Adds seccomp annotation function in helm toolkit.
This function can be used by charts to add seccomp
annotations in containers metadata section.
Change-Id: Icf36f1e4aff36fec8a9eefaff06d12984aeb7a78
Implement a pod security context for the following Memcached resources:
- Memcached server deployment
Change-Id: I8628ceb246e7c435a2ddd20bf1bcecd94db8ea26
This PS updates the kubernetes_pod_security_context snippet, and adds a
macro for container securityContexts
'kubernetes_container_security_context.
Change-Id: I8b9c7b72f836efaf6c9dc3ad20fd8462b0d06d77
Signed-off-by: Pete Birley <pete@port.direct>
- Make the default to run the postgres database as the uid 999 which
the default image maps to the 'postgres' user
- If the database is already initialized, before starting postgres
set the 'postgres' database user password to match the declared
intended password
Change-Id: I7b0ea7a86246b098f38ef4c03dd157731f61e066
This is to resolve name conflicts of reources in case of multiple
releases required for single deployment of ceph cluster
Change-Id: Ibee5550db788ea57879837b010e22a24240237bf
Remove overrides that are already set or raised higher in the
Mimic release of Ceph for RGW.
rgw_thread_pool_size is now by default using 512
objecter_inflight_ops is now also set to 24576 by default for RGW
Change-Id: I982f6bc08954864afa5ad29923707e1bf64ba9fa
This updates the logging format and configuration for the apache
reverse proxies used for elasticsearch, kibana, nagios and
prometheus to enable logging of the remote clients used to access
these services
Change-Id: Id07e4294ea18203fbb890b78424a232c2d59cb82
This PS adds support for PostgreSQL DB initialization ie,
- DB creation
- user creation
- Setting password
- The password is being re-set everytime using "ALTER USER" to
enable password rotation to take effect.
- Grant privileges
Change-Id: I4f14ce44d7c6802d0b78ae6f64099b3707a48b33
The current gnocchi chart doesn't purge the resources/metrics for
the deleted openstack resources. This commit adds a cron job to
periodically purge the deleted resources data from gnocchi database.
By default, cron job runs daily and purges the deleted resources with
its associcated metrics which have lived more that 1 day.
Change-Id: Id45b92b91bb7668b35c3b5a7379283de51a1256a
Story: 2005016
Task: 29494
Signed-off-by: Angie Wang <angie.wang@windriver.com>
In templates/utils/_daemonset_overrides.tpl,
$context.Values.__daemonset_yaml is used cross the loop. It is not deep
copied in each round of loop. It means that the property set in the
previous round of loop will still exist in current loop. This is not
expected.
This patch is to make a deep copy in each round of loop.
Change-Id: I4e610e4acf67d92257f9d254546ec0b5b31609fe
Currently there is a bug in the beast code that makes it fail
during the initial lookup for a keystone user map. For the time
being we will continue to use civetweb when keystone is present
until this issue is resolved.
Change-Id: I56bcd77f38adb3763d35f46443c1403816d1dcea
We need to change from osh-infra to openstack
because ceph-openstack-config release runs in openstack namespace.
Change-Id: I28b57abf02d2437569c7c7c8d75ec8ba19d84311
