This PS bumps the k8s version to that of the current release.
Change-Id: Ife6edac83f6e7639d6142d64aff458450a2e58ff
Signed-off-by: Pete Birley <pete@port.direct>
Helm now tries to update the stable repo when running helm init
by default. This ps adds the flag to prevent this, which is required
when running in airgapped, and some corporate, environments.
Change-Id: I38c487f88d17e9429c30cb03bf2d0f3652f1db99
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves to use the Helm 2.10 release, which brings in a version
of sprig that supports TLS certificate creation from defined CAs.
Change-Id: I80233f8f31727c80bcd667cfa0d851488da39588
Signed-off-by: Pete Birley <pete@port.direct>
Changing the chart to accept plain certificates rather than a base64
encoded string. The chart will handle the base64 encoding internally.
Change-Id: I3cd0710652b1b731fa4bcd9e92dd59ce2c436eb6
This PS updates the ansible roles to update the user used with
the tiller image used for bootstrapping to allow access to approprate
config files used. This is required for use with the current master
tiller image, which no longer deffaults to the root user.
Change-Id: I61f28a2ebeecb22eb66e0394417b0af3a9116483
Signed-off-by: Pete Birley <pete@port.direct>
This PS bumps the version of k8s used in the gates to 1.10.6
Change-Id: I396fe0c0e276d17eb52bfe289a464b7008b8d4d2
Signed-off-by: Pete Birley <pete@port.direct>
This PS enables the pod shared pid feature gate in k8s, which allows
the puase container to reap processes when desired.
Change-Id: I01eac64bfa029027465d47c5036119cf5799a100
Signed-off-by: Pete Birley <pete@port.direct>
This pins the version of ansible deployed via the makefile
dev-deploy directives to the version used in zuul. This was
causing issues with docker, as make dev-deploy setup-host was
deploying ansible 2.6. Ansible 2.6 introduces a new flag to the
docker_container module (init) that is incompatible with our
current roles, which resulted in observed failures in osh-infra
and osh
Change-Id: Ibc885b53bce77eb36817024b21efb0e99865f690
This PS adds support for testing fqdn over-rides in zuul gates.
When enabled it will direct requests to a configurable domain to
the default ip of the primary node.
Change-Id: I3d9a4a0bf06532caf0f544d44027493622f4ae5b
Signed-off-by: Pete Birley <pete@port.direct>
Upgrades the kubernetes version to v1.10.5 from v1.10.4.
Change-Id: Ic2a1f73c935136135e587945180e67ac928f8178
Signed-off-by: Tin Lam <tin@irrational.io>
This patch set loads the proxy environment variable when executing helm
init as it attempts to reach out to an external address to load the
stable repo. If this is executed with in a corporate environment that
requires a proxy, this would fail without the needed envvars.
Change-Id: I8b1b1efb15352934eb8f2a0b0214e486eea80d46
Signed-off-by: Tin Lam <tin@irrational.io>
This PS updates the version of kubernetes deployed in the gates/dev
env to 1.10.3.
Change-Id: I4916a669ab0cb58760c0497b2264d4a7d0a9bffe
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds the ability to deploy the Keystone Kubernetes Webhook
chart via kubeadm-aio
Change-Id: I18b0477a775de942f940e9c0984559089dca1cdb
Co-Authored-By: Tin Lam <tin@irrational.io>
Co-Authored-By: Gage Hugo <gagehugo@gmail.com>
Signed-off-by: Pete Birley <pete@port.direct>
This PS places the role default vars within the appropriate role,
in addition it exposes kubeadm's selfhosted param and deploys the
kubeadm binary to master nodes.
This PS exposes the selfhosted param, and deploys kubeadm to master
nodes.
Change-Id: I5ad1b593a711ffe353b012394d54044dede0691d
Pip>=10 moves the entrypoint to /usr/local/bin from /usr/bin, this
ps forces the shell to forget all locations following upgrade
to allow it to adapt to the new location.
Change-Id: I1ed92b75f689e982397cd4fc87ac262256e161e8
This patch set provides ability to configure the proxy setting in
the ansible playbook used to run the gate.
Change-Id: I7ae66cb16fa6db7d46a0a3f23c289cc625e583c4
Signed-off-by: Tin Lam <tin@irrational.io>
Curator job in Elasticsearch helm chart has a condition on
api version batch/v2alpha1. Cronjob resource is deprecated
in batch/v2alpha1 from k8s 1.8 and batch/v1beta1 is enabled
by default.
Remove the condition on API version as it is no more required.
Closes-Bug: #1753524
Change-Id: Ia296b3742e655fae508e5d4402e7f3881db31688
This PS removes the duplicate labeling of K8s namespaces everytime
the kubeadm image is run - as this action is performed by the
container itself while deploying k8s. It also updates the playbook
to label the kube-public ns.
Change-Id: Icfaabe54d263e0bbc52f2ac11835cb5d92ad32a4
This patch set adds label to "kube-system" and "default"
namespaces used for podSelector.
Change-Id: Ia67a0e4d9adf6f5575d74aebf77673aae3660c62
Signed-off-by: Tin Lam <tin@irrational.io>
This PS drives basic CNI options via ansible playbook in the
KubeADM-AIO container and modifies the calico chart to support
configuration via values.
Change-Id: Iaf2f9807438c3a34e797c62c2c6913edb677997c
This PS updates the docker daemon settings to run without
apply iptables rules. This simplifies host network management by
removing one of the actors interacting with iptables.
Change-Id: I335247afddf736b60212d199a3b860c3c792977f
This adds extra args for the kube-scheduler to expose metrics on
port 10251 on all interfaces. This allows for Prometheus to gather
metrics for the scheduler
Change-Id: I26d473f511f6541a14a9387be1ce56841572bfff
This PS moves the shell module invocations to use bash and set the
required env vars explicity. This can seolve some issues on ubuntu
workstation hosts which uses dash for shell commands by default.
Change-Id: Ieb440e421d9d95676719d66fb4c787f88a9d8a2b
This PS moves to use version 1.8.3 of k8s and also exposes all the
versions as build params to the kubeadm-aio dockerfile.
Change-Id: I8e6ef8090f3fa178e950a42605a5d86e298e0c99
