We now have a process for OSH-images image building,
using Zuul, so we should point the images by default to those
images, instead of pointing to stale images.
Without this, the osh-images build process is completely not
in use (and completely opaque to deployers), and updating the
osh-images process or patching its code has no impact on OSH.
This should fix it.
Change-Id: Ic00bd98c151669dc2485cd88e0e8c2ab05445959
This PS permits read-only filesystems to back the containers by setting
the default to true
Additionally /run is uniformly applied across all long running pods
as a memory backed emptydir
Change-Id: Ia7344e2c8caa1f25101bf30445cdfe277f89c143
Currently the weight value is hardcoded for anti-affinity type
preferredDuringSchedulingIgnoredDuringExecution. This ps updates
the htk function to retrieve the weight value from the configured
setting if it exists, or default to use the original hardcoded
value of 10 if it is not set (for backward compatibility).
Change-Id: I98c8b05ed7861c9c17e9c32569f53bde6ac2579d
This ps exposes the anti-affinity weight value, including
default, that will be consumed by the updated htk function.
Change-Id: Id8eb303674764ef8b0664f62040723aaf77e0a54
This PS forces the monmap to be clobbered each time the container starts
which is required to recover from ome senarios when using an emptydir
to back /etc/ceph.
Change-Id: I2cf271593591ce07435893336cff98a8b1c72166
Signed-off-by: Pete Birley <pete@port.direct>
This adds a basic egress policy to the charts run by the
network-policy check. A change was recently merged requiring
the eggress tag to be in the chart but did not add it, this
addresses that
Change-Id: I60669c9351db7854cba8c69723eb783a966d2a56
This updates the scripts for deploying fluentd to include
overrides for enabling prometheus monitoring. Despite not
deploying prometheus in the osh-infra-logging job, we can still
leverage the post run job to gather metrics from the exporters
service. This gives us the means for verifying the functionality
of the exporter
Change-Id: Id98474de89d86419157635007e2f114f0947498e
This updates the Curator image to use version 5.6.0, which adds
additional actions for use, such as the ability to shrink indices.
This also adds a separate configmap and config secret for Curator,
as this allows us to use separate configmap annotations on the
Elasticsearch component pods to prevent Curator config updates
from triggering recreation of Elasticsearch components. This helps
alleviate overhead associated with Elasticsearch service restarts.
Change-Id: I0aec7756b0dc09bc3981ede950dc88f821aeca4b
This adds the password for the mariadb sst user to the armada-lma
manifest, as it was previously missed
Change-Id: I8768569fff96bf15cb4b2a577a0f667972fda886
This updates the fluentd-exporter to use the bitnami image for the
chart instead of a personal image
Change-Id: I162dca4556646eb781c380acea307d2feb156d18
This updates the prometheus-process-exporter chart to include the pod
security context on the pod template. This changes the pod's
user from root to the nobody user instead
This also adds the container security context to set
allowPrivilegeEscalation to false and readOnlyRootFilesystem to true
Change-Id: I623227f9f9c878a8e7745f46f2cc77f6904005fb
Added file name, line number and function name to logging message format
for troubleshooting purpose
- This change is related to Grafana's session-db-sync job
Change-Id: Iaadbedfda0fd9cd7fe4b5c09fc05cb6181c400d1
This updates the Elasticsearch chart to allow for setting the
heap size per node type instead of for all nodes equally. This
also adds the required environment variable to configure whether
a node is an ingest node. This is set to false, as suggested for
elasticsearch versions <= 6.x
This also removes the ES_PLUGINS_INSTALL environment variable as
it is not used for anything in the current charts
Change-Id: I9096774db46dcbcd48b8a5448f0510984bf4108f
The changes made will take care of
1. block/allow all ingress
2. block/allow all egress
3. define spec->policyType based on policy type
and/or ingress/egress rules present in values.yaml
4. supports more labels to spec->podSeclector
5. copy the rules as is defined under ingress/egress.
Change-Id: Id437ee4de8d964b48540638ab8dff3199c3cb5ff
Reverting this commit to fix Multiple OSD issue.
Ceph deployment is failing when we specifying multiple osds.
Rendered file for ceph-osd charts have duplicate osd information.
Reverts this PS: https://review.opendev.org/#/c/644604/
This reverts commit 0b8784f26d4ff9d7054a30d8024cae24db93ed0d.
Change-Id: Ida018955eb558c9f890cc9e6aefba6689c992a73
Provide overrides for openSUSE images where those are available.
Currently for the ingress chart these are only the neutron images.
Change-Id: I37b220592f39c266e7812371ea8e5500fb393a9f
