From ae91cf3fc3f288b6d92ace4a3a405606a653638f Mon Sep 17 00:00:00 2001 From: Vladimir Kozhukalov Date: Mon, 18 Sep 2023 20:13:26 +0300 Subject: [PATCH] Use deploy-env role for all deployment jobs To make it easier to maintain the jobs all experimental jobs (those which are not run in check and gate pipelines) are moved to a separate file. They will be revised later to use the same deploy-env role. Also many charts use Openstack images for testing this PR adds 2023.1 Ubuntu Focal overrides for all these charts. Change-Id: I4a6fb998c7eb1026b3c05ddd69f62531137b6e51 --- ceph-rgw/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 19 + elasticsearch/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 18 + fluentd/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 17 + kibana/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 18 + kubernetes-keystone-webhook/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 17 + mariadb/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 18 + mariadb/values_overrides/ubuntu_focal.yaml | 20 + playbooks/deploy-env.yaml | 24 + playbooks/osh-infra-bandit.yaml | 35 +- playbooks/prepare-hosts.yaml | 17 + playbooks/run-scripts.yaml | 96 +++ powerdns/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 17 + prometheus/Chart.yaml | 2 +- .../values_overrides/2023.1-ubuntu_focal.yaml | 17 + releasenotes/notes/ceph-rgw.yaml | 1 + releasenotes/notes/elasticsearch.yaml | 1 + releasenotes/notes/fluentd.yaml | 1 + releasenotes/notes/kibana.yaml | 1 + .../notes/kubernetes-keystone-webhook.yaml | 1 + releasenotes/notes/mariadb.yaml | 1 + releasenotes/notes/powerdns.yaml | 1 + releasenotes/notes/prometheus.yaml | 1 + .../deployment/common/get-values-overrides.sh | 3 +- tools/deployment/common/prepare-k8s.sh | 48 ++ .../openstack-support/000-prepare-k8s.sh | 1 + .../osh-infra-logging/000-prepare-k8s.sh | 1 + .../osh-infra-monitoring/000-prepare-k8s.sh | 1 + zuul.d/experimental.yaml | 394 +++++++++++ zuul.d/jobs.yaml | 657 ++++-------------- zuul.d/project.yaml | 17 +- 37 files changed, 911 insertions(+), 568 deletions(-) create mode 100644 ceph-rgw/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 elasticsearch/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 fluentd/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 kibana/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 kubernetes-keystone-webhook/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 mariadb/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 mariadb/values_overrides/ubuntu_focal.yaml create mode 100644 playbooks/deploy-env.yaml create mode 100644 playbooks/prepare-hosts.yaml create mode 100644 playbooks/run-scripts.yaml create mode 100644 powerdns/values_overrides/2023.1-ubuntu_focal.yaml create mode 100644 prometheus/values_overrides/2023.1-ubuntu_focal.yaml create mode 100755 tools/deployment/common/prepare-k8s.sh create mode 120000 tools/deployment/openstack-support/000-prepare-k8s.sh create mode 120000 tools/deployment/osh-infra-logging/000-prepare-k8s.sh create mode 120000 tools/deployment/osh-infra-monitoring/000-prepare-k8s.sh create mode 100644 zuul.d/experimental.yaml diff --git a/ceph-rgw/Chart.yaml b/ceph-rgw/Chart.yaml index f9d1a473c..fa944c84a 100644 --- a/ceph-rgw/Chart.yaml +++ b/ceph-rgw/Chart.yaml @@ -15,6 +15,6 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Ceph RadosGW name: ceph-rgw -version: 0.1.28 +version: 0.1.29 home: https://github.com/ceph/ceph ... diff --git a/ceph-rgw/values_overrides/2023.1-ubuntu_focal.yaml b/ceph-rgw/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..58e1a7cc0 --- /dev/null +++ b/ceph-rgw/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,19 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + ks_endpoints: 'docker.io/openstackhelm/heat:2023.1-ubuntu_focal' + ks_service: 'docker.io/openstackhelm/heat:2023.1-ubuntu_focal' + ks_user: 'docker.io/openstackhelm/heat:2023.1-ubuntu_focal' +... diff --git a/elasticsearch/Chart.yaml b/elasticsearch/Chart.yaml index 8dae84099..1aafdcd02 100644 --- a/elasticsearch/Chart.yaml +++ b/elasticsearch/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v8.9.0 description: OpenStack-Helm ElasticSearch name: elasticsearch -version: 0.2.25 +version: 0.2.26 home: https://www.elastic.co/ sources: - https://github.com/elastic/elasticsearch diff --git a/elasticsearch/values_overrides/2023.1-ubuntu_focal.yaml b/elasticsearch/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..28c528485 --- /dev/null +++ b/elasticsearch/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,18 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + memory_init: docker.io/openstackhelm/heat:2023.1-ubuntu_focal + helm_tests: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/fluentd/Chart.yaml b/fluentd/Chart.yaml index 7bebd25f2..8fcafb3b2 100644 --- a/fluentd/Chart.yaml +++ b/fluentd/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v1.10.1 description: OpenStack-Helm Fluentd name: fluentd -version: 0.1.9 +version: 0.1.10 home: https://www.fluentd.org/ sources: - https://github.com/fluent/fluentd diff --git a/fluentd/values_overrides/2023.1-ubuntu_focal.yaml b/fluentd/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..1292734fc --- /dev/null +++ b/fluentd/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,17 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + helm_tests: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/kibana/Chart.yaml b/kibana/Chart.yaml index 7aa3b953a..0b4604ffd 100644 --- a/kibana/Chart.yaml +++ b/kibana/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v8.9.0 description: OpenStack-Helm Kibana name: kibana -version: 0.1.13 +version: 0.1.14 home: https://www.elastic.co/products/kibana sources: - https://github.com/elastic/kibana diff --git a/kibana/values_overrides/2023.1-ubuntu_focal.yaml b/kibana/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..2a5286d2f --- /dev/null +++ b/kibana/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,18 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + register_kibana_indexes: docker.io/openstackhelm/heat:2023.1-ubuntu_focal + flush_kibana_metadata: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/kubernetes-keystone-webhook/Chart.yaml b/kubernetes-keystone-webhook/Chart.yaml index eb5d7a81b..f60586935 100644 --- a/kubernetes-keystone-webhook/Chart.yaml +++ b/kubernetes-keystone-webhook/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v0.2.0 description: OpenStack-Helm Kubernetes keystone webhook name: kubernetes-keystone-webhook -version: 0.1.7 +version: 0.1.8 home: https://github.com/kubernetes/cloud-provider-openstack sources: - https://opendev.org/openstack/openstack-helm-infra diff --git a/kubernetes-keystone-webhook/values_overrides/2023.1-ubuntu_focal.yaml b/kubernetes-keystone-webhook/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..11f1b479d --- /dev/null +++ b/kubernetes-keystone-webhook/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,17 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + scripted_test: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/mariadb/Chart.yaml b/mariadb/Chart.yaml index 7660428ed..60198db0d 100644 --- a/mariadb/Chart.yaml +++ b/mariadb/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v10.6.7 description: OpenStack-Helm MariaDB name: mariadb -version: 0.2.32 +version: 0.2.33 home: https://mariadb.com/kb/en/ icon: http://badges.mariadb.org/mariadb-badge-180x60.png sources: diff --git a/mariadb/values_overrides/2023.1-ubuntu_focal.yaml b/mariadb/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..4c9e14ecc --- /dev/null +++ b/mariadb/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,18 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + prometheus_mysql_exporter_helm_tests: docker.io/openstackhelm/heat:2023.1-ubuntu_focal + ks_user: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/mariadb/values_overrides/ubuntu_focal.yaml