This patch set adds TLS support for keystone LDAP.
External-tracking: OSH#555
Change-Id: Ice32a31a712b8534a5d1a8f90a8a203710bdb9a9
Signed-off-by: Tin Lam <tin@irrational.io>
Changes nova chart to depend on neutron pod labels instead of daemonsets
in order to prepare for utilizing daemonset overrides in neutron chart,
Utilizes a new feature of kubernetes-entrypoint, pod dependencies, added
to kubernetes-entrypoint in v0.3.0.
Change-Id: Ic79ddc1b7f477195c5b3dfd630df4d78d7589030
This patch set adds a nv-gating with an OpenLDAP server with some sample
data loaded for development or testing use using a bootstrap job.
This patch set also adds confirming authentication works using domain-
specific configuration for keystone.
Consolidated change from: https://review.openstack.org/#/c/552976/
Co-Authored-By: Gage Hugo <gagehugo@gmail.com>
Change-Id: I1aeccffc018d0fcefc8e2b15a4ac6b83cb2be8b6
Signed-off-by: Tin Lam <tin@irrational.io>
The nova_sudoers entry in the nova configmap-etc was consuming
the neutron_sudoers entry in the values.yaml. This corrects it to
point at nova_sudoers instead
Change-Id: I621c817c579cc1c31fa51b1a0f49a43a652784a2
The cinder_sudoers entry in the cinder configmap-etc was consuming
the neutron_sudoers entry in the values.yaml. This corrects it to
point at cinder_sudoers instead
Change-Id: I214912b3ed4185a201f4f94e82eaa50d6d321018
This patch set allows for searching the trustee user in a specified
domain rather than just the "default" domain.
Change-Id: I53ee6816e02c25e577244015fe5aea0870e0fd32
Signed-off-by: Tin Lam <tin@irrational.io>
without this the api starts up in a non-working state, the bootstrap
job then runs and give is images which are stuck queued
Change-Id: Ie3e03620618b1c46882c05b3a5ef8745c78af6a3
This PS consolidates the Ingress controller service, that is used
to resolve internal requests to public endpoints correctly, to
helm-toolkit.
Change-Id: If7c7deca1b8289a32709f7dc7c936883469aadfe
This PS reduces the number of processes spawned by services, as
with Kubernetes load distribution can be better managed by a larger
number of single threaded pods (up to a certain point) and doing so
also provides both increased avilibility, leading to smoother rolling
updates. In addtion when running single replicas resource consuption
is reduced.
Change-Id: Ifb7494a0804913d843a072e10d26c6ec53c3bd16
This PS exposes the Ceph RBD pool params to the cinder chart, allowing
them to be tuned.
Change-Id: I615e999928948193b24cc4978efb31bd1b36f8f7
Closes-Bug: #1754535
This PS allows fully qualified hostnames to be addressed when using
hetrogenious clusters.
Change-Id: If6144067b94e28a3bea8e71e1e60bca44a809c3a
Closes-Bug: 1753639
Cronjob resource is deprecated in batch/v2alpha1 from
k8s 1.8 and batch/v1beta1 is enabled by default. All the
CronJobs are already using batch/v1beta1 but there is condition
to check if api version have batch/v2alpha1.
Remove the api version constraint on batch/v2alpha1
Partial-Bug: #1753524
Change-Id: I7eeb7d6cc2630311ec5d613b9e059824daae0620
