This reverts commit 122dcef6295e1b62c113476737c29b8b031fbe85.
https://review.opendev.org/c/openstack/openstack-helm-infra/+/805246
The changes from the above patchset is a result of upgrading
Elasticsearch and Kibana images to v7.14. This image has been
reverted back to v7.9.2. As such, these changes are no longer
correct.
Change-Id: I44e9993002cbf1d2c4f5cb23d340b01bad521427
This change adds a condition to ensure that an IP address was
obtained for a ceph-mon kubernetes endpoint before building the
expected endpoint string and checking it against the monmap. If an
IP address isn't available, the check is skipped for that mon.
Change-Id: I45a2e2987b5ef0c27b0bb765f7967fcce1af62e4
As ceph clients expect the ceph_mon config as shown below for Ceph
Nautilus and later releases, this change updates the ceph-client-etc
configmap to reflect the correct mon endpoint specification.
mon_host = [v1:172.29.1.139:6789/0,v2:172.29.1.139:3300/0],
[v1:172.29.1.140:6789/0,v2:172.29.1.140:3300/0],
[v1:172.29.1.145:6789/0,v2:172.29.1.145:3300/0]
Change-Id: Ic3a1cb7e56317a5a5da46f3bf97ee23ece36c99c
The ceph-mon-check pod only knew about the v1 port before, and didn't
have the proper mon_host configuration in its ceph.conf file. This
patchset adds knowledge about the v2 port also and correctly configures
the ceph.conf file. Also fixes a namespace hardcoding that was found
in the last ceph-mon-check fix.
Change-Id: I460e43864a2d4b0683b67ae13bf6429d846173fc
In cases where the pool deletion feature [0] is used, but the pool does
not exists, a pool is created and then subsequently deleted.
This was broken by the performance optimizations introduced with [1], as
the job is trying to delete a pool that does not exist (yet).
This change makes the ceph-rbd-pool job wait for manage_pools to finish
before trying to delete the pool.
0: https://review.opendev.org/c/792851
1: https://review.opendev.org/c/806443
Change-Id: Ibb77e33bed834be25ec7fd215bc448e62075f52a
A race condition exists that can cause the mon-check pod to delete
mons from the monmap that are only down temporarily. This sometimes
causes issues with the monmap when those mons come back up. This
change adds a check to see if the list of mons in the monmap is
larger than expected before removing anything. If not, the monmap
is left alone.
Change-Id: I43b186bf80741fc178c6806d24c179417d7f2406
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: I4cf135dc9852506cc2e853c9faa8544b7b2e2fae
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: I21ba5d8ca6f86954c793268142419e0a9e083943
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: Ia600b979bf48629962577b3c5674bfa7415d78c0
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: I5c6dc5ea826c57b8c442ee0e876010a9ab726612
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: I8e035d70dd652d5253f534ad6b28042347158ff4
With the move to helm v3, helm status requires a namespace to be specified, but doing so breaks helm v2 compatability. This change removes the usage of helm serve in openstack-helm-infra's deployment scripts.
Change-Id: Idd97b6c8d2531c8cd55629a3ce91b2581af904f4
This change improves the osh-infra-deploy job to
successfully deploy minikube with helm v3 along with
the necessary namespaces. Future changes will modify
the install scripts for each job to make them helm
v3 compatible.
Change-Id: I08a94046f86f7c92be7580fbf10751150d2fcecc
This change updates the lint job to use helm v3. This
is part of the effort to migrate from helm v2 to v3 and
to ensure each chart is compatible with helm v3.
Change-Id: Ibc8ba5d8fe8efc3637d64df61305602385e644e4
Update Kubernetes version to v1.19.15, the latest patch release of the
earliest supported version (as of 2021-09-15).
Change-Id: Ia8f398098dfafa7fc029c982c71bce4a876668de
This change updates the helm-toolkit path in each chart as part
of the move to helm v3. This is due to a lack of helm serve.
Change-Id: I011e282616bf0b5a5c72c1db185c70d8c721695e
This is to add support for rook-ceph in provisioner chart so that
if any clients want to connect can make use of it .
