This updates the fluentbit configuration for tail inputs to remove
the values for utilizing mysqlite databases to track its location
in each file it's configured to tail. This is intended to reduce
the pressure fluentbit exerts on the host through writing to
/var/log/foo.db. To help mitigate large amounts of traffic
sent from fluentbit to fluentd upon a pod restart, this also
adds a throttle filter to fluentbit.
As a result, Fluentbit no longer needs a writable mount to its
hostPath on /var/log on the host. Thus, this change includes
updating the Fluentbit daemonset's mount on /var/log to be
readOnly
Change-Id: If4381f4ff47e887f3ea10beded4f6172edaf08ba
This updates the script for deploying ldap in the network policy
job to accept ingress traffic from prometheus pods.
This also updates the network policy test to account for return
values with more than one result when checking for a pod to use,
as well as selecting pods by application and component labels
instead of simply grepping for a name (as this could cause issues
with grepping for 'fluentd', when that could return both fluentd
and fluentd-exporter pods, for example)
Change-Id: I12a4029f574ea7d5b250709adef21b07d8cf0220
Fix a naming issue with the cronjob's binary, and schedule the cron
job to run every 15 minutes for the gates. Additonally check to
to ensure we are only running on block devices. Also update the
script to work with ceph-volume created devices.
Change-Id: I8aedab0ac41c191ef39a08034fff3278027d7520
Checking test_version seems right. test_mimic is not existing.
Change-Id: I2cbfed0f7da0b22eb753ed7bce833872a7ff707f
Signed-off-by: Deokjin Kim <deokjin81.kim@samsung.com>
This removes an unused section of configuration for fluentd, as
well as cleans up the values for filtering fluentd logs
Change-Id: I0c58d3ac236af7723c64c3b9fcba877736b1f606
No longer use networking.settings.ippool.ipip.mode, rather take from
conf.node.CALICO_IPV4POOL_IPIP (this avoids duplication and
possibility of setting them differently).
Logging values previously required Titlecase in some places, lower in
others (and it changed across versions); have the chart DTRT where it
matters to avoid configuration problems.
Change-Id: Idb7ccb5be8f9e1cb184ed86a9fd0875704912564
This adds xxx-job name prefixes to the Selenium jobs for consistency
This will also remove the "|| true" suffix that was added temporarily to
ensure the Kibana selenium job did not error. The fix for the issue
was merged so the quick fix is no longer needed and may prevent an
error when an issue actually occurs.
Change-Id: I16881974cbf618b31813964b17c090dbfe33fe51
This PS adds support for tls secrets on non-fqdn overriden hosts
in ingress rules.
Change-Id: I134af614e7c2ac3fae6eba2bc4bda9f8b41f7f78
Signed-off-by: Pete Birley <pete@port.direct>
Uses ovs-vsctl for ovs-db
Uses ovs-appctl for ovs-vswitchd as "ovs-vsctl show" does not
talk to ovs-vswitchd.
Change-Id: Ia0b84e3546ff1693676ca61370e1344d75b6e308
Clean up the PG troubleshooting method that was needed for
Luminous images. Since we are now on Mimic, this function is now
not needed.
Change-Id: Iccb148120410b956c25a1fed5655b3debba3412c
This PS enables the ingress manifest function to work for all endpoints
rather than just public.
Change-Id: I3b454bb24a763f51896e845b767fd9d28f5b07dc
Signed-off-by: Pete Birley <pete@port.direct>
Relax the timing constrains for disk IO to accommodate rotating disks;
a "measured IO" might be the result of a small number of physical IOs,
allow for enough time for a small number of disk rotations (this isn't
perfect but seems to be about right in testing under load).
Change-Id: Ifb067a2218528e5918d2f4b2ba169b6e739084e0
This PS adds support for maps containing `host` for use within
the endpoint host lookup functions as well as a simple string
Change-Id: Ifddfb935bf12510a8b8fac25a4a18b4314845230
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the host and port function to call the correct
host function to allow ip addresses to be rendered if required.
Change-Id: I55c91bd911875b537a54ac76cda03a126649af80
Signed-off-by: Pete Birley <pete@port.direct>
This commit introduces proxy support to the Minikube gate script by
leveraging existing `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY`
environment variables. Additionally, this adds the ability to interpret
DNS nameservers when running behind a proxy server and use those in
`/etc/resolv.conf` over the Google DNS servers.
Change-Id: I508dd00fb7df33945e8ee96af250a8eff9db389a
This PS adds support for maps containing `host` for use within
the endpoint host lookup functions as well as a simple string
Change-Id: I21818676e3e907452912b7c7e3c5765e53aebc64
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the .gitignore to not add the files commonly used
for htk development by default.
Change-Id: Ic7b3711c3311ecef43b55342ae487078b5e004de
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds support for maps containing `host` for use within
the hostname lookup functions as well as a simple string.
Change-Id: I6fc5ebfb349c6581d40fe2d8723771d16ba1f9ec
Signed-off-by: Pete Birley <pete@port.direct>
Refactor the OSD Block initialization code that performs clean ups
to use all the commands that ceph-disk zap uses.
Extend the functionality when an OSD initializes to create journal
partitions automatically. For example if /dev/sdc3 is defined as a
journal disk, the chart will automatically create that partition.
The size of the journal partition is determined by the
osd_journal_size that is defined in ceph.conf.
Change the OSD_FORCE_ZAP option to OSD_FORCE_REPAIR to automatically
recreate/self-heal Filestore OSDs. This option will now call a
function to repair a journal disk, and recreate partitions. One
caveat to this, is that the device paritions must be defined (ex.
/dev/sdc1) for a journal. Otherwise the OSD is zapped and re-created
if the whole disk (ex. /dev/sdc) is defined as the journal disk.
Change-Id: Ied131b51605595dce65eb29c0b64cb6af979066e
The server should send an X-Content-Type-Options: nosniff to make sure
the browser does not try to detect a different Content-Type than what is
actually sent (can lead to XSS).
Additionally the server should send an X-Frame-Options: deny to protect
against drag'n drop clickjacking attacks in older browsers.
Change-Id: I779c519cf75bbee23d3a8348291c0fd053e61e4e
This adds a liveness probe to the fluentd chart. This probe will
simply perform a tcpSocket check on the same port the readiness
probe executes the check on.
Change-Id: I768b23d36d50d6f6938f5588bea71e97aeb624b9
This updates the Prometheus pod container status alerts. This
ensures there are alerts defined for ImagePullBackOff,
ErrImagePull, and CreateContainerConfigError errors.
This also updates the Nagios service checks to include correct
checks for those alerts
Change-Id: I91544e7dff8c6aac8c79cd8aa7d8f7bc03adaa9a
This proposes moving the multinode job to a periodic job to
match the approach used in the openstack-helm repo.
This also adds the openstack-exporter to the aio monitoring job as
it was previously missing.
This also proposes moving the aio-logging and aio-monitoring jobs
to voting
Change-Id: Idcd4544e03facdcd2430683b66bd80c79e73a372
