This change removes the netpol values from the keystone/ldap script,
those are now part of the appropriate chart and can be deployed as such.
This also fixes the path to the ldap domain config override that was
pointing to a file that no longer exists.
Change-Id: Id01af23c5308edabf635ccd321721ff104fd58e3
As network policy jobs in zuul are moved to be run by the feature gate,
usage of them in old scripts should be taken out to avoid confusion and
potential problem where netpol cause unexpected connection failure. This
patch set removes the remanant of these netpol's.
Change-Id: I1ce86d27ca4f708b17d848d742ba840156d4ef6c
Signed-off-by: Tin Lam <tin@irrational.io>
As all feature specific value overrides are moved into the component's
values_overrides folder to be used by zuul's feature gate, the old
overrides should be removed to reduce confusion as they are unused.
Change-Id: Ieaf35a8147061da356fdfa46c73673457af1f3d1
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set adds in default horizon ingress overrides.
Change-Id: I5a7e8197b84bc5f1ad94d5d6a1d0662257404994
Signed-off-by: Tin Lam <tin@irrational.io>
For simplification of deployment and maintenance, reduce the number
of scripts that do usually the same.
The important part is that when user wants to do multinode deployment,
OSH_DEPLOY_MULTINODE variable must be set before executing the script.
For now multinone script still stays, only to invoke the common one,
but in future it would be better to remove multinode scripts completely
and let user call the common script with the right argument.
Change-Id: I4dca159827581cbe8d6ded3be85e732acbf60ed1
This PS adds octavia chart and its deployment scripts.
Blueprint name : openstack-helm-octavia
- Deployments : api, worker, housekeeping
- Daemonset : health-manager
- health-manager daemonset creates o-hm device on each controller node.
- This is for multi node deployment.
- 180-create-resource-for-octavia.sh : Create openstack resources
(network, sec groups, flavor, keypair, image for development)
- 190-create-octavia-certs.sh : Create certificates to use Octavia
(the certs is passed into pod using secret and volume for development)
- 200-octavia.sh : Deploy Octavia chart
Note: This chart doesn't include amphora image itself and its build.
Change-Id: I0bb7dfc7c15d77287c05a8542347e19fc269aba4
Signed-off-by: hagun.kim <hagun.kim@samsung.com>
This change adds two network policy zuul checks, one for the compute-kit,
and one for cinder/ceph, to test network policy for each OpenStack
service. These checks will be non-voting initially.
The network policy rules for each service will initially allow all
traffic. These ingress/egress rules will be defined in future changes
to only explicitly allow traffic between services that are explicitly
allowed to communicate, other traffic will be denied.
Depends-On: https://review.opendev.org/#/c/685130/
Change-Id: Ide2998ebb2af2832f24ca7abc398a82e4a6d70e3
Current nova loci image build should account for the nova-novncproxy
image. We can and should reduce the number of images and just use
the loci image instead for the loci build. This applies only to the
Ocata release as newer releases already took this approach.
Change-Id: I01f85a957c3bfdd9f54515de4b02305bde5ead8c
Signed-off-by: Tin Lam <tin@irrational.io>
Extending the Neutron with configuration parameters and scripts for
deploying OVS with DPDK support enabled. The new functionality takes
care of binding NICs to DPDK and adding those to OVS bridges of type
'netdev'.
Co-Authored-By: Rihab Banday <rihab.banday@ericsson.com>
Change-Id: I9932123986a0b723d7523136940d325bcfde983d
This change removes the network policy overrides that are set in
the common memcache setup script. These override will be implemented
in a future change as part of the rest of the network policy work.
Change-Id: I8954b6d88a650a576208e33b6e6e6ef00bdbef66
This adds the rabbitmq statefulset name override to the values
for each openstack service chart in the Armada manifest, as this
is required to support communicating with the rabbitmq backends
directly
Change-Id: I4a2fabf491c6607bec80f37a8d1236c55ec8430a
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This disables the cephfs provisioner in the multinode
periodic jobs. It seems the helm tests for the ceph
provisioner chart that test cephfs fail more often than
not in the multinode jobs while passing reliably in the
single node check and gate jobs. As cephfs is still
gated, disabling the cephfs provisioner in the periodic
jobs allows for further investigation into this issue
without causing potential regressions
Change-Id: Id4cf7d6571855413be4b67a440423445af3270e3
Signed-off-by: Steve Wilkerson <sw5822@att.com>
Currently OSH_EXTRA_HELM_ARGS_CEPH is calculated for ceph-mon only and
the same value is used for other charts from loop.
Change-Id: Ia014310ab675e4f58c224aae1139dfb3a065766b
In the 900-use-it.sh script, the user can define the gateway
(OSH_BR_EX_ADDR) and the subnet of the external network
(OSH_EXT_SUBNET). However, in the script that configures the gateway
correctly in br-ex, these values are hardcoded.
This patch allows the user to modify them by a env. variable, same as
the 900-use-it.sh script does
Change-Id: I25124024ebb72ff5fea8903fb393b71a052d0f93
Signed-off-by: Manuel Buil <mbuil@suse.com>
This ps updates the component check scripts to deploy
the default number of rabbit replicas in the gate
Change-Id: I996af138373476ae4a65dc2bef7e360155390a5d
Wrap code making the assumption there is only one Ceph backend
(using is_ceph_volume_configured) in a "range" and use
ceph_backend_list helper to iterate all available Ceph backends.
Move Ceph pool application name in values.yaml from
conf.software.rbd.rbd_pool_app_name* to conf.ceph.pools.*.app_name
Change-Id: If1126e51fe9ebb85185e375dc282e83db63d934c
Depends-On: Iaa67061b05a9d355228ad7d3f5ee0f4f04dbdc66
Signed-off-by: Daniel Badea <daniel.badea@windriver.com>
The name of the variable ends with LIBVIRT although it should end with
OPENVSWITCH, as used in line 29
Change-Id: I0ec490de44969aea2cccf51d753f1ffcfa9e2511
Signed-off-by: Manuel Buil <mbuil@suse.com>
Currently, in the script which sets up VMs with vmbc instead of BM for ironic
practice,
There is an IF command checking if OVS_VSWITCHD pod is located in master
node or not.
To get the info about Pod's nodeName, command below has been used.
$ kubectl --namespace openstack get pod "${OVS_VSWITCHD_POD}" -o wide --no-headers | awk '{ print $NF }'
But this command sometimes cannot parse Pod's nodeName correctly becuase
new headers such as "NOMINATED NODE" and "READINESS GATE" are printed in the end "-o wide" option.
(in some version of k8s)
To avoid this problem and give more readability,
I suggest changing commands to use "-o json" option.
Change-Id: Ib81ae505ac8d04dae9af6326880e1fa17664ac0b
