b47560357a3b4f5eec764
Signed-off-by: hagun.kim <hagun.kim@samsung.com>
removing readOnlyRootFilesystem flag since pods are running to
crashLoopBackOff state by implementing HTK functionality.
Change-Id: I221bdb54b1e94e4089fb079f161dcb4de4dd3571
This change creates a pre-delete hook to clean out all entries
in the credential table of the keystone database when the
keystone service is deleted. Note that these are not
the typical username/password.[0]
This fixes the issue of leftover credential blobs being saved
in the database that are unable to be decrypted since the
original encryption keys are removed upon deletion of the
keystone service
[0] https://specs.openstack.org/openstack/keystone-specs/specs/keystone/newton/credential-encryption.html
Change-Id: I8adf0878af2f3b880e9194a6cb8d97b58d6895a5
changes the default admin_domain_scope to false as we do not provide
an admin scoped credentials in the default deployment
drops volume-feature-enabled -> api_v1/api_v3 as its deprecated and
instead use catalog_type to let tempest know which version to use
drop identiti-feautre-enabled -> api_v2 as its deprecated
Change-Id: I508b5d3e59b33e2c37155918ce99504e1b760210
Currently a pxe-client has to contact with ironic-api through
it's internal endpoint during lookup() period.
However, the pxe-client cannot access kube-dns by ifself,
so it needs additional dns server. (or Using NodePort)
With additional dns server, it will be safer for pxe-client
to contact with ironic-api through it's public endpoint(passing by ingress)
rather than internal endpoint directly becuase internal pod's IPs would be changed frequently.
Also, I refered to {Values.conf.ironic.glance.swift_endpoint_url}.
(swift is also accessed by the pxe-client and swift_url's default is public endpoint)
Change-Id: I0ad97f3ed608973d7e5a4a11d87595fe258a0db5
