This updates the apparmor job to only use the docker default
profile for memcached, as the custom apparmor profiles used didnt
allow for a successful deployment. This also updates the libvirt
overrides, as the current change to use daemonset-overrides
required updating the container name.
Co-authored-by: wilkers.steve@gmail.com
Co-authored-by: ld366r@att.com
Change-Id: I00cb4c62a38e0e1178e45b4e34c946b3b53da6d5
* Remove --skip-opt from the default option because it is not
porting auto_increment option to the dump
Change-Id: I45f38b303be893803dde244921f50f5dcb1d865d
The string "false" isn't boolean false.
Where possible use booleans in the values so constructs like:
{{ if not .Values.some.thing }}
# some thing is not set
{{ end }}
work as expected.
In the places it's expanded and passed into the pod environment
variables it is converted to a string; we update those all the same so
that template logic will work.
Change-Id: I6142b9d514b2b21381dbf0de2f1351f5ab94e696
all other charts that related with ceph have the logic
to override the ceph monitor hosts.
but storage class chart only has no logic to override the value.
to use external ceph, it must be able to set manually the ceph host.
Change-Id: Ib788e339606a2f7336a688aa276082503a18b04f
Signed-off-by: Hyunkook Cho <hk0713.cho@samsung.com>
This PS updates the password update logic to operate cleanly under all
senarios.
Change-Id: I675a344b00984c63cec34919f84a5e9dd8aa5b4e
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves mariadb to use mariabackup as the wsrep sst method.
Change-Id: Icc1c27d72a3bee5aaa091cdf3ca6cff0c5509f30
Signed-off-by: Pete Birley <pete@port.direct>
This adds the security context snippet for the elasticsearch
prometheus exporter container to set allowPrivilegeEscalation to false
and readOnlyRootFilesystem to true
Change-Id: Ia80aa9cfc837073fae0a884de5245764147d7ded
There was an additional job added for checking libvirt's apparmor
profiles separately from the standard apparmor job that existed
previously. This adds the libvirt deployment to the previously
existing apparmor job and removes the apparmor-libvirt job.
Change-Id: I76b00f1e5dca4236f62150e4ac48b0777a05b29f
This adds a job that will query the Elasticsearch HTTP cat API to
determine whether the desired number of nodes have been discovered
via the Zen discovery mechanism to be included in the cluster.
This aims to address issues seen when upgrading Elasticsearch,
where the snapshot repository job may trigger due to endpoints
from older pods being present. This new job will be the dependency
required by the snapshot repository job to ensure the ES cluster
has the desired number of nodes before attempting to register a
snapshot repository or interact with the cluster
Change-Id: I94fbbfdec7ca66d04acca9558e56dca3b2bc7d52
This PS adds logging output to the wsrep-recover function in the
mariadb startup script.
Change-Id: I98ea214852a0b54440b1ceeea363017397afcb52
Signed-off-by: Pete Birley <pete@port.direct>
This PS disables wsrep during the setting of admin passwords, which
is required to allow the cluster to come up from a dead stop.
Change-Id: Id9af65d57755f62afc672900bca79e5b11e9c8c9
Signed-off-by: Pete Birley <pete@port.direct>
This is to fix udev_settle function by adding timeout for blkid
command as it will get stuck on the host sometimes.
Change-Id: I378748991eecda9ea2af383ea04ecd97ab3d2948
Currently configuring storage classes is static. If
we want to add another storageclass for an exmaple
for harddisk then we have to create another yaml
along with update in .Values.yaml. Using this change
we can create as many storageclasses we want. Change
will basically iterate in loop and apply the values
present in .Values
At the same time we have to update the changes in
.Values.storageclass.rbd paramert values in all
applicable places
Change-Id: I3207f047c3f8b1a33dfb97c87b9ea7120b54c4b4
Story: ceph-provisioners-improvement
Signed-off-by: Kranthi Guttikonda <kranthi.guttikonda@b-yond.com>
Signed-off-by: kranthikirang <kranthi.guttikonda@b-yond.com>
* backup script for mariadb
* restore script for mariadb
* cronjob to control backup automation for mariadb
* add parameters to values.yaml
Change-Id: Ib0b6744f519ea1919507df0c2a50b45b27ac86ab
This patch set enhances the current MariaDB leader election algorithm
by adding a tiebreaker in case multiple nodes have the same sequence
number which happens to be the highest sequence number in the MariaDB
cluster. The tiebreaker is to pick the node which has the lowest node
number in the hostname.
This patch also changes the 409 status code reporting inside the
safe_update_configmap() function to be a warning instead of an error,
as it is indicative of a collision scenario rather than an actual
error.
Change-Id: Ifdff0250b520bb1972d79de94a491e566ed43997
Removing and updated docs dependencies to make the docs job work again.
Change-Id: I8ebaef2776d4d54c6b60dc6bbbcbb2fe4e49addc
Signed-off-by: Tin Lam <tin@irrational.io>
These changes aim to remove blanket privileges from Calico and replace them
with the default pod privileges granted by Docker plus the few extended
privileges that Calico needs
Change-Id: I1342ef02086877bc69f752403a33278c9670ed86
This commit adds support for per-node overrides to the libvirt chart.
For example, to enable a relaxed ACS check on one host, but not another,
one may have the following in the override values file:
conf:
overrides:
libvirt_libvirt:
hosts:
- name: host1.fqdn
conf:
qemu:
relaxed_acs_check: 1
- name: host2.fqdn
conf:
qemu:
relaxed_acs_check: 0
Story: 2005283
Task: 30140
Change-Id: Ia3431db6b78692ec0140cce1bab9bae5937318a4
Signed-off-by: Steven Webster <steven.webster@windriver.com>
* backup script for postgresql
* restore script for postgresql
* cronjob to control backup automation for postgresql
* add parameters to values.yaml
Change-Id: I5eaa82e824c9f361aa667c431cd93058391f2e60
This PS updates the rabbitmq chart to make cluster formation
more robust, with the previous implementation it was possible
to form multiple descrete clusters within a single deployment
of the chart (eg if a network partition existed during formation)
Change-Id: Ie241d29230419ff829d9fbb22fa1a01275926903
Signed-off-by: Pete Birley <pete@port.direct>
This PS fixes the dependency checks tor the tests and wait job.
Change-Id: I09301083bfc2d0218298a8c5e0dd4957bef11c42
Signed-off-by: Pete Birley <pete@port.direct>
This is to resolve ds name changes during the site update which triggers
all osds to start at a time and deletes old ds which is causing some timesouts
on clients.
Change-Id: If004e8e46ea34d90d7e05dc41e873c7a64ec046f
This updates the dependencies for the Elasticsearch chart to be
more cautious before proceeding. For example, this updates the
dependencies for the register snapshot job to wait until all
ES components have registered endpoints, and also updates the helm
test pod to wait for all components to have registered endpoints
and the snapshot job to have completed
Change-Id: Ie4e92bba4ae33b33cadb921bdda91ceb813e29e1
Now that we explicity declare there is no need to define the default
username and password.
Change-Id: I95e41c411c2a86ae527283d5dc13b8a1f65b513a
Signed-off-by: Pete Birley <pete@port.direct>
securityContext with allowPrivilegeEscalation: false is implemented at
container level and leveraged the helm-toolkit snippet
Change-Id: Iddb18c87993fd3dc005c55f5678829c2a19718db
This adds the release-annotation to the pod spec for the charts in
openstack-helm-infra. This also adds missing configmap annotations
to charts in openstack-helm-infra
Change-Id: Ie23f0c16a7a21d3929e98928db2bbcef69ae6490