b/mariadb/values_overrides/ubuntu_focal.yaml new file mode 100644 index 000000000..cfe1b3da9 --- /dev/null +++ b/mariadb/values_overrides/ubuntu_focal.yaml @@ -0,0 +1,20 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + mariadb: docker.io/openstackhelm/mariadb:latest-ubuntu_focal + prometheus_create_mysql_user: docker.io/library/mariadb:10.5.9-focal + mariadb_backup: quay.io/airshipit/porthole-mysqlclient-utility:latest-ubuntu_focal + scripted_test: docker.io/openstackhelm/mariadb:latest-ubuntu_focal +... diff --git a/playbooks/deploy-env.yaml b/playbooks/deploy-env.yaml new file mode 100644 index 000000000..3efab3564 --- /dev/null +++ b/playbooks/deploy-env.yaml @@ -0,0 +1,24 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +- hosts: all + become: true + gather_facts: true + roles: + - ensure-python + - ensure-pip + - clear-firewall + - deploy-apparmor + - deploy-selenium + - deploy-env +... diff --git a/playbooks/osh-infra-bandit.yaml b/playbooks/osh-infra-bandit.yaml index 31797208b..1a118e92f 100644 --- a/playbooks/osh-infra-bandit.yaml +++ b/playbooks/osh-infra-bandit.yaml @@ -1,17 +1,28 @@ ---- -- hosts: all - name: openstack-helm-infra-bandit - tasks: - - name: Clear firewall - include_role: - name: clear-firewall +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. - - name: Install Required Packages and Setup Host +--- +- hosts: primary + roles: + - ensure-python + - ensure-pip + tasks: + - name: Install Helm shell: | - set -xe; - ./tools/deployment/common/000-install-packages.sh - ./tools/deployment/common/005-deploy-k8s.sh - sudo -H pip3 install yq bandit==1.7.1 setuptools + TMP_DIR=$(mktemp -d) + curl -sSL https://get.helm.sh/helm-{{ helm_version }}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR} + mv "${TMP_DIR}"/helm /usr/local/bin/helm + rm -rf "${TMP_DIR}" + sudo -H pip3 install --upgrade yq bandit=={{ bandit_version }} setuptools environment: zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}" args: diff --git a/playbooks/prepare-hosts.yaml b/playbooks/prepare-hosts.yaml new file mode 100644 index 000000000..c64aa0d65 --- /dev/null +++ b/playbooks/prepare-hosts.yaml @@ -0,0 +1,17 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +- hosts: all + roles: + - start-zuul-console +... diff --git a/playbooks/run-scripts.yaml b/playbooks/run-scripts.yaml new file mode 100644 index 000000000..7ae51c4b3 --- /dev/null +++ b/playbooks/run-scripts.yaml @@ -0,0 +1,96 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +- hosts: all + become: true + tasks: + - name: Configure /etc/hosts for buildset_registry to workaround docker not understanding ipv6 addresses + lineinfile: + path: /etc/hosts + state: present + regex: "^{{ buildset_registry.host }}\tzuul-jobs.buildset-registry$" + line: "{{ buildset_registry.host }}\tzuul-jobs.buildset-registry" + insertafter: EOF + when: + - buildset_registry is defined + - buildset_registry.host | ipaddr + +- hosts: primary + tasks: + - name: Override images + when: buildset_registry is defined + vars: + work_dir: "{{ zuul.project.src_dir }}" + block: + - name: Set buildset_registry alias variable when using ip + set_fact: + buildset_registry_alias: zuul-jobs.buildset-registry + when: + - buildset_registry.host | ipaddr + + - name: Set buildset_registry alias variable when using name + set_fact: + buildset_registry_alias: "{{ buildset_registry.host }}" + when: + - not ( buildset_registry.host | ipaddr ) + + - name: Print zuul + debug: + var: zuul + + - name: Override proposed images from artifacts + shell: > + find {{ override_paths | join(" ") }} -type f -exec sed -Ei + "s#['\"]?docker\.io/({{ repo }}):({{ tag }})['\"]?\$#{{ buildset_registry_alias }}:{{ buildset_registry.port }}/\1:\2#g" {} + + loop: "{{ zuul.artifacts | default([]) }}" + args: + chdir: "{{ work_dir }}" + loop_control: + loop_var: zj_zuul_artifact + when: "'metadata' in zj_zuul_artifact and zj_zuul_artifact.metadata.type | default('') == 'container_image'" + vars: + tag: "{{ zj_zuul_artifact.metadata.tag }}" + repo: "{{ zj_zuul_artifact.metadata.repository }}" + override_paths: + - ../openstack-helm*/*/values* + - ../openstack-helm-infra/tools/deployment/ + + - name: Diff + shell: | + set -ex; + for dir in openstack-helm openstack-helm-infra; do + path="{{ work_dir }}/../${dir}/" + if [ ! -d "${path}" ]; then continue; fi + echo "${dir} diff" + cd "${path}"; git diff; cd -; + done + + - name: "creating directory for run artifacts" + file: + path: "/tmp/artifacts" + state: directory + + - name: Run gate scripts + include_role: + name: "{{ ([item] | flatten | length == 1) | ternary('osh-run-script', 'osh-run-script-set') }}" + vars: + workload: "{{ [item] | flatten }}" + loop: "{{ gate_scripts }}" + + - name: "Downloads artifacts to executor" + synchronize: + src: "/tmp/artifacts" + dest: "{{ zuul.executor.log_root }}/{{ inventory_hostname }}" + mode: pull + ignore_errors: True +... diff --git a/powerdns/Chart.yaml b/powerdns/Chart.yaml index 16e908c2b..ff63756bc 100644 --- a/powerdns/Chart.yaml +++ b/powerdns/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v4.1.10 description: OpenStack-Helm PowerDNS name: powerdns -version: 0.1.6 +version: 0.1.7 home: https://www.powerdns.com/ maintainers: - name: OpenStack-Helm Authors diff --git a/powerdns/values_overrides/2023.1-ubuntu_focal.yaml b/powerdns/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..8f56d1786 --- /dev/null +++ b/powerdns/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,17 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + db_init: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/prometheus/Chart.yaml b/prometheus/Chart.yaml index cd99b1968..7b4cd5ee9 100644 --- a/prometheus/Chart.yaml +++ b/prometheus/Chart.yaml @@ -15,7 +15,7 @@ apiVersion: v1 appVersion: v2.25.0 description: OpenStack-Helm Prometheus name: prometheus -version: 0.1.14 +version: 0.1.15 home: https://prometheus.io/ sources: - https://github.com/prometheus/prometheus diff --git a/prometheus/values_overrides/2023.1-ubuntu_focal.yaml b/prometheus/values_overrides/2023.1-ubuntu_focal.yaml new file mode 100644 index 000000000..1292734fc --- /dev/null +++ b/prometheus/values_overrides/2023.1-ubuntu_focal.yaml @@ -0,0 +1,17 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +--- +images: + tags: + helm_tests: docker.io/openstackhelm/heat:2023.1-ubuntu_focal +... diff --git a/releasenotes/notes/ceph-rgw.yaml b/releasenotes/notes/ceph-rgw.yaml index ec97b6c36..30c4b2045 100644 --- a/releasenotes/notes/ceph-rgw.yaml +++ b/releasenotes/notes/ceph-rgw.yaml @@ -29,4 +29,5 @@ ceph-rgw: - 0.1.26 Replace node-role.kubernetes.io/master with control-plane - 0.1.27 Update Ceph to 17.2.6 - 0.1.28 Use Helm toolkit functions for Ceph probes + - 0.1.29 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/elasticsearch.yaml b/releasenotes/notes/elasticsearch.yaml index d0544b600..ede739772 100644 --- a/releasenotes/notes/elasticsearch.yaml +++ b/releasenotes/notes/elasticsearch.yaml @@ -35,4 +35,5 @@ elasticsearch: - 0.2.23 Add configurable liveness probe for elasticsearch client - 0.2.24 Update Ceph to 17.2.6 - 0.2.25 Update ElasticSearch to 8.9.0 + - 0.2.26 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/fluentd.yaml b/releasenotes/notes/fluentd.yaml index 4aacc4e5c..cda7bdfe2 100644 --- a/releasenotes/notes/fluentd.yaml +++ b/releasenotes/notes/fluentd.yaml @@ -10,4 +10,5 @@ fluentd: - 0.1.7 Update default image values to Wallaby - 0.1.8 Added OCI registry authentication - 0.1.9 Set sticky bit for tmp + - 0.1.10 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/kibana.yaml b/releasenotes/notes/kibana.yaml index a9ac3ab9a..8c2ce7c1e 100644 --- a/releasenotes/notes/kibana.yaml +++ b/releasenotes/notes/kibana.yaml @@ -14,4 +14,5 @@ kibana: - 0.1.11 Added OCI registry authentication - 0.1.12 Added feedback http_code 200 for kibana indexes - 0.1.13 Update Kibana to 8.9.0 + - 0.1.14 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/kubernetes-keystone-webhook.yaml b/releasenotes/notes/kubernetes-keystone-webhook.yaml index 84be358b0..e1eb8d85c 100644 --- a/releasenotes/notes/kubernetes-keystone-webhook.yaml +++ b/releasenotes/notes/kubernetes-keystone-webhook.yaml @@ -8,4 +8,5 @@ kubernetes-keystone-webhook: - 0.1.5 Update htk requirements - 0.1.6 Update default image value to Wallaby - 0.1.7 Added OCI registry authentication + - 0.1.8 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/mariadb.yaml b/releasenotes/notes/mariadb.yaml index 75f5f8d14..fbca3bbf4 100644 --- a/releasenotes/notes/mariadb.yaml +++ b/releasenotes/notes/mariadb.yaml @@ -48,4 +48,5 @@ mariadb: - 0.2.30 Replace node-role.kubernetes.io/master with control-plane - 0.2.31 Update kubernetes registry to registry.k8s.io - 0.2.32 Prevent liveness probe from killing pods during SST + - 0.2.33 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/powerdns.yaml b/releasenotes/notes/powerdns.yaml index dba98a577..4e7ac0845 100644 --- a/releasenotes/notes/powerdns.yaml +++ b/releasenotes/notes/powerdns.yaml @@ -7,4 +7,5 @@ powerdns: - 0.1.4 Update htk requirements - 0.1.5 Update default image values - 0.1.6 Added OCI registry authentication + - 0.1.7 Add 2023.1 Ubuntu Focal overrides ... diff --git a/releasenotes/notes/prometheus.yaml b/releasenotes/notes/prometheus.yaml index bcbb9dfc9..1928b5da1 100644 --- a/releasenotes/notes/prometheus.yaml +++ b/releasenotes/notes/prometheus.yaml @@ -15,4 +15,5 @@ prometheus: - 0.1.12 Update default image value to Wallaby - 0.1.13 Added OCI registry authentication - 0.1.14 Added feature to launch Prometheus with custom script + - 0.1.15 Add 2023.1 Ubuntu Focal overrides ... diff --git a/tools/deployment/common/get-values-overrides.sh b/tools/deployment/common/get-values-overrides.sh index d46816eb9..377fc6b74 100755 --- a/tools/deployment/common/get-values-overrides.sh +++ b/tools/deployment/common/get-values-overrides.sh @@ -17,10 +17,11 @@ set -e HELM_CHART="$1" : "${HELM_CHART_ROOT_PATH:="../openstack-helm-infra"}" +: "${OPENSTACK_RELEASE:="2023.1"}" : "${CONTAINER_DISTRO_NAME:="ubuntu"}" : "${CONTAINER_DISTRO_VERSION:="focal"}" : "${FEATURE_GATES:="apparmor"}" -OSH_INFRA_FEATURE_MIX="${FEATURE_GATES},${CONTAINER_DISTRO_NAME}_${CONTAINER_DISTRO_VERSION},${CONTAINER_DISTRO_NAME}" +OSH_INFRA_FEATURE_MIX="${FEATURE_GATES},${OPENSTACK_RELEASE},${CONTAINER_DISTRO_NAME}_${CONTAINER_DISTRO_VERSION},${CONTAINER_DISTRO_NAME}" function echoerr () { echo "$@" 1>&2; diff --git a/tools/deployment/common/prepare-k8s.sh b/tools/deployment/common/prepare-k8s.sh new file mode 100755 index 000000000..a4d3724cf --- /dev/null +++ b/tools/deployment/common/prepare-k8s.sh @@ -0,0 +1,48 @@ +#!/bin/bash +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -ex + +# Add labels to the core namespaces & nodes +kubectl label --overwrite namespace default name=default +kubectl label --overwrite namespace kube-system name=kube-system +kubectl label --overwrite namespace kube-public name=kube-public +kubectl label --overwrite nodes --all openstack-control-plane=enabled +kubectl label --overwrite nodes --all openstack-compute-node=enabled +kubectl label --overwrite nodes --all openvswitch=enabled +kubectl label --overwrite nodes --all linuxbridge=enabled +kubectl label --overwrite nodes --all ceph-mon=enabled +kubectl label --overwrite nodes --all ceph-osd=enabled +kubectl label --overwrite nodes --all ceph-mds=enabled +kubectl label --overwrite nodes --all ceph-rgw=enabled +kubectl label --overwrite nodes --all ceph-mgr=enabled +# We deploy l3 agent only on the node where we run test scripts. +# In this case virtual router will be created only on this node +# and we don't need L2 overlay (will be implemented later). +kubectl label --overwrite nodes -l "node-role.kubernetes.io/control-plane" l3-agent=enabled + +for NAMESPACE in ceph openstack osh-infra; do +tee /tmp/${NAMESPACE}-ns.yaml << EOF +apiVersion: v1 +kind: Namespace +metadata: + labels: + kubernetes.io/metadata.name: ${NAMESPACE} + name: ${NAMESPACE} + name: ${NAMESPACE} +EOF + +kubectl apply -f /tmp/${NAMESPACE}-ns.yaml +done + +make all diff --git a/tools/deployment/openstack-support/000-prepare-k8s.sh b/tools/deployment/openstack-support/000-prepare-k8s.sh new file mode 120000 index 000000000..aa9807064 --- /dev/null +++ b/tools/deployment/openstack-support/000-prepare-k8s.sh @@ -0,0 +1 @@ +../common/prepare-k8s.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-logging/000-prepare-k8s.sh b/tools/deployment/osh-infra-logging/000-prepare-k8s.sh new file mode 120000 index 000000000..aa9807064 --- /dev/null +++ b/tools/deployment/osh-infra-logging/000-prepare-k8s.sh @@ -0,0 +1 @@ +../common/prepare-k8s.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring/000-prepare-k8s.sh b/tools/deployment/osh-infra-monitoring/000-prepare-k8s.sh new file mode 120000 index 000000000..aa9807064 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring/000-prepare-k8s.sh @@ -0,0 +1 @@ +../common/prepare-k8s.sh \ No newline at end of file diff --git a/zuul.d/experimental.yaml b/zuul.d/experimental.yaml new file mode 100644 index 000000000..2e4607a2c --- /dev/null +++ b/zuul.d/experimental.yaml @@ -0,0 +1,394 @@ +--- +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- job: + name: openstack-helm-infra-functional + run: playbooks/osh-infra-gate-runner.yaml + abstract: true + required-projects: + - openstack/openstack-helm-infra + irrelevant-files: + - ^.*\.rst$ + - ^doc/.*$ + - ^releasenotes/.*$ + +# FIXME: it is not run +- job: + name: openstack-helm-infra + parent: openstack-helm-infra-functional + timeout: 7200 + roles: + - zuul: zuul/zuul-jobs + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-docker.yaml + - playbooks/osh-infra-deploy-selenium.yaml + - playbooks/osh-infra-build.yaml + - playbooks/osh-infra-deploy-k8s.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + vars: + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/multinode/010-deploy-docker-registry.sh + - ./tools/deployment/multinode/020-ingress.sh + - ./tools/deployment/multinode/030-ceph.sh + - ./tools/deployment/multinode/035-ceph-ns-activate.sh + - ./tools/deployment/multinode/040-ldap.sh + - ./tools/deployment/multinode/045-mariadb.sh + - ./tools/deployment/multinode/050-prometheus.sh + - ./tools/deployment/multinode/060-alertmanager.sh + - ./tools/deployment/multinode/070-kube-state-metrics.sh + - ./tools/deployment/multinode/075-node-problem-detector.sh + - ./tools/deployment/multinode/080-node-exporter.sh + - ./tools/deployment/multinode/085-process-exporter.sh + - ./tools/deployment/multinode/090-openstack-exporter.sh + - ./tools/deployment/multinode/100-grafana.sh + - ./tools/deployment/multinode/110-nagios.sh + - ./tools/deployment/multinode/115-radosgw-osh-infra.sh + - ./tools/deployment/multinode/120-elasticsearch.sh + - ./tools/deployment/multinode/125-fluentbit.sh + - ./tools/deployment/multinode/130-fluentd.sh + - ./tools/deployment/multinode/140-kibana.sh + - ./tools/deployment/multinode/170-postgresql.sh + - ./tools/deployment/multinode/600-grafana-selenium.sh || true + - ./tools/deployment/multinode/610-nagios-selenium.sh || true + - ./tools/deployment/multinode/620-prometheus-selenium.sh || true + - ./tools/deployment/multinode/630-kibana-selenium.sh || true + +- job: + name: openstack-helm-infra-tenant-ceph + parent: openstack-helm-infra-functional + nodeset: openstack-helm-3nodes-ubuntu_focal + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-docker.yaml + - playbooks/osh-infra-deploy-selenium.yaml + - playbooks/osh-infra-build.yaml + - playbooks/osh-infra-deploy-k8s.