This moves both minikube and kubeadm deployments back to using
the ceph mimic repositories instead of ceph luminous repositories
Change-Id: I1b6b6af6ecb82e7c690a735286198bc7d0ab7c8d
This adds a deployment step for postgresql to the single node
monitoring job to validate the exporter works as intended
Change-Id: I2680b3e40ca4466e27daf6145cef064c312a7b57
This removes the insertion of test dummy data and the following
query for it from the Elasticsearch helm tests. Upon upgrades,
it's possible for Elasticsearch to refuse the direct insertion of
data due to shard reallocation and due to full bulk endpoint
queues. These refusals should not be seen as test failures
Change-Id: Id53d53a7aa2b58e64932d50ca3e7a4fb1141bb3a
This PS adds the ability to change the admin user credentials
and erlang session cookie. To do so requires `--recreate-pods` to
be passed to helm on a release upgrade.
Change-Id: Ib04ad43a7c303a8ddc31fd0de288a2f7f3294a12
Signed-off-by: Pete Birley <pete@port.direct>
This adds the container security context to set
readOnlyRootFilesystem to true and allowPrivilegeEscalation to false
Change-Id: I7b2f78b51b6ff219c371893f975a30fd89f1719b
This PS improves the robustnes of the RabbitMQ clustering logic
to support reforming the cluster following recreation of all pods,
and wait for the cluster to fully form before continuing in case
of an upgrade.
This ability was lost with the introduction of the following PS,
which prevented reformation of the cluster from scratch.
* https://review.openstack.org/#/c/637337/
Change-Id: I99d32fbd3c56dde492717a7850b61001fa8f7fb5
Signed-off-by: Pete Birley <pete@port.direct>
This updates the kubernetes version used when deploying via
kubeadm and minikube to v1.13.4
This required updating the apiVersion in the kubeadm configuration
file template, as well as removing the --cadvisor-port flag from
the kubelet args, as this has been removed entirely
Change-Id: I3088b65ece0a5c9c5ef2669247ac293d6a6f66ed
- Move the cronjob from ceph-mon to ceph-client
- Adding ceph-rbd-pool job as dependencies for cronjob
- checkPGs manifest set to true so it will always run
in gate.
Co-Authored-By: Chinasubbareddy Mallavarapu <cr3938@att.com>,
Renis Makadia <renis.makadia@att.com>
Change-Id: I9855d8d22265e78c7e2f5fa7ece69c9ff532ecb2
This PS adds a test to ensure the correct number of members in a
cluster.
Change-Id: I52d0fcc473322fb9a754e95a2977a5c2cfad6b45
Signed-off-by: Pete Birley <pete@port.direct>
This updates the Redis helm test to use the redislabs/redis-py
image instead of the base ubuntu image, which allows for cleaning
up of the helm test entrypoint script. This was done to address
routine failures in the multinode periodic jobs, eg:
http://zuul.openstack.org/build/49a9627901514eeda40906c146b9a551
Change-Id: Ida0fd39d2c6d3908aca4cdb42d3a271c39ecc601
securityContext with readOnlyRootFilesystem is implemented at container
level and leveraged the helm-toolkit snippet
Change-Id: I98ca4211e0e236beb3dfe0e11cf5bb10a91b16a6
securityContext with readOnlyRootFilesystem is implemented at container
level and leveraged the helm-toolkit snippet
Change-Id: I8b16e9c17154a2bac162f31939b510fcd773126b
This moves the pod security policy job to a nonvoting check and
removes it as a gating job. This was overlooked previously. Once
the job has been vetted, we can revisit potentially making it a
voting and gating job
This had been done previously, but was overlooked in a change that
reintroduced the podsecuritypolicy job as a voting check and gate
Change-Id: I604efb9c608da69a04eaf87a54899cea34d7cd59
Added backoffLimit to exporter-create-sql-user job so that it
keeps retrying to restart the pod incase of an error. Also added
activeDeadlineSeconds for the pod created by this job to terminate
if it does not become ready in one hour.
Change-Id: Ib6214a887f959fed84108884c8d286624d2f164f
Provide support to add annotations to the podsecuritypolicy. This will
allow to add annotations related to seccomp and apparmor in psp.
Change-Id: I78718ae1f60e8ebee8ac8ba86145bb9ae26491d5
This patch place in a sample for an init container, generated by
helm toolkit, to load an apparmor profile included in the chart.
Change-Id: I309e3b550fd1d683745c319aa39bcfb96b77ea14
Signed-off-by: Tin Lam <tin@irrational.io>
The stats are generated by divingbell job and node-exporter picks
the stats from the host file system.
Change-Id: I0f73a6f3ca7e9d045832435410933bd630a8c686
This adds configuration overrides for a very basic Curator action
that should effectively be a no-op. This is to address periodic
failures seen in the osh-infra-aio-logging job that appear when
the run times coincide with Elastic Curator's cron schedule (every
six hours). This ensures curator actions are defined in cases
where this occurs
Change-Id: Ia2255ada2f32f21888bd4ca96df88496720fd0a5
This updates the metricbeat and filebeat daemonset templates to
include both the appropriate node selector definitions as well as
the ability to enable tolerations for the daemonsets in the same
manner as fluentbit and the node exporter
Change-Id: I474c4361c86287f05ab6078c1f81d671e902598d
Without setting the coordination driver, the gnocchi worker will
battle against other workers for jobs. This commit updates to use
memcached as gnocchi's coordinator.
This commit also removes the gnocchi upgrade option "--create-legacy-
resource-types" in the chart which creates ceilometer resource types.
The resource types creation is done by the ceilometer side during
ceilometer-upgrade. The option was already removed since gnocchi 4.0.0.
The missing image for gnocchi_resources_cleaner is added in this commit.
Change-Id: I19b6a4da21d1fe9816759b836b73a14bacd373a8
Signed-off-by: Angie Wang <angie.wang@windriver.com>
This PS extends the gate scripts to allow ceph to be deployed from
a workstation external to the k8s cluster.
Change-Id: I09b9a11747bab32c19637d8dd076b8caa3b89445
Signed-off-by: Pete Birley <pete@port.direct>
