This PS adds the ability to deploy the Keystone Kubernetes Webhook
chart via kubeadm-aio
Change-Id: I18b0477a775de942f940e9c0984559089dca1cdb
Co-Authored-By: Tin Lam <tin@irrational.io>
Co-Authored-By: Gage Hugo <gagehugo@gmail.com>
Signed-off-by: Pete Birley <pete@port.direct>
This patch set adds a kubernetes keystone webhook authorizer chart to
OpenStack-Helm-Infra.
Change-Id: I16136f4ac2a787e8bcf90eb0675294300ac088f0
Co-Authored-By: Gage Hugo <gagehugo@gmail.com>
Signed-off-by: Tin Lam <tin@irrational.io>
Signed-off-by: Pete Birley <pete@port.direct>
This updates the lma-nfs-provisioner deployment script to run make
on the nfs-provisioner chart. Previously, it relied on the local
image registry deployment step being run to lint and package the
nfs-provisioner chart. This change allows the nfs-provisioner to
be deployed without the local image registry if desired.
This also updates the ldap deployment script to only run make on
the ldap chart instead of pulling the default images with the
make-pull directive
Change-Id: I3d8f321d7a8af50fd80ffbd6a337fa17675f5700
This adds the entry for resources for the apache proxy running in
the elasticsearch client and kibana pods. This also fixes an
incorrect enabled flag for resources in the kibana chart
Change-Id: Ifcd33a680167d7debfae2c4d71bdcb693632fce9
This updates the prometheus service discovery configuration
to define the openstack-exporter service discovery separate from
the other services. This allows for relabeling the instance label
for the openstack-exporter service, removing the potential for
multiple data series being returned by the single stat panels in
the Grafana dashboards for the openstack services. As the other
services perform as expected when exporter pods restart, they
remain configured the same as before.
Change-Id: Iad4c56d31fb553a9629f5a6fd1eac5464207add4
Signed-off-by: Steve Wilkerson <wilkers.steve@gmail.com>
This aims to introduce documentation to openstack-helm-infra,
similar to what exists in openstack-helm
Change-Id: If6a850d555c9bd4ddae36763733a47e795961a50
This adds an apache reverse proxy to the nagios chart, similar
to elasticsearch and kibana. It also adds authentication to
nagios via ldap
Change-Id: I7b17703b5d4c1e041691ffceb984a9f5951cbeb9
This adds ldap support to the grafana chart. This required updating
the version of Grafana to 5.0, as this version allows for using
configuration files to bootstrap the datasources and dashboards
instead of using the grafana http api. This was a necessary change
as using ldap for grafana presented issues trying to create the
datasource via the http api
This also adds a basic helm test for grafana. This test simply
verifies whether the prometheus datasource configured exists and
whether the number of dashboards reported by the admin api matches
the number of dashboards expected
Change-Id: I2e987cb425adba9f909722ffdb25b83f82710c4d
This changes the prometheus-openstack-exporter image to point to
a new image in quay.io/attcomdev rather than a personal image
repository
Change-Id: Ibf4fb74b38842d8cd52df7d0c9871aa58366b827
This updates the prometheus rule for checking for terminated
containers in pods. The previous rule checked for any terminations,
which raised alarms due to completed containers in jobs
being included, which isn't desired behavior. This changes the
expression to check for any containers that have terminated with
a status other than completed
Change-Id: I88e533a56f81f81bd1a81420ecfb7d43ac9e2d0b
This adds required configuration for enabling LDAP through
the apache proxy in the elasticsearch and kibana charts by
default
Change-Id: Iaff8f328ff50944ddad94ec86b1134ca73750176
This moves the ldap chart to openstack-helm-infra from
openstack-helm, allowing for ldap to provide an authentication
mechanism for components of the LMA stack, and can still be used for
keystone in openstack-helm, as openstack-helm-infra is a required
project
Change-Id: I211bc47c7a3ae875614102c8f64daa1099f702e8
disable the local nameserver as it interferes with the k8s
dns-service and other local resolvers used for development use.
Change-Id: I32c8e752675b037610f77c8baee1c1636d5a032e
Signed-off-by: Pete Birley <pete@port.direct>
This PS places the role default vars within the appropriate role,
in addition it exposes kubeadm's selfhosted param and deploys the
kubeadm binary to master nodes.
This PS exposes the selfhosted param, and deploys kubeadm to master
nodes.
Change-Id: I5ad1b593a711ffe353b012394d54044dede0691d
This PS stops pulling the charts default images, as the make file
target cannot target over-rides - resulting in longer gate runs with
twice as many images pulled than required in some cases.
Change-Id: I04c1d43d6ac9d2f509604709139583b085b406e3
See: https://review.openstack.org/#/c/566738/
This PS updates the chart metadata in Helm-Toolkit and also cleans
the top level directory of the chart.
Change-Id: I5319a8970bbdec2e1b0318e687d32d3840a14c50
Depends-On: Ic9610bb2ed07697352bfd5849c717f6e576e3d6c
This PS moves node-exporter to use the endpoints section and
lookups to set the ports it serves on.
Change-Id: Id6d71b12e531375e792384ac4410bce74170d033
This moves to using bash scripts for deploying the charts for the
multinode gates in osh-infra as opposed to using the ansible
chart builder
Change-Id: I2951ccf57250a5e6e272872f2d6f7a81bd11f184
This ps removes the namespace selector for discovering alertmanager
instances, as it's not required
Change-Id: Ie4dc40f761096d497293d6d98b2bbb906d382101
Move to v0.3.1 of kubernetes-entrypoint which has 2 breaking changes to
pod dependencies, and also adds support for depending on jobs via
labels.
Change-Id: I2bafc2153ddd46b3833b253a2e7950bccbccf8ed
