This patch place in a sample for an init container, generated by
helm toolkit, to load an apparmor profile included in the chart.
Change-Id: I309e3b550fd1d683745c319aa39bcfb96b77ea14
Signed-off-by: Tin Lam <tin@irrational.io>
The stats are generated by divingbell job and node-exporter picks
the stats from the host file system.
Change-Id: I0f73a6f3ca7e9d045832435410933bd630a8c686
This adds configuration overrides for a very basic Curator action
that should effectively be a no-op. This is to address periodic
failures seen in the osh-infra-aio-logging job that appear when
the run times coincide with Elastic Curator's cron schedule (every
six hours). This ensures curator actions are defined in cases
where this occurs
Change-Id: Ia2255ada2f32f21888bd4ca96df88496720fd0a5
This updates the metricbeat and filebeat daemonset templates to
include both the appropriate node selector definitions as well as
the ability to enable tolerations for the daemonsets in the same
manner as fluentbit and the node exporter
Change-Id: I474c4361c86287f05ab6078c1f81d671e902598d
Without setting the coordination driver, the gnocchi worker will
battle against other workers for jobs. This commit updates to use
memcached as gnocchi's coordinator.
This commit also removes the gnocchi upgrade option "--create-legacy-
resource-types" in the chart which creates ceilometer resource types.
The resource types creation is done by the ceilometer side during
ceilometer-upgrade. The option was already removed since gnocchi 4.0.0.
The missing image for gnocchi_resources_cleaner is added in this commit.
Change-Id: I19b6a4da21d1fe9816759b836b73a14bacd373a8
Signed-off-by: Angie Wang <angie.wang@windriver.com>
This PS extends the gate scripts to allow ceph to be deployed from
a workstation external to the k8s cluster.
Change-Id: I09b9a11747bab32c19637d8dd076b8caa3b89445
Signed-off-by: Pete Birley <pete@port.direct>
This PS makes some minor changes to the minikube k8s script to
make shellcheck happy
Change-Id: Ic5972d7de20b73aee0b019143ba778d6f1ff9271
Signed-off-by: Pete Birley <pete@port.direct>
Currently both 'deployment:rgw_keystone_user_and_endpoints`
and 'conf: rgw_ks' are used and set to true to deploy
ceph-rgw with keystone integration.
Going forward, we should only use `conf: rgw_ks: enabled: true`
to deploy ceph-rgw with keystone integration.
Change-Id: I17aecd4f977ed897bb0771edc9acafd4479777d1
- Postgres initdb fails running as non-root as it cannot
change the ownership or permission on the PVC mounted
to the container. Update the chart to use a uid 0 init
container for setting ownership before the postgres
container starts.
Change-Id: I648fe7ca3dbc1f6ca6f4513360de2278be7c1ce4
This uses the ceph luminous repository temporarily until the
issues seen recently with the mimic repository are sorted out and
addressed
Change-Id: Ic079fd2b3e948f37b9362bb221af45605230b19a
This PS udpates the mariadb chart to support changing the root password.
Additionally it moves to use three replicas in the gate
Change-Id: I286ad0b892e5ea2f85636a0c7af58598bcfdaec4
Signed-off-by: Pete Birley <pete@port.direct>
This moves the pod security policy job to a nonvoting check and
removes it as a gating job. This was overlooked previously. Once
the job has been vetted, we can revisit potentially making it a
voting and gating job
Change-Id: I5d06343f94ae64355bce9d4f7862a8b18b5ea827
This updates Helm from version v2.12.3 to v2.13.0.
The `merge` function has changed behavior, and is now called
`mergeOverwrite`.
Change-Id: Ie3364256c8abb714b748b3bf3658bd6cd1e3ce35
This updates the ingress controller image to v0.23.0, which was
required to add support for configuring cookie max age and expires
for ingresses via annotations on the ingress.
This also removes the --enable-dynamic-configuration flag, as the
flag is no longer valid in 0.23.0 due to the functionality being
a default behavior of the nginx ingress controller in recent
releases
Change-Id: I4917797c43ec973ed0bb311fc305b01f10abd4e5
This adds ingress network policies to kube-state-metrics and
openstack-exporter using the helm-toolikit template. It also
add openstack-exporter to the network policy jobs.
Change-Id: I3bfc2f1e8a35c09e577a046ebd52346de95e5745
- The deployment resource for the prometheus exporter was missing
the required (by apps/v1) field spec.selector. Add it.
Change-Id: I8afb8541ea1660ee5ca610d7d2b4cfd149d317dc
Adds seccomp annotation function in helm toolkit.
This function can be used by charts to add seccomp
annotations in containers metadata section.
Change-Id: Icf36f1e4aff36fec8a9eefaff06d12984aeb7a78