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + vars: + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/tenant-ceph/010-relabel-nodes.sh + - ./tools/deployment/tenant-ceph/020-ingress.sh + - ./tools/deployment/tenant-ceph/030-ceph.sh + - ./tools/deployment/tenant-ceph/035-ceph-ns-activate.sh + - ./tools/deployment/tenant-ceph/040-tenant-ceph.sh + - ./tools/deployment/tenant-ceph/045-tenant-ceph-ns-activate.sh + - ./tools/deployment/tenant-ceph/050-radosgw-osh-infra.sh + - ./tools/deployment/tenant-ceph/060-radosgw-openstack.sh + +- job: + name: openstack-helm-infra-federated-monitoring + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/federated-monitoring/000-install-packages.sh + - ./tools/deployment/federated-monitoring/005-deploy-k8s.sh + - ./tools/deployment/federated-monitoring/010-ingress.sh + - ./tools/deployment/federated-monitoring/020-nfs-provisioner.sh + - ./tools/deployment/federated-monitoring/030-ldap.sh + - ./tools/deployment/federated-monitoring/040-kube-state-metrics.sh + - ./tools/deployment/federated-monitoring/050-node-exporter.sh + - ./tools/deployment/federated-monitoring/060-prometheus.sh + - ./tools/deployment/federated-monitoring/070-federated-prometheus.sh + - ./tools/deployment/federated-monitoring/080-mariadb.sh + - ./tools/deployment/federated-monitoring/090-grafana.sh + - ./tools/deployment/federated-monitoring/100-prometheus-selenium.sh || true + +- job: + name: openstack-helm-infra-aio-network-policy + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + nodeset: openstack-helm-single-node + vars: + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/network-policy/000-install-packages.sh + - ./tools/deployment/network-policy/005-deploy-k8s.sh + - ./tools/deployment/network-policy/010-ingress.sh + - ./tools/deployment/network-policy/020-nfs-provisioner.sh + - ./tools/deployment/network-policy/039-lockdown.sh + - ./tools/deployment/network-policy/040-ldap.sh + - ./tools/deployment/network-policy/045-mariadb.sh + - ./tools/deployment/network-policy/050-prometheus.sh + - ./tools/deployment/network-policy/060-alertmanager.sh + - ./tools/deployment/network-policy/070-kube-state-metrics.sh + - ./tools/deployment/network-policy/080-node-exporter.sh + - ./tools/deployment/network-policy/090-process-exporter.sh + - ./tools/deployment/network-policy/100-grafana.sh + - ./tools/deployment/network-policy/110-nagios.sh + - ./tools/deployment/network-policy/120-elasticsearch.sh + - ./tools/deployment/network-policy/125-fluentbit.sh + - ./tools/deployment/network-policy/130-fluentd-daemonset.sh + - ./tools/deployment/network-policy/135-fluentd-deployment.sh + - ./tools/deployment/network-policy/140-kibana.sh + - ./tools/deployment/network-policy/openstack-exporter.sh + - ./tools/deployment/network-policy/901-test-networkpolicy.sh + +- job: + name: openstack-helm-infra-apparmor + parent: openstack-helm-infra-functional + timeout: 9600 + pre-run: playbooks/osh-infra-upgrade-host.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + osh_params: + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: apparmor + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/apparmor/000-install-packages.sh + - ./tools/deployment/apparmor/001-setup-apparmor-profiles.sh + - ./tools/deployment/apparmor/005-deploy-k8s.sh + - ./tools/deployment/apparmor/015-ingress.sh + - ./tools/deployment/apparmor/020-ceph.sh + - ./tools/deployment/apparmor/025-ceph-ns-activate.sh + - ./tools/deployment/apparmor/030-mariadb.sh + - ./tools/deployment/apparmor/040-memcached.sh + - ./tools/deployment/apparmor/050-prometheus-alertmanager.sh + - ./tools/deployment/apparmor/055-prometheus.sh + - ./tools/deployment/apparmor/060-prometheus-node-exporter.sh + - ./tools/deployment/apparmor/070-prometheus-blackbox-exporter.sh + - ./tools/deployment/apparmor/075-prometheus-process-exporter.sh + - ./tools/deployment/apparmor/080-grafana.sh + - ./tools/deployment/apparmor/085-rabbitmq.sh + - ./tools/deployment/apparmor/095-nagios.sh + - ./tools/deployment/apparmor/120-openvswitch.sh + - ./tools/deployment/apparmor/170-postgresql.sh + +- job: + name: openstack-helm-infra-aio-logging-apparmor + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + osh_params: + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: apparmor + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-logging/000-install-packages.sh + - ./tools/deployment/osh-infra-logging/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-logging/010-ingress.sh + - ./tools/deployment/osh-infra-logging/020-ceph.sh + - ./tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh + - ./tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh + - ./tools/deployment/osh-infra-logging/040-ldap.sh + - ./tools/deployment/osh-infra-logging/050-elasticsearch.sh + - ./tools/deployment/osh-infra-logging/060-fluentd-daemonset.sh + - ./tools/deployment/osh-infra-logging/065-fluentd-deployment.sh + - ./tools/deployment/osh-infra-logging/070-kibana.sh + - ./tools/deployment/osh-infra-logging/600-kibana-selenium.sh || true + +- job: + name: openstack-helm-infra-openstack-support-apparmor + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: playbooks/osh-infra-upgrade-host.yaml + required-projects: + - openstack/openstack-helm-infra + - openstack/openstack-helm + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + osh_params: + openstack_release: xena + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: apparmor + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/openstack-support/000-install-packages.sh + - ./tools/deployment/openstack-support/005-deploy-k8s.sh + - ./tools/deployment/openstack-support/007-namespace-config.sh + - ./tools/deployment/openstack-support/010-ingress.sh + - ./tools/deployment/openstack-support/020-ceph.sh + - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh + - ./tools/deployment/openstack-support/030-rabbitmq.sh + - ./tools/deployment/openstack-support/040-memcached.sh + - ./tools/deployment/openstack-support/050-libvirt.sh + - ./tools/deployment/openstack-support/060-openvswitch.sh + - ./tools/deployment/openstack-support/070-mariadb.sh + - ./tools/deployment/openstack-support/080-setup-client.sh + - ./tools/deployment/openstack-support/090-keystone.sh + - ./tools/deployment/openstack-support/110-openstack-exporter.sh + - ./tools/deployment/apparmor/140-ceph-radosgateway.sh + +- job: + name: openstack-helm-infra-elastic-beats + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: playbooks/osh-infra-upgrade-host.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/elastic-beats/005-deploy-k8s.sh + - ./tools/deployment/elastic-beats/020-ingress.sh + - ./tools/deployment/elastic-beats/030-ceph.sh + - ./tools/deployment/elastic-beats/035-ceph-ns-activate.sh + - ./tools/deployment/elastic-beats/040-ldap.sh + - ./tools/deployment/elastic-beats/050-elasticsearch.sh + - ./tools/deployment/elastic-beats/060-kibana.sh + - ./tools/deployment/elastic-beats/070-kube-state-metrics.sh + - ./tools/deployment/elastic-beats/080-elastic-metricbeat.sh + - ./tools/deployment/elastic-beats/090-elastic-filebeat.sh + - ./tools/deployment/elastic-beats/100-elastic-packetbeat.sh + +- job: + name: openstack-helm-infra-local-storage + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + osh_params: + openstack_release: xena + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: local-storage + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-local-storage/000-install-packages.sh + - ./tools/deployment/osh-infra-local-storage/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-local-storage/010-ingress.sh + - ./tools/deployment/osh-infra-local-storage/020-local-storage.sh + - ./tools/deployment/osh-infra-local-storage/030-mariadb.sh + - ./tools/deployment/osh-infra-local-storage/040-prometheus.sh + - ./tools/deployment/osh-infra-local-storage/050-elasticsearch.sh + - ./tools/deployment/osh-infra-local-storage/060-volume-info.sh + +# Use libvirt ssl with apparmor +- job: + name: openstack-helm-infra-openstack-support-ssl-apparmor + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: playbooks/osh-infra-upgrade-host.yaml + required-projects: + - openstack/openstack-helm-infra + - openstack/openstack-helm + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + vars: + osh_params: + openstack_release: xena + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: "ssl,apparmor" + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/openstack-support/000-install-packages.sh + - ./tools/deployment/openstack-support/005-deploy-k8s.sh + - ./tools/deployment/openstack-support/007-namespace-config.sh + - ./tools/deployment/openstack-support/010-ingress.sh + - ./tools/deployment/openstack-support/020-ceph.sh + - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh + - ./tools/deployment/openstack-support/030-rabbitmq.sh + - ./tools/deployment/openstack-support/040-memcached.sh + - ./tools/deployment/openstack-support/051-libvirt-ssl.sh + - ./tools/deployment/openstack-support/060-openvswitch.sh + - ./tools/deployment/openstack-support/070-mariadb.sh + - ./tools/deployment/openstack-support/080-setup-client.sh + - ./tools/deployment/openstack-support/090-keystone.sh + - ./tools/deployment/openstack-support/110-openstack-exporter.sh + - ./tools/deployment/apparmor/140-ceph-radosgateway.sh + +- job: + name: openstack-helm-infra-aio-monitoring-tls + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + required-projects: + - openstack/openstack-helm + vars: + osh_params: + feature_gates: tls + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh + - ./tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh + - - ./tools/deployment/osh-infra-monitoring-tls/020-ingress.sh + - ./tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh + - ./tools/deployment/osh-infra-monitoring-tls/040-ldap.sh + - ./tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh + - - ./tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh + - ./tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh + - ./tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh + - ./tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh + - ./tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh + - - ./tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh + # - ./tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh + - ./tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh + - - ./tools/deployment/osh-infra-monitoring-tls/110-grafana.sh + - ./tools/deployment/osh-infra-monitoring-tls/120-nagios.sh + - ./tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh + - - ./tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh || true + +- job: + name: openstack-helm-infra-aio-logging-tls + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + required-projects: + - openstack/openstack-helm + vars: + osh_params: + feature_gates: tls + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-logging-tls/000-install-packages.sh + - ./tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-logging-tls/015-cert-manager.sh + - - ./tools/deployment/osh-infra-logging-tls/010-ingress.sh + - ./tools/deployment/osh-infra-logging-tls/020-ceph.sh + - - ./tools/deployment/osh-infra-logging-tls/025-ceph-ns-activate.sh + - ./tools/deployment/osh-infra-logging-tls/030-radosgw-osh-infra.sh + - ./tools/deployment/osh-infra-logging-tls/040-ldap.sh + - ./tools/deployment/osh-infra-logging-tls/050-elasticsearch.sh + - - ./tools/deployment/osh-infra-logging-tls/060-fluentd.sh + - ./tools/deployment/osh-infra-logging-tls/070-kibana.sh + - ./tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh || true +... diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index 948da772a..410515ae1 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -35,6 +35,25 @@ vars: lint_osh: true +- job: + name: openstack-helm-infra-bandit + roles: + - zuul: openstack/openstack-helm-infra + - zuul: zuul/zuul-jobs + required-projects: + - openstack/openstack-helm + - openstack/openstack-helm-infra + files: + - ^.*\.py\.tpl$ + - ^.*\.py$ + - ^playbooks/osh-infra-bandit.yaml$ + pre-run: playbooks/prepare-hosts.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + run: playbooks/osh-infra-bandit.yaml + vars: + helm_version: "v3.6.3" + bandit_version: "1.7.1" + - job: name: publish-openstack-helm-charts parent: publish-openstack-artifacts @@ -44,598 +63,166 @@ post-run: playbooks/publish/post.yaml - job: - name: openstack-helm-infra-functional - run: playbooks/osh-infra-gate-runner.yaml + name: openstack-helm-infra-deploy abstract: true + roles: + - zuul: openstack/openstack-helm-infra + - zuul: zuul/zuul-jobs required-projects: + - openstack/openstack-helm - openstack/openstack-helm-infra irrelevant-files: - ^.*\.rst$ - ^doc/.*$ - ^releasenotes/.*$ + timeout: 7200 + pre-run: + - playbooks/prepare-hosts.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + run: + - playbooks/deploy-env.yaml + - playbooks/run-scripts.yaml + vars: + # the k8s package versions are available here + # https://packages.cloud.google.com/apt/dists/kubernetes-xenial/main/binary-amd64/Packages + kube_version: "1.26.3-00" + calico_version: "v3.25" + helm_version: "v3.6.3" + yq_version: "v4.6.0" + crictl_version: "v1.26.1" + zuul_osh_infra_relative_path: ../openstack-helm-infra + gate_scripts_relative_path: ../openstack-helm-infra + run_helm_tests: "no" - job: - name: openstack-helm-infra-deploy - parent: openstack-helm-infra-functional - timeout: 7200 - roles: - - zuul: zuul/zuul-jobs - pre-run: playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node + name: openstack-helm-infra-logging + parent: openstack-helm-infra-deploy + nodeset: openstack-helm-1node-ubuntu_focal vars: osh_params: - openstack_release: xena + openstack_release: "2023.1" container_distro_name: ubuntu container_distro_version: focal - gate_scripts_relative_path: ../openstack-helm-infra gate_scripts: - - ./tools/deployment/common/000-install-packages.sh - - ./tools/gate/deploy-k8s.sh - -- job: - name: openstack-helm-infra-deploy-kubeadm - parent: openstack-helm-infra-functional - timeout: 7200 - roles: - - zuul: zuul/zuul-jobs - pre-run: playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - openstack_release: xena - container_distro_name: ubuntu - container_distro_version: focal - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/common/000-install-packages.sh - - ./tools/gate/deploy-k8s-kubeadm.sh - -- job: - name: openstack-helm-infra-bandit - run: playbooks/osh-infra-bandit.yaml - nodeset: openstack-helm-single-node - files: - - ^.*\.py\.tpl$ - - ^.*\.py$ - -- job: - name: openstack-helm-infra - parent: openstack-helm-infra-functional - timeout: 7200 - roles: - - zuul: zuul/zuul-jobs - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-docker.yaml - - playbooks/osh-infra-deploy-selenium.yaml - - playbooks/osh-infra-build.yaml - - playbooks/osh-infra-deploy-k8s.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/multinode/010-deploy-docker-registry.sh - - ./tools/deployment/multinode/020-ingress.sh - - ./tools/deployment/multinode/030-ceph.sh - - ./tools/deployment/multinode/035-ceph-ns-activate.sh - - ./tools/deployment/multinode/040-ldap.sh - - ./tools/deployment/multinode/045-mariadb.sh - - ./tools/deployment/multinode/050-prometheus.sh - - ./tools/deployment/multinode/060-alertmanager.sh - - ./tools/deployment/multinode/070-kube-state-metrics.sh - - ./tools/deployment/multinode/075-node-problem-detector.sh - - ./tools/deployment/multinode/080-node-exporter.sh - - ./tools/deployment/multinode/085-process-exporter.sh - - ./tools/deployment/multinode/090-openstack-exporter.sh - - ./tools/deployment/multinode/100-grafana.sh - - ./tools/deployment/multinode/110-nagios.sh - - ./tools/deployment/multinode/115-radosgw-osh-infra.sh - - ./tools/deployment/multinode/120-elasticsearch.sh - - ./tools/deployment/multinode/125-fluentbit.sh - - ./tools/deployment/multinode/130-fluentd.sh - - ./tools/deployment/multinode/140-kibana.sh - - ./tools/deployment/multinode/170-postgresql.sh - - ./tools/deployment/multinode/600-grafana-selenium.sh || true - - ./tools/deployment/multinode/610-nagios-selenium.sh || true - - ./tools/deployment/multinode/620-prometheus-selenium.sh || true - - ./tools/deployment/multinode/630-kibana-selenium.sh || true - -- job: - name: openstack-helm-infra-tenant-ceph - parent: openstack-helm-infra-functional - nodeset: openstack-helm-five-node-ubuntu - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-docker.yaml - - playbooks/osh-infra-deploy-selenium.yaml - - playbooks/osh-infra-build.yaml - - playbooks/osh-infra-deploy-k8s.