* Ingests the bird templates so that we can override them
to support things such as custom BGP ports (listen) and
neighbors (remote)
* Supports announcing addresses that are within the
.Values.networking.bgp.ipv4|6.additional_cidrs list
in support of ingress controllers that can create
dummy interfaces and assign addresses to be announced
* Introduces a new job to perform calicoctl manipulation to
support manipulating the mesh, adding peers, and changing the
ipPool settings which is value driven
* Support custom port binding and specific interface binding
to allow custom BGP port selection for IPv4 and IPv6
* Instantiates calicoctl as a utility on hosts
* Adds a new function to helm-toolkit to retrieve the http
or https prefix for an endpoint
* Supports https based etcd backends with new certificate
parameters
* Finally, introduces more strict bgp listening to allow
multiple hostNet bgp speakers to run in parallel
Change-Id: Ib4d00befddbd8498b9dcc693409b8b2577458497
This removes the pvc in Alertmanager and changes the default
storage_class to readwriteonce. Now that Alertmanager uses peer
meshing, it's not required for the replicas to share a common
volume claim
Change-Id: I24290264cb0e552a143a56faa753289f073c47b9
This disables the Elasticsearch snapshot repository backed by
NFS by default as the curator job for snapshots is disabled by
default, and should make no assumption that NFS is deployed by
default
Change-Id: Idc74cfb80fcb4c4741d82c6d0ce63fd90a8c919f
This increases the default scrape and evaluation intervals to match
those of the prometheus service upstream with the aim to reduce
prometheus's resource consumption. It also adds configuration
parameters for the min and max block durations that series can
span
Change-Id: I7f9352413a273fbf680b892ba26e30cf27bae232
This PS uses volumeClaimTemplates to provide multiple
pvcs and pvs to prometheus statefulset's multiple pods.
This gives ability to provide read-write-many access
backend by a read-write-once storage class.
Change-Id: I53d1b866c0c87f0833941b612d3acfbe5742744f
This PS is kube-state-metrics for kubernetes version 1.8.
Using kube-state-metrics:v1.2.0 image makes kube-state-
metric pod work properly. Also, gives authority to list
endpoints, persistentvolumes, and horizontalpodautoscalers
by adding them to clusterrole.
Change-Id: I705b29c321b0162740744afa8573dc6ae75bcc60
There was a change in the upstream reference httpd image for
apache that changed how modules were built for apache.
This change adds the required fix to accomodate the change.
See isssue here https://github.com/docker-library/httpd/pull/87
The Elasticsearch image tag was updated to accomodate the kernel
versions used in the gate as part of the kernel update playbook
See https://github.com/elastic/elasticsearch/issues/28349#issuecomment-360233779
The openstack-exporter binary was changed to reflect changes made
to the openstack-exporter image
Change-Id: I1deb9e7cde794421dd33fade566c2a9fdb5007e6
the prometheus-kube-state-metrics/values.yaml file had a key for
prometheus replicas, which was likely a result of copy/paste
Change-Id: Id5b915c3814f9caa313c16dfbca7796e7f8284e2
This disables the Prometheus admin http api by default to fall in
line with the service defaults, as enabling this exposes endpoints
for deleting and modifying time series over http.
Change-Id: I797dce32d625c4c8e927a6b0649dbba0db7f6905
The default flush interval for fluentbit should be set to the
service's default value (5s) rather than flushing the buffer every
second
Change-Id: I9a77d42681af4c59e383553a5f3716afc372bedd
This patch set adds label to "kube-system" and "default"
namespaces used for podSelector.
Change-Id: Ia67a0e4d9adf6f5575d74aebf77673aae3660c62
Signed-off-by: Tin Lam <tin@irrational.io>
This adds checks for the fields in the service annotations for
prometheus, similar to the checks made for the pod annotations.
It also moves prometheus annotations under a prometheus: key
under a top-level monitoring tree to allow for other monitoring
mechanisms independent of the endpoints tree
Change-Id: I4be6d6ad8e74e8ca52bd224ceddad785577bf6c7
Run kibana behind apache as a reverse proxy to supply basic auth
for kibana, as xpack requires a suscription to support security
for kibana
Change-Id: I82168fc47fad29e26bcb02964709a04200dac467
Run elasticsearch behind apache as a reverse proxy to supply basic
auth for elasticsearch, as xpack requires a suscription to support
security for elasticsearch
Change-Id: I72d06ed9cd2179ead86ddc67db33c68a1e40c437
This updates the ceph dashboards in grafana to use the metrics
provided by the ceph-mgr prometheus module instead of the digital
ocean ceph exporter
Change-Id: I449bc924034f0beabca3c6e8aab17765a706fd50
This PS adds keystone user management to the prometheus-openstack-exporter
chart, and also performs some spring cleaning.
Change-Id: I69e40c523867f751ecd8c63169aefdfdf4eb5cd2
This PS simplifys and accelerates the collection of pod container
logs and k8s object info in the zuul gates, which can currently take
40 minutes for the 5 node OSH gate to complete.
Change-Id: Ie9b23174fade3df4a87f2b771ea654e2081b4f4e
Removes an unused context declaration from the prometheus service
annotation template in helm-toolkit, and removes all references to
it
Change-Id: I57612c1504cf046f367ee10d26ef3062ebe528d3
This PS adds five node nodegroups to OSH-Infra, that will ultimately
be consumed by the OSH gates.
Change-Id: I212ecdb0ffca1855d5f7e0fbbb2e8a11afb1919c
This PS adds support for multiple replicas of Grafana to be
deployed, and adds MySQL based data persistance to the chart.
Change-Id: Ife44985a6d5024cc2074346340fba1d8efdecbfa
This PS adds permissions for k8s plugin in fluent-logging.
The k8s plugin in fluentbit gets information per pod and adds it to the
message(log) before output. But the plugin cannot get the pod in current chart.
This PS fix this issue.
Change-Id: Icdce8a0a5ed0975c4d6e72ba50df8ef9a3b76ca6
This PS brings Fluentd (&bit) inline with other charts by placing the
RBAC roles and bindings in the same template as the pod rc they are
assocated with.
Change-Id: I622a2adfc0dc9f5044202cd6318e3ed803088c5f
