With this patch we allow for a more easy way of overriding some
of the values that may be used in other distros while maintainting
the default values if those values are not overriden.
The following values are introduced to be overriden:
conf:
security:
software:
apache2:
conf_dir:
site_dir:
mods_dir:
binary:
start_flags:
a2enmod:
a2dismod:
On which:
* conf_dir: directory where to drop the config files
* site_dir: directory where to drop the enabled virtualhosts
* mods_dir: directory where to drop any mod configuration
* binary: the binary to use for launching apache
* start_flags: any flags that will be passed to the apache binary call
* a2enmod: mods to enable
* a2dismod: mods to disable
* security: security configuration for apache
Notice that if there is no overrides given, it should not affect anything
and the templates will not be changed as the default values are set to what
they used to be as to not disrupt existing deployments.
Change-Id: I7622325cf23e5afb26a5f5e887458fd58af2fab8
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the panko-api service.
This provides the ability to audit API requests for panko.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: I5c0e3c61317483d36fcb05ebff8b377941675c27
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the cinder-api and cinder-scheduler services.
This provides the ability to audit API requests for cinder.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: If81b88a4003bc4394ef4a378626cf5d6edb9c4ae
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the ceilometer-api service. This provides
the ability to audit API requests for ceilometer.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: I9d49769bc04f9623ecf5ba4276665dc3b5bebd07
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the nova-api services.
This provides the ability to audit API requests for nova.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: Ic6df044d83f4dee581c9cc0405f61d926e45bcab
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the neutron-server service.
This provides the ability to audit API requests for neutron.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: I86b4df1436ae59bc9a151c28337af7c06c83e45f
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the heat-api, heat-cfn, and heat-cloudwatch
services. This provides the ability to audit API requests
for heat.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: Ib5a7dfd882416553ff6f43aa009e3e67871d7f4c
log_level variable is added to Horizon configuration. This
will enable the overwriting of the log levels in a
customized manifest.
Change-Id: I15381add9ee1e880e73004131b329ac02972755b
Signed-off-by: Huang,Sophie <sh879n@att.com>
This change adds the keystonemiddleware audit paste filter[0]
and enables it for the glance-api and glance-registry services.
This provides the ability to audit API requests for glance.
[0] https://docs.openstack.org/keystonemiddleware/latest/audit.html
Change-Id: I3b42717dbc11257c21b27e7c68dedc3283e1bd34
Using {{- if for the volume mounts caused them to be added inline with
the previous line.
Removing the - from the if expression makes them be properly aligned on
the next line
Change-Id: Ia5e28366fb1f2ae7420b7f5217c10cbb94bc48ab
- Fix .ssh/config file mapping
- Move private key from nova-compute-ssh container to nova-compute
container.
- Map private and public keys to configmap-ssh which will default to
the appropriate file permissions.
- Add additional config to /etc/ssh/sshd_config to allow passwordless
root logins over appropriate subnet passed in from overrides.
- Remove chmods from sshd bash script as they are failing.
Depends on helm-toolkit supporting multiple containers per daemonset
pod.
Story: 2003463
Task: 24723
Change-Id: Idd2e802c293f1e14991ee787ade9a4936fb373ff
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
This adds a nonvoting apparmor check job to openstack-helm, which
allows for the removal of default apparmor profiles from the nova
chart. This job also includes overrides for using the default
docker apparmor profile for the neutron chart
Change-Id: I8f407f24b7f10c5d7cf10f21f73671f7e6c72767
without the dependencies in the values.yaml, the role and rolebinding will
not be created by helm-toolkit as it uses those to create and generate the
role/rolebinding for the accounts
Change-Id: I711d5fc4a2a376a29daf526fc420790ea9cacf25
Currently there are issues with using the memcache_pool backend as
the memcache driver for nova under python3[0][1] which doesnt seem
like they have a quick fix or something that is backportable to
rocky
This moves the default cache from oslo_cache.memcache_pool to
dogpile.cache.memcached so we can move forward with python3
enabled images.
[0] https://bugs.launchpad.net/cloud-archive/+bug/1812672
[1] https://bugs.launchpad.net/oslo.cache/+bug/1812935
Change-Id: I65a4770c374357a8e1c80d904bcd4af36217448f
This adds the force and recreate_pods upgrade options to the
rabbitmq chart in the armada manifest to allow for successful
rotation of user secrets on upgrades
Change-Id: I8268300845c665abc1b8b139a81f339e5d66a10c
This commit adds a helm chart to deploy aodh.
The default deployment for aodh is ocata.
Change-Id: Id0312d90f079bd36daa1c80d2a9ecaa5fbfed7cd
Story: 2005022
Task: 29501
Signed-off-by: Angie Wang <angie.wang@windriver.com>
With this patch we allow for a more easy way of overriding some
of the values that may be used in other distros while maintainting
the default values if those values are not overriden.
The following values are introduced to be overriden:
conf:
software:
apache2:
conf_dir:
site_dir:
mods_dir:
binary:
start_flags:
a2enmod:
a2dismod:
On which:
* conf_dir: directory where to drop the config files
* site_dir: directory where to drop the enabled virtualhosts
* mods_dir: directory where to drop any mod configuration
* binary: the binary to use for launching apache
* start_flags: any flags that will be passed to the apache binary call
* a2enmod: mods to enable
* a2dismod: mods to disable
Notice that if there is no overrides given, it should not affect anything
and the templates will not be changed as the default values are set to what
they used to be as to not disrupt existing deployments.
Change-Id: If0fb9ab03aacfcd7087e753698880505571d0233
to set local_ip in osh, you have to use nic name.
but some devices can have different nic name.
so I add new option for getting tunnel device by cidr.
Added value:
network:
interface:
tunnel: null
tunnel_network_cidr: "0/0"
Change-Id: I8bffae640dfe0086de0b5274bb8c3cdce9754160
Signed-off-by: Hyunkook Cho <hk0713.cho@samsung.com>
This PS tells glance to make rabbitmq queues ha when available.
Change-Id: I675c8a80548f0d0cd9e9fea74dfaeeec632b71e3
Signed-off-by: Pete Birley <pete@port.direct>
This PS tells neutron to make rabbitmq queues ha when available.
Change-Id: I708d354224a14e9b49be3faf1589f5a4791f5de9
Signed-off-by: Pete Birley <pete@port.direct>
This PS tells nova to make rabbitmq queues ha when available.
Change-Id: I965d18ea5d5cdf5ab54bb33c6a46b4a92e039c5e
Signed-off-by: Pete Birley <pete@port.direct>
This PS tells cinder to make rabbitmq queues ha when available.
Change-Id: I680e14b2f48ab7d50b8688d29d690c92fc33d696
Signed-off-by: Pete Birley <pete@port.direct>
This PS tells heat to make rabbitmq queues ha when available.
Change-Id: I40222a4e6a52527a1336ab2a6e58144d62a30269
Signed-off-by: Pete Birley <pete@port.direct>