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/tenant-ceph/010-relabel-nodes.sh - - ./tools/deployment/tenant-ceph/020-ingress.sh - - ./tools/deployment/tenant-ceph/030-ceph.sh - - ./tools/deployment/tenant-ceph/035-ceph-ns-activate.sh - - ./tools/deployment/tenant-ceph/040-tenant-ceph.sh - - ./tools/deployment/tenant-ceph/045-tenant-ceph-ns-activate.sh - - ./tools/deployment/tenant-ceph/050-radosgw-osh-infra.sh - - ./tools/deployment/tenant-ceph/060-radosgw-openstack.sh - -- job: - name: openstack-helm-infra-ubuntu - parent: openstack-helm-infra - nodeset: openstack-helm-ubuntu - -- job: - name: openstack-helm-infra-aio-logging - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-logging/000-install-packages.sh - - ./tools/deployment/osh-infra-logging/005-deploy-k8s.sh - - - ./tools/deployment/osh-infra-logging/010-ingress.sh - - ./tools/deployment/osh-infra-logging/020-ceph.sh - - - ./tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh - - ./tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh - - - ./tools/deployment/osh-infra-logging/040-ldap.sh - - ./tools/deployment/osh-infra-logging/050-elasticsearch.sh - - - ./tools/deployment/osh-infra-logging/060-fluentd.sh - - ./tools/deployment/osh-infra-logging/070-kibana.sh - - ./tools/deployment/osh-infra-logging/600-kibana-selenium.sh || true - -- job: - name: openstack-helm-infra-aio-monitoring - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-monitoring/000-install-packages.sh - - ./tools/deployment/osh-infra-monitoring/005-deploy-k8s.sh - - - ./tools/deployment/osh-infra-monitoring/010-deploy-docker-registry.sh - - ./tools/deployment/osh-infra-monitoring/020-ingress.sh - - ./tools/deployment/osh-infra-monitoring/030-nfs-provisioner.sh - - ./tools/deployment/osh-infra-monitoring/040-ldap.sh - - ./tools/deployment/osh-infra-monitoring/045-mariadb.sh - - - ./tools/deployment/osh-infra-monitoring/050-prometheus.sh - - ./tools/deployment/osh-infra-monitoring/060-alertmanager.sh - - ./tools/deployment/osh-infra-monitoring/070-kube-state-metrics.sh - - ./tools/deployment/osh-infra-monitoring/075-node-problem-detector.sh - - ./tools/deployment/osh-infra-monitoring/080-node-exporter.sh - - - ./tools/deployment/osh-infra-monitoring/090-process-exporter.sh - - ./tools/deployment/osh-infra-monitoring/100-openstack-exporter.sh - - ./tools/deployment/osh-infra-monitoring/105-blackbox-exporter.sh - - - ./tools/deployment/osh-infra-monitoring/110-grafana.sh - - ./tools/deployment/osh-infra-monitoring/120-nagios.sh - - ./tools/deployment/osh-infra-monitoring/170-postgresql.sh - - - ./tools/deployment/osh-infra-monitoring/600-grafana-selenium.sh || true - - ./tools/deployment/osh-infra-monitoring/610-prometheus-selenium.sh || true - - ./tools/deployment/osh-infra-monitoring/620-nagios-selenium.sh || true - -- job: - name: openstack-helm-infra-federated-monitoring - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/federated-monitoring/000-install-packages.sh - - ./tools/deployment/federated-monitoring/005-deploy-k8s.sh - - ./tools/deployment/federated-monitoring/010-ingress.sh - - ./tools/deployment/federated-monitoring/020-nfs-provisioner.sh - - ./tools/deployment/federated-monitoring/030-ldap.sh - - ./tools/deployment/federated-monitoring/040-kube-state-metrics.sh - - ./tools/deployment/federated-monitoring/050-node-exporter.sh - - ./tools/deployment/federated-monitoring/060-prometheus.sh - - ./tools/deployment/federated-monitoring/070-federated-prometheus.sh - - ./tools/deployment/federated-monitoring/080-mariadb.sh - - ./tools/deployment/federated-monitoring/090-grafana.sh - - ./tools/deployment/federated-monitoring/100-prometheus-selenium.sh || true - -- job: - name: openstack-helm-infra-aio-network-policy - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - nodeset: openstack-helm-single-node - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/network-policy/000-install-packages.sh - - ./tools/deployment/network-policy/005-deploy-k8s.sh - - ./tools/deployment/network-policy/010-ingress.sh - - ./tools/deployment/network-policy/020-nfs-provisioner.sh - - ./tools/deployment/network-policy/039-lockdown.sh - - ./tools/deployment/network-policy/040-ldap.sh - - ./tools/deployment/network-policy/045-mariadb.sh - - ./tools/deployment/network-policy/050-prometheus.sh - - ./tools/deployment/network-policy/060-alertmanager.sh - - ./tools/deployment/network-policy/070-kube-state-metrics.sh - - ./tools/deployment/network-policy/080-node-exporter.sh - - ./tools/deployment/network-policy/090-process-exporter.sh - - ./tools/deployment/network-policy/100-grafana.sh - - ./tools/deployment/network-policy/110-nagios.sh - - ./tools/deployment/network-policy/120-elasticsearch.sh - - ./tools/deployment/network-policy/125-fluentbit.sh - - ./tools/deployment/network-policy/130-fluentd-daemonset.sh - - ./tools/deployment/network-policy/135-fluentd-deployment.sh - - ./tools/deployment/network-policy/140-kibana.sh - - ./tools/deployment/network-policy/openstack-exporter.sh - - ./tools/deployment/network-policy/901-test-networkpolicy.sh - -- job: - name: openstack-helm-infra-apparmor - parent: openstack-helm-infra-functional - timeout: 9600 - pre-run: playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: apparmor - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/apparmor/000-install-packages.sh - - ./tools/deployment/apparmor/001-setup-apparmor-profiles.sh - - ./tools/deployment/apparmor/005-deploy-k8s.sh - - ./tools/deployment/apparmor/015-ingress.sh - - ./tools/deployment/apparmor/020-ceph.sh - - ./tools/deployment/apparmor/025-ceph-ns-activate.sh - - ./tools/deployment/apparmor/030-mariadb.sh - - ./tools/deployment/apparmor/040-memcached.sh - - ./tools/deployment/apparmor/050-prometheus-alertmanager.sh - - ./tools/deployment/apparmor/055-prometheus.sh - - ./tools/deployment/apparmor/060-prometheus-node-exporter.sh - - ./tools/deployment/apparmor/070-prometheus-blackbox-exporter.sh - - ./tools/deployment/apparmor/075-prometheus-process-exporter.sh - - ./tools/deployment/apparmor/080-grafana.sh - - ./tools/deployment/apparmor/085-rabbitmq.sh - - ./tools/deployment/apparmor/095-nagios.sh - - ./tools/deployment/apparmor/120-openvswitch.sh - - ./tools/deployment/apparmor/170-postgresql.sh - -- job: - name: openstack-helm-infra-aio-logging-apparmor - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: apparmor - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-logging/000-install-packages.sh - - ./tools/deployment/osh-infra-logging/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-logging/000-prepare-k8s.sh - ./tools/deployment/osh-infra-logging/010-ingress.sh - ./tools/deployment/osh-infra-logging/020-ceph.sh - ./tools/deployment/osh-infra-logging/025-ceph-ns-activate.sh - ./tools/deployment/osh-infra-logging/030-radosgw-osh-infra.sh - ./tools/deployment/osh-infra-logging/040-ldap.sh - ./tools/deployment/osh-infra-logging/050-elasticsearch.sh - - ./tools/deployment/osh-infra-logging/060-fluentd-daemonset.sh - - ./tools/deployment/osh-infra-logging/065-fluentd-deployment.sh + - ./tools/deployment/osh-infra-logging/060-fluentd.sh - ./tools/deployment/osh-infra-logging/070-kibana.sh - ./tools/deployment/osh-infra-logging/600-kibana-selenium.sh || true +# This job is for compatibility with openstack-helm-images-aio-logging - job: - name: openstack-helm-infra-openstack-support-apparmor - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - required-projects: - - openstack/openstack-helm-infra - - openstack/openstack-helm - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node + name: openstack-helm-infra-aio-logging + parent: openstack-helm-infra-logging + +- job: + name: openstack-helm-infra-monitoring + parent: openstack-helm-infra-deploy + nodeset: openstack-helm-1node-ubuntu_focal vars: osh_params: - openstack_release: xena + openstack_release: "2023.1" container_distro_name: ubuntu container_distro_version: focal - feature_gates: apparmor - gate_scripts_relative_path: ../openstack-helm-infra gate_scripts: - - ./tools/deployment/openstack-support/000-install-packages.sh - - ./tools/deployment/openstack-support/005-deploy-k8s.sh - - ./tools/deployment/openstack-support/007-namespace-config.sh - - ./tools/deployment/openstack-support/010-ingress.sh - - ./tools/deployment/openstack-support/020-ceph.sh - - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh - - ./tools/deployment/openstack-support/030-rabbitmq.sh - - ./tools/deployment/openstack-support/040-memcached.sh - - ./tools/deployment/openstack-support/050-libvirt.sh - - ./tools/deployment/openstack-support/060-openvswitch.sh - - ./tools/deployment/openstack-support/070-mariadb.sh - - ./tools/deployment/openstack-support/080-setup-client.sh - - ./tools/deployment/openstack-support/090-keystone.sh - - ./tools/deployment/openstack-support/110-openstack-exporter.sh - - ./tools/deployment/apparmor/140-ceph-radosgateway.sh + - ./tools/deployment/osh-infra-monitoring/000-prepare-k8s.sh + - ./tools/deployment/osh-infra-monitoring/010-deploy-docker-registry.sh + - ./tools/deployment/osh-infra-monitoring/020-ingress.sh + - ./tools/deployment/osh-infra-monitoring/030-nfs-provisioner.sh + - ./tools/deployment/osh-infra-monitoring/040-ldap.sh + - ./tools/deployment/osh-infra-monitoring/045-mariadb.sh + - ./tools/deployment/osh-infra-monitoring/050-prometheus.sh + - ./tools/deployment/osh-infra-monitoring/060-alertmanager.sh + - ./tools/deployment/osh-infra-monitoring/070-kube-state-metrics.sh + - ./tools/deployment/osh-infra-monitoring/075-node-problem-detector.sh + - ./tools/deployment/osh-infra-monitoring/080-node-exporter.sh + - ./tools/deployment/osh-infra-monitoring/090-process-exporter.sh + - ./tools/deployment/osh-infra-monitoring/100-openstack-exporter.sh + - ./tools/deployment/osh-infra-monitoring/105-blackbox-exporter.sh + - ./tools/deployment/osh-infra-monitoring/110-grafana.sh + - ./tools/deployment/osh-infra-monitoring/120-nagios.sh + - ./tools/deployment/osh-infra-monitoring/170-postgresql.sh + - ./tools/deployment/osh-infra-monitoring/600-grafana-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring/610-prometheus-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring/620-nagios-selenium.sh || true + +# This job is for compatibility with openstack-helm-images-aio-monitoring +- job: + name: openstack-helm-infra-aio-monitoring + parent: openstack-helm-infra-monitoring - job: name: openstack-helm-infra-metacontroller - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node + parent: openstack-helm-infra-deploy + nodeset: openstack-helm-1node-ubuntu_focal vars: osh_params: container_distro_name: ubuntu container_distro_version: focal feature_gates: apparmor - gate_scripts_relative_path: ../openstack-helm-infra gate_scripts: - - ./tools/deployment/common/000-install-packages.sh - - ./tools/deployment/common/005-deploy-k8s.sh + - ./tools/deployment/common/prepare-k8s.sh - ./tools/deployment/common/metacontroller.sh - ./tools/deployment/common/daemonjob-controller.sh - job: name: openstack-helm-infra-openstack-support - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - required-projects: - - openstack/openstack-helm-infra - - openstack/openstack-helm - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node + parent: openstack-helm-infra-deploy + nodeset: openstack-helm-1node-ubuntu_focal vars: osh_params: - openstack_release: xena + openstack_release: "2023.1" container_distro_name: ubuntu container_distro_version: focal - gate_scripts_relative_path: ../openstack-helm-infra gate_scripts: - - ./tools/deployment/openstack-support/000-install-packages.sh - - ./tools/deployment/openstack-support/005-deploy-k8s.sh - - ./tools/deployment/openstack-support/007-namespace-config.sh - - - ./tools/deployment/openstack-support/010-ingress.sh - - ./tools/deployment/openstack-support/020-ceph.sh - - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh - - - ./tools/deployment/openstack-support/030-rabbitmq.sh - - ./tools/deployment/openstack-support/070-mariadb.sh - - - ./tools/deployment/openstack-support/040-memcached.sh - - ./tools/deployment/openstack-support/050-libvirt.sh - - ./tools/deployment/openstack-support/060-openvswitch.sh - - ./tools/deployment/openstack-support/080-setup-client.sh - - ./tools/deployment/openstack-support/090-keystone.sh - - - ./tools/deployment/openstack-support/100-ceph-radosgateway.sh - - ./tools/deployment/openstack-support/110-openstack-exporter.sh - - ./tools/deployment/openstack-support/120-powerdns.sh - - ./tools/deployment/openstack-support/130-cinder.sh - -- job: - name: openstack-helm-infra-five-ubuntu - parent: openstack-helm-infra - nodeset: openstack-helm-five-node-ubuntu - -- job: - name: openstack-helm-infra-elastic-beats - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/elastic-beats/005-deploy-k8s.sh - - ./tools/deployment/elastic-beats/020-ingress.sh - - ./tools/deployment/elastic-beats/030-ceph.sh - - ./tools/deployment/elastic-beats/035-ceph-ns-activate.sh - - ./tools/deployment/elastic-beats/040-ldap.sh - - ./tools/deployment/elastic-beats/050-elasticsearch.sh - - ./tools/deployment/elastic-beats/060-kibana.sh - - ./tools/deployment/elastic-beats/070-kube-state-metrics.sh - - ./tools/deployment/elastic-beats/080-elastic-metricbeat.sh - - ./tools/deployment/elastic-beats/090-elastic-filebeat.sh - - ./tools/deployment/elastic-beats/100-elastic-packetbeat.sh - -- job: - name: openstack-helm-infra-local-storage - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - openstack_release: xena - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: local-storage - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-local-storage/000-install-packages.sh - - ./tools/deployment/osh-infra-local-storage/005-deploy-k8s.sh - - ./tools/deployment/osh-infra-local-storage/010-ingress.sh - - ./tools/deployment/osh-infra-local-storage/020-local-storage.sh - - ./tools/deployment/osh-infra-local-storage/030-mariadb.sh - - ./tools/deployment/osh-infra-local-storage/040-prometheus.sh - - ./tools/deployment/osh-infra-local-storage/050-elasticsearch.sh - - ./tools/deployment/osh-infra-local-storage/060-volume-info.sh - -- job: - name: openstack-helm-infra-validate-minikube-aio - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - vars: - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/common/000-install-packages.sh - - ./tools/deployment/common/005-deploy-k8s.sh - - ./tools/deployment/common/validate-minikube-aio.sh - -# Use libvirt ssl -- job: - name: openstack-helm-infra-openstack-support-ssl - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - required-projects: - - openstack/openstack-helm-infra - - openstack/openstack-helm - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - openstack_release: xena - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: ssl - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/openstack-support/000-install-packages.sh - - ./tools/deployment/openstack-support/005-deploy-k8s.sh - - ./tools/deployment/openstack-support/007-namespace-config.sh - - - ./tools/deployment/openstack-support/010-ingress.sh - - ./tools/deployment/openstack-support/020-ceph.sh - - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh - - - ./tools/deployment/openstack-support/030-rabbitmq.sh - - ./tools/deployment/openstack-support/070-mariadb.sh - - - ./tools/deployment/openstack-support/040-memcached.sh - - ./tools/deployment/openstack-support/051-libvirt-ssl.sh - - ./tools/deployment/openstack-support/060-openvswitch.sh - - ./tools/deployment/openstack-support/080-setup-client.sh - - ./tools/deployment/openstack-support/090-keystone.sh - - - ./tools/deployment/openstack-support/100-ceph-radosgateway.sh - - ./tools/deployment/openstack-support/110-openstack-exporter.sh - - ./tools/deployment/openstack-support/120-powerdns.sh - - ./tools/deployment/openstack-support/130-cinder.sh - -# Use libvirt ssl with apparmor -- job: - name: openstack-helm-infra-openstack-support-ssl-apparmor - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: playbooks/osh-infra-upgrade-host.yaml - required-projects: - - openstack/openstack-helm-infra - - openstack/openstack-helm - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - vars: - osh_params: - openstack_release: xena - container_distro_name: ubuntu - container_distro_version: focal - feature_gates: "ssl,apparmor" - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/openstack-support/000-install-packages.sh - - ./tools/deployment/openstack-support/005-deploy-k8s.sh + - ./tools/deployment/openstack-support/000-prepare-k8s.sh - ./tools/deployment/openstack-support/007-namespace-config.sh - ./tools/deployment/openstack-support/010-ingress.sh - ./tools/deployment/openstack-support/020-ceph.sh - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh - ./tools/deployment/openstack-support/030-rabbitmq.sh + - ./tools/deployment/openstack-support/070-mariadb.sh + - ./tools/deployment/openstack-support/040-memcached.sh + - ./tools/deployment/openstack-support/050-libvirt.sh + - ./tools/deployment/openstack-support/060-openvswitch.sh + - ./tools/deployment/openstack-support/080-setup-client.sh + - ./tools/deployment/openstack-support/090-keystone.sh + - ./tools/deployment/openstack-support/100-ceph-radosgateway.sh + - ./tools/deployment/openstack-support/110-openstack-exporter.sh + - ./tools/deployment/openstack-support/120-powerdns.sh + - ./tools/deployment/openstack-support/130-cinder.sh + +# Use libvirt ssl +- job: + name: openstack-helm-infra-openstack-support-ssl + parent: openstack-helm-infra-deploy + nodeset: openstack-helm-1node-ubuntu_focal + vars: + osh_params: + openstack_release: "2023.1" + container_distro_name: ubuntu + container_distro_version: focal + feature_gates: ssl + gate_scripts: + - ./tools/deployment/openstack-support/000-prepare-k8s.sh + - ./tools/deployment/openstack-support/007-namespace-config.sh + - ./tools/deployment/openstack-support/010-ingress.sh + - ./tools/deployment/openstack-support/020-ceph.sh + - ./tools/deployment/openstack-support/025-ceph-ns-activate.sh + - ./tools/deployment/openstack-support/030-rabbitmq.sh + - ./tools/deployment/openstack-support/070-mariadb.sh - ./tools/deployment/openstack-support/040-memcached.sh - ./tools/deployment/openstack-support/051-libvirt-ssl.sh - ./tools/deployment/openstack-support/060-openvswitch.sh - - ./tools/deployment/openstack-support/070-mariadb.sh - ./tools/deployment/openstack-support/080-setup-client.sh - ./tools/deployment/openstack-support/090-keystone.sh + - ./tools/deployment/openstack-support/100-ceph-radosgateway.sh - ./tools/deployment/openstack-support/110-openstack-exporter.sh - - ./tools/deployment/apparmor/140-ceph-radosgateway.sh - -- job: - name: openstack-helm-infra-aio-monitoring-tls - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - required-projects: - - openstack/openstack-helm - vars: - osh_params: - feature_gates: tls - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh - - ./tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh - - ./tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh - - - ./tools/deployment/osh-infra-monitoring-tls/020-ingress.sh - - ./tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh - - ./tools/deployment/osh-infra-monitoring-tls/040-ldap.sh - - ./tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh - - - ./tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh - - ./tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh - - ./tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh - - ./tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh - - ./tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh - - - ./tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh - # - ./tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh - - ./tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh - - - ./tools/deployment/osh-infra-monitoring-tls/110-grafana.sh - - ./tools/deployment/osh-infra-monitoring-tls/120-nagios.sh - - ./tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh - - - ./tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh || true - - ./tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh || true - - ./tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh || true -- job: - name: openstack-helm-infra-aio-logging-tls - parent: openstack-helm-infra-functional - timeout: 7200 - pre-run: - - playbooks/osh-infra-upgrade-host.yaml - - playbooks/osh-infra-deploy-selenium.yaml - post-run: playbooks/osh-infra-collect-logs.yaml - nodeset: openstack-helm-single-node - required-projects: - - openstack/openstack-helm - vars: - osh_params: - feature_gates: tls - gate_scripts_relative_path: ../openstack-helm-infra - gate_scripts: - - ./tools/deployment/osh-infra-logging-tls/000-install-packages.sh - - ./tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh - - ./tools/deployment/osh-infra-logging-tls/015-cert-manager.sh - - - ./tools/deployment/osh-infra-logging-tls/010-ingress.sh - - ./tools/deployment/osh-infra-logging-tls/020-ceph.sh - - - ./tools/deployment/osh-infra-logging-tls/025-ceph-ns-activate.sh - - ./tools/deployment/osh-infra-logging-tls/030-radosgw-osh-infra.sh - - ./tools/deployment/osh-infra-logging-tls/040-ldap.sh - - ./tools/deployment/osh-infra-logging-tls/050-elasticsearch.sh - - - ./tools/deployment/osh-infra-logging-tls/060-fluentd.sh - - ./tools/deployment/osh-infra-logging-tls/070-kibana.sh - - ./tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh || true + - ./tools/deployment/openstack-support/120-powerdns.sh + - ./tools/deployment/openstack-support/130-cinder.sh ... diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index 54b59ee12..ad6d1ea9b 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -22,9 +22,8 @@ - openstack-helm-lint - openstack-helm-lint-osh - openstack-helm-infra-bandit - - openstack-helm-infra-deploy - - openstack-helm-infra-aio-logging - - openstack-helm-infra-aio-monitoring + - openstack-helm-infra-logging + - openstack-helm-infra-monitoring - openstack-helm-infra-openstack-support - openstack-helm-infra-openstack-support-ssl - openstack-helm-infra-metacontroller @@ -32,8 +31,8 @@ jobs: - openstack-helm-lint - openstack-helm-lint-osh - - openstack-helm-infra-aio-logging - - openstack-helm-infra-aio-monitoring + - openstack-helm-infra-logging + - openstack-helm-infra-monitoring - openstack-helm-infra-openstack-support - openstack-helm-infra-openstack-support-ssl post: @@ -42,22 +41,16 @@ periodic: jobs: - publish-openstack-helm-charts - - openstack-helm-infra-validate-minikube-aio - # - openstack-helm-infra-tenant-ceph - # - openstack-helm-infra-five-ubuntu experimental: jobs: - # - openstack-helm-infra-five-ubuntu - openstack-helm-infra-elastic-beats - # - openstack-helm-infra-tenant-ceph + - openstack-helm-infra-tenant-ceph - openstack-helm-infra-federated-monitoring - openstack-helm-infra-local-storage - openstack-helm-infra-aio-network-policy - openstack-helm-infra-apparmor - openstack-helm-infra-aio-logging-apparmor - openstack-helm-infra-openstack-support-apparmor - - openstack-helm-infra-metacontroller - openstack-helm-infra-aio-monitoring-tls - openstack-helm-infra-aio-logging-tls - - openstack-helm-infra-deploy-kubeadm ...