As of 0.12.14, fluentbit exposes a flag for setting the db_sync
behavior for writing the location of the tail input to its sqlite
database. The default setting is Full, which introduces additional
synchronizations before and after a transaction. This has the
potential to negatively affect disk performance with the extra
synchronizations. This moves the setting in the chart to Normal,
which performs fewer synchronizations and still maintains a high
level of safety with status writes
Change-Id: I3b437edd6bd7501ef37ce06f0a561bd1747eb290
This updates the helm tests and the elasticsearch template job.
This changes the tests to conditionally check whether the
template job is enabled and the templates key is not empty, and
uses the result to determine whether to test for the existence
of those templates (to account for situations where the job is
disabled).
This updates the job to also check whether there are templates
defined in additional to checking whether the job itself is
enabled.
Change-Id: I14cedeb8d8a4444a73ea974426c3b0f136d1b698
This updates the Nagios image tag to include a version that fixes
the service discovery bug that resulted in duplicate host group
entries. The duplicate host group entries would prevent Nagios
from restarting, resulting in the service never coming back up
when duplicate host groups were identified and added
Change-Id: I555c525e47deffd95eeb5a7276c00cf044e61e3a
This removes some obsolete calico version information that
was leftover from the original manifest after which this chart
was modeled.
Change-Id: Ic592923484c498216025bb5a7b0bda1f2be9e871
This PS moves the template renderer function to its correct
location in helm-toolkit.
Thanks to Sai Battina for noticing this.
Change-Id: I614ee33bc8c39007955a0e32cd34e881bd1cb3fe
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds basic documentation for the metadata labels function.
Change-Id: I8ef3093aafabb64c61396a721b6c6b66dc5de9e8
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds basic documentation for the image function.
Change-Id: I3ee6f44efc7252facb329bc6dae5be571de338bd
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds basic documentation for the tls secret macro.
Change-Id: I36a6b171cb5bce2d4bf6dc22c22f0a630d677497
Signed-off-by: Pete Birley <pete@port.direct>
This PS adds basic documentation for the ingress macro.
Change-Id: Iabfa76eae6bb79f914a3fce0047a82ab1e915c76
Signed-off-by: Pete Birley <pete@port.direct>
It adds an ability to specify the auxiliary configuraiton for rabbitmq
like policies, permissions loading json formatted data
Change-Id: I85240a50fb64a4d74454768034fe3bdcf25f3019
Signed-off-by: Ruslan Khanbikov <rk760n@att.com>
This PS adds documentation comments to may of the utility functions
in helm-toolkit.
Change-Id: Id0481284058678ea2834edf462fa7666e429bd79
Signed-off-by: Pete Birley <pete@port.direct>
This PS refactors the endpoint functions to reduce code repetition
and improve readability.
Change-Id: I4a280d0645206ca74794fc4e69ec374bde4c4633
Signed-off-by: Pete Birley <pete@port.direct>
This pins the version of ansible deployed via the makefile
dev-deploy directives to the version used in zuul. This was
causing issues with docker, as make dev-deploy setup-host was
deploying ansible 2.6. Ansible 2.6 introduces a new flag to the
docker_container module (init) that is incompatible with our
current roles, which resulted in observed failures in osh-infra
and osh
Change-Id: Ibc885b53bce77eb36817024b21efb0e99865f690
This PS updates Helm-Toolkit to accept both a simple string (previous
operation) and a dict containing host and potentially tls params for
public endpoints.
Change-Id: Ia95e9f008098ef3eb110d651fd06141774ceb8b7
Signed-off-by: Pete Birley <pete@port.direct>
We only need keep one of osh-infra-deploy-docker.yaml and
osh-infra-docker.yaml, because the content is almost the same.
Change-Id: I27854c0b9492853f7c4edf130b6533c33292dc89
This updates the TLS secret templates to include the backend
service in the dict supplied to the manifest template, as it is
required for the TLS secret to render correctly.
This also removes the readiness probe from the nagios container in
the deployment for the nagios chart, as it wasn't functioning as
intended due to the port not being available for the probe
Change-Id: Iabcfd40c74938e0497d08ffeeebc98ab722fa660
This PS updates the comments for endpoint lookup functions
Change-Id: Ifdc96acaac6972c10f6a580eaf37629910a955a5
Signed-off-by: Pete Birley <pete@port.direct>
Adds support for TLS on overriden fqdns for public endpoints for
the services that have them in openstack-helm-infra. Currently this
implementation is limited, in that it does not provide support for
dynamically loading CAs into the containers, or specifying them manually
via configuration. As a result only well known or CA's added manually
to containers will be recognised.
Change-Id: I4ab4bbe24b6544b64cd365467e8efb2a421ac3f4
This moves to define the datasources provisioned by grafana via
a template defined in the values.yaml. This allows us to define
multiple datasource types that can be mapped directly to the
corresponding entries in endpoints, which enables us to generate
the data source urls via endpoint lookups rather than hardcoding
this. This is the first step to support multiple data sources in
a singular grafana deployment
Change-Id: Iac7f4b1e07aaf83ae4d2a0c923cd06817f0d8c0d
This updates the LDAP configuration for grafana, using a template
defined in the values.yaml file. Using the template allows us to
dynamically define LDAP configuration values, such as the bind dn,
search base and group search base paths, the password, and the
LDAP fqdn. This also updates the volume mount for the
provisioning directory to be defined by the configuration value in
the values.yaml file
Change-Id: I1e4866d1189cf40b08b3443dc725646a1b76094c
This adds missing readiness probes to the following charts in
openstack-helm-infra: elasticsearch, fluent-logging, kibana,
nagios, prometheus-kube-state-metrics, prometheus-node-exporter,
and prometheus-openstack-exporter
Change-Id: I6a2635b08667c31eadb1b05ba848c658935a17e5
This PS updates the tls functions to be yaml safe for the service
name.
Change-Id: I535f38a8d92c01280d79926a1f0acd06984aabbf
Signed-off-by: Pete Birley <pete@port.direct>
This updates the ordering of the basic auth providers in the
elasticsearch and nagios chart to check the file provider first
before going out to check the configured ldap server.
Change-Id: I47ff8a1c7b2cefa8425914c5d4d7a76aa8d43216
Signed-off-by: Steve Wilkerson <wilkers.steve@gmail.com>
This changes the keystone webhook check back to voting once the
helm-toolkit manifest changes are merged in, and depends on the
openstack-helm patchset that introduces the changes the manifest
change required for this check to pass
Depends-On: https://review.openstack.org/576001
Change-Id: I337fe6d57a978e5b92d5bb5ae844e16bb8082609
Signed-off-by: Steve Wilkerson <wilkers.steve@gmail.com>