Change-Id: I26c28fac3fa0f5d0b0e71a288217b37a5ca8fb13
This change attempts to reduce the number of Ceph commands required
in the ceph-rbd-pool job by collecting most pool properties in a
single call and by setting only those properties where the current
value differs from the target value.
Calls to manage_pool() are also run in the background in parallel,
so all pools are configured concurrently instead of serially. The
script waits for all of those calls to complete before proceeding
in order to avoid issues related to the script finishing before all
pools are completely configured.
Change-Id: If105cd7146313ab9074eedc09580671a0eafcec5
If labels are not specified on a Job, kubernetes defaults them
to include the labels of their underlying Pod template. Helm 3
injects metadata into all resources [0] including a
`app.kubernetes.io/managed-by: Helm` label. Thus when kubernetes
sees a Job's labels they are no longer empty and thus do not get
defaulted to the underlying Pod template's labels. This is a
problem since Job labels are depended on by
- Armada pre-upgrade delete hooks
- Armada wait logic configurations
- kubernetes-entrypoint dependencies
Thus for each Job template this adds labels matching the
underlying Pod template to retain the same labels that were
present with Helm 2.
[0]: https://github.com/helm/helm/pull/7649
Change-Id: I3b6b25fcc6a1af4d56f3e2b335615074e2f04b6d
Changes the override to use dynamically generated certs for the
libvirt-ssl jobs so they don't expire in the future. Also, changes it so
it is voting again like before.
Signed-off-by: Tin Lam <t@lam.wtf>
Change-Id: If7215961b0b9a7cad75afd7f78592515b74a7b58
Currently it isn't possible to set extra labels on pods that use
the labels snippet. This means users are required to fork the helm
repository for OpenStack services to add custom labels. Use cases
for this are for example injecting Istio sidecars.
This change introduces the ability to set one set of labels on all
resources that use the labels snippet.
Change-Id: Iefc8465300f434b89c07b18ba75260fee0a05ef5
The return code from the send_to_remote_server function are
being eaten by an if statement and thus we never hit the elif
section of code.
Change-Id: Id3e256c991421ad6624713f65212abb4881240c1
This patch sets temporary disables the ssl gate job and makes the check
job non-voting to unblock osh-infra. The certificate hardcoded in [0]
has expired.
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:61:31:9d:0f:ff:99:81:ba:6d:50:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = libvirt.org
Validity
Not Before: Sep 15 21:26:53 2020 GMT
Not After : Sep 15 21:26:53 2021 GMT
This will need to be updated or better, unhardcode this at the gate.
[0] https://opendev.org/openstack/openstack-helm-infra/src/branch/master/tools/deployment/openstack-support/051-libvirt-ssl.sh#L27-L51
Signed-off-by: Tin Lam <t@lam.wtf>
Change-Id: I5ea58490c4fe4b65fec7bd3f11b4684cdc1a3e8b
The prometheus-kube-state-metrics chart currently fails to lint
with helm3 due to an extra "-" character. This change removes
the extra dash character in order to allow us to link and build
the chart via helm v3.
Change-Id: Ice1661b8e52fb7e2293d8b03a19e8e7ad43078ca
Currently the shaker chart fails to lint with helm3 due to
invalid yaml marking characters. This change removes the offending
characters to allow us to lint the chart successfully with helm3.
Change-Id: Ieb1ebbeadc4ce12711090060def659709c070b94
This change removes a bunch of unused and unmaintained files
and job declarations related to deploying osh-infra with armada.
Change-Id: I158a255132cd6b02607b6e1e77b8b9525cc8a3d5
In the process of secondary development, we found
that we often need to access secrets from pod.
However, it seems that helm-tookit does not support
adding resource of secrets to role. This commit
try to fix that.
Change-Id: If384d6ccb7672a8da5a5e1403733fa655dfe40dd
This change fixes several issues with kubeadm, notably
the tiller image url/version, as well as fixing the
docker python library missing.
Change-Id: I35528bd45c08ac8580d9875dc54b300a2137fe73
This change adds a new script and job to deploy minikube with
helm3. This job will be improved upon in later changes as
part of the movement to helm3.
Change-Id: Ia7ef30a4e2af77508ad95191e5241d2c1b83a7c4
