This PS updates the pod affinity function to allow customisation by
operators at the point of deployment.
Change-Id: I8b7b2f584e990e068051d9a6d5cc7b1e1adb5aa5
This PS moves the mounts key to be under the pod key in the values.
It brings further consolation of related configuration params to be
nested under common keys across all charts.
Change-Id: If9963e4f8b438847e2fcad3bdd8c0d71ca9ecdd8
This PS move s the replicas key to be under the pod key in the values.
It brings further consolation of related configuration params to be
nested under common keys across all charts.
Change-Id: I420b06debd0a62ba5d83497be43ff6c49c49d339
Hardened the grep/awk that extracts the default interface for use
as the tunneling interface. The command failed on multiple
Ubuntu machines as-was.
Change-Id: Ib7d0a8e55e67391d6cb7a58910cfc2ed617a4cbc
This patchset enforces stricter file permission on *-etc configmap and
sets readOnly flag to true in a number of charts.
Change-Id: I233689a5d56dd1352e0d81997a94b4cdd6bed5d2
Signed-off-by: Tin Lam <tin@irrational.io>
This PS removes the duplicate command key in the Neutron DB-Job
manifest and corrects the rally pod permisions.
Change-Id: I97b9a9ab54609696ac763f3a319f6df78fe5d73c
This PS unifies and normalises Kubernetes resource allocation and
update strategy across all OpenStack-Helm elements.
Change-Id: Ia41fc453cb5191fa447ca6e1aa0f5b431c939dc8
This PS moves keystone credentials to the endpoints section within
the values.yaml, and also adds a 'secrets' key, allowing standardiation
of secrets and credential management across OpenStack-Helm.
Change-Id: I86a21e625afd822379ac11351603b2c606a3769f
Neutron metadata agent can use oslo.cache to cache some requests to
neutron-server. As we have memcached already in place, we can enable
that feature. This commit does so.
Change-Id: I4ec1e7d22ed6bb54359dd5b6a80bc42222e59d00
gen-oslo-openstack-helm generated configuration file templates in
incorrect form, causing setting mulitple values in Values.yaml to
produce something like:
foo=barfoo=baz
This commit fixes this in the generator and updates config file
templates to generate configs correctly:
foo=bar
foo=baz
Change-Id: Iea661dcf1710987b2e111d7141ba888f01c44a50
Closes-Bug: 1699581
This PS adds soft anti-affinity to all pods in OS-H. By doing so
resiliancy is improved by attempting to ensure that pods are created
on seperate nodes.
Change-Id: I0c1092498f7a1e44218ef785ca3f73fa9f49819c
Kubernetes 1.6 introduced the ability to declare an update
strategy for daemonsets. As weve made >1.6 a requirement, we
should adopt the ability to update our daemonsets just as we do
with deployments. This brings the daemonset templates in our
charts in line with other patterns developed.
Change-Id: I317560b24d65274b69bec2df4f6225f1255b7ae6
Rename ml2.ovs.auto_bridge_add to network.auto_bridge_add
Change-Id: Idf0e746df8b91cbbf89373d1516108ce2163083c
Co-Authored-By: Artur Korzeniewski <artur.korzeniewski@intel.com>
Some unused values were present in glance and neutron that were left
over from the early development of OSH this PS removes them.
Change-Id: I5dbbb1d6e1262e4c06dd6c083724fd213838e5b7
The existing entrypoint logic used static names to reolve dependencies.
This prevented the service names, and thus the hostnames of services
being altered. This PS resolves that issue by looking up the service name
from the endpoints specified in the values for a chart.
Partial-Implements: blueprint enhance-entrypoint-dependency-checking
External-Tracking-Id: OSH-21
Change-Id: Ib49490f332f8cd88e98c50d9335dfd314a170936
This PS sets the default modetype of mounts from *-bin configmaps
to 0555, and removes the then unnecessary commands from the manifests.
Change-Id: I93ce0facb06affdf362a58f8520e69ba94ea3034
With 1.6, init containers are officially part of the kubernetes
API. This changes the format of the helm template for the
entrypoint container from json to yaml, and updates the
charts accordingly.
Co-Authored-By: Pete Birley <pete@port.direct>
Change-Id: I569566ce4b031d107af2d38483040a26210bec45
This PS add Barbican support, and moves all potentially container
specific logic into the service start script from the api manifests.
Also fixes a permissions issue with the nova-api, which incorrectly
had the NET_ADMIN capability.
Change-Id: I18fc1ea5d7aa70ea7dabb829361a3da57e905100
This commit adds graceful termination to all existing charts.
It also adds a setting in the values.yaml file for clarity and
the ability to override if wished.
Change-Id: I42025e4be86d248be467c1d2f0980f864c4d440e
This PS updates the way helm-toolkit functions are named to
reference the full path they are loacted at. This should make
development and debugging easier. Addtionally unused functions
have been pruned as well.
Change-Id: I03c553f1d01bccc70c86768b416b147c90d9b2f0
Fixes to resolve confusion between gotpl and bash variable handling
and also how bash handles empty strings.
These are required to robustly:
1. make use of an external network (for floating IPs)
2. specify *which* interface in the nodes is used for the tunnelled
traffic.
Change-Id: I30fd675cd471a77dc09a6c7f6ee81120a978b38b
Addresses consistency issues that appear with autoincrement fields in
the existing chart, as demonstrated in [1]. It should allow automatic
recovery of 2 out of the 3 (default) cluster members.
It does not address automatic recovery of a complete shutdown of all
cluster nodes.
[1] https://review.openstack.org/#/c/465977/
Change-Id: I84c86e1862f03a6d381bf219b821ea3636049f0b
Correction of tunnel_types config option in values.yaml, regarding the
_openvswitch_agent.ini.tpl layout.
Added bridge mappings, since it was lost with auto-generate configs.
Removed br-physnet1 and physnet1 in favor of 'external' network config.
Removed default network interface, replacing it with search for interface
with default gateway for tunneling. The interface for external bridge
has to be defined explicitly, otherwise no interface will be added to
external bridge automatically.
In OVS configuration scripts, added handling null port passed.
Change-Id: I90ebe222323b3b1ec8d20a8038c0dfed3de9b58c
Closes-Bug: #1686365
Closes-Bug: #1686367
This change removes any trailing whitespaces found while
running:
find . -type f -exec egrep -l " +$" {} \;
Change-Id: Ic1dc8765a0971a32da4c3116871e9450a55b357f
Add openvswitch based firewall, which is better than hybrid iptables one.
It does not interfere with k8s iptables rules on compute nodes.
The advantage is that VMs have access to the OpenStack API.
Change-Id: Ic6baef5867db962b3cb4709d7e6dce8a9a13584f
Closes-Bug: #1686371
