194 Commits

Author SHA1 Message Date
Tin Lam
c199addf3c Update apiVersion
This patch set updates and tests the apiVersion for rbac.authorization.k8s.io
from v1beta1 to v1 in preparation for its removal in k8s 1.20.

Change-Id: I4e68db1f75ff72eee55ecec93bd59c68c179c627
Signed-off-by: Tin Lam <tin@irrational.io>
2020-01-09 08:59:48 +00:00
Steve Wilkerson
005ece16d4 Fluentd: Add support for arbitrary secret env variables
This adds a helm-toolkit util for consuming arbitrary secret env
variables via pod env variables. It also updates the Fluentd chart
to add a release secret that is used to house the secret env
variables defined in the chart's values.yaml. This can be used as
an example to expand to other charts where this functionality is
desired

Change-Id: I9ef606840af92e54b2204e637c58442085e2c748
Signed-off-by: Steve Wilkerson <sw5822@att.com>
2019-12-09 14:15:40 -06:00
Pete Birley
eb5ae14dcd HTK: Omit port from uri for http/https when 80/443 used
This PS updates htk to omit the port used in the url when this
corresponds to the standard ports for the http and https protocols.

Change-Id: I46e2237dde99460fd096bd6fe58fe154b220041f
Signed-off-by: Pete Birley <pete@port.direct>
2019-12-06 17:48:38 -06:00
Tin Lam
0dd938d1be Add rally environment cleanup
This patch set add command to clean up a rally environment after a helm
test's execution is completed.

Change-Id: I652ee4930e7afb8b278250a0432086a2963a528c
Signed-off-by: Tin Lam <tin@irrational.io>
2019-11-22 04:32:48 +00:00
Tin Lam
3121fc24c5 Update egress HTK method
This patch set places logic to generate kubernetes egress network policy
rule based on the dependencies specified in values.yaml. This also sets
up the necessary default network policy for the OSH gate.

Change-Id: I1ac649cc9debb5d1f4ea0a32f506dcda4d8b8536
Signed-off-by: Tin Lam <tin@irrational.io>
2019-11-21 20:05:34 +00:00
Steve Wilkerson
74f3eb5824 Ingress: Move ingress objects back to the extensions api
This updates the ingress objects to move them back to the
extensions API.  While 1.16 moves them under the networking
api, they're still rendered and deployed as extensions/ objects.
This move prevents issues from arising where older versions of
kubernetes might still be deployed during an upgrade, as the
move to the networking API is nonfunctional at this time

Change-Id: I814bbc833b5b9f79f34aefc60b9c1f9890bca826
Signed-off-by: Steve Wilkerson <sw5822@att.com>
2019-10-28 21:31:06 +00:00
Steve Wilkerson
b50fae62a4 Update kubernetes-entrypoint image reference
This updates the kubernetes-entrypoint image reference to consume
the publicly available kubernetes-entrypoint image that is built
and maintained under the airshipit namespace, as the stackanetes
image is no longer actively maintained

Change-Id: I5bfdc156ae228ab16da57569ac6b05a9a125cb6a
Signed-off-by: Steve Wilkerson <sw5822@att.com>
2019-10-18 18:20:11 +00:00
Zuul
b661ce95df Merge "Allow multiple containers per daemonset pod" 2019-10-17 21:39:11 +00:00
Zuul
a0315caffa Merge "Update Kubernetes version to 1.16.2" 2019-10-17 16:21:23 +00:00
Gerry Kopec
5b32e6e309 Allow multiple containers per daemonset pod
Remove code that restricted daemonset pods to single containers.
Container names will default to name from helm chart template.
Required for nova cold migrations to work.

Story: 2003876
Task: 26735
Change-Id: Icce660415d43baefbbf768a785c5dedf04ea2930
Signed-off-by: Gerry Kopec <Gerry.Kopec@windriver.com>
2019-10-17 14:31:08 +00:00
Sphicas, Phil (ps3910)
ef58054dff helm-toolkit: netpol requires DNS-1123 names
Ensures that network policy names do not have underscores.

Change-Id: I09faa30b7402daa6f8ff8591d17040e2f94d1c20
2019-10-17 01:29:42 +00:00
Steve Wilkerson
c9acad238c Update Kubernetes version to 1.16.2
This updates the kubeadm and minikube Kubernetes deployments to
deploy version 1.16.2

Change-Id: I324f9665a24c9383c59376fb77cdb853facd0f18
Signed-off-by: Steve Wilkerson <sw5822@att.com>
2019-10-16 21:54:53 +00:00
Tin Lam
6e4785d189 Fix indentation
The network policy helm toolkit function currently produces an
incorrectly indented policyTypes in the network policy manifest.
This patch set redresses that and also removes some additional
blank lines in the manifest.

Change-Id: I0a4d5735a1a0ff13c317ffd95688973cc1cc3dfd
Signed-off-by: Tin Lam <tin@irrational.io>
2019-10-14 16:26:10 +00:00
Zuul
d1188dd7a7 Merge "Add strict False param for Config parser" 2019-09-27 21:52:09 +00:00
Zuul
c45b56d3ac Merge "HTK: support csv list in oslo conf rendering" 2019-09-27 20:18:37 +00:00
Andrii Ostapenko
4d591f4363 Add strict False param for Config parser
Py3 RawConfigParser does not allow options duplication.

Change-Id: I6ab4ebf7cefc7a33171b92bf784a7e5416535c7a
2019-09-27 13:19:28 -05:00
Pete Birley
2f64562bba HTK: support csv list in oslo conf rendering
Some configuration options that with older openstack releases
were multistrings have now changed to csv values under a single
key, this change makes that simple to accomodate.

Change-Id: Id941a1e56e4a852d764084c958c13588b8e3ed85
Signed-off-by: Pete Birley <pete@port.direct>
2019-09-27 14:45:42 +00:00
Sphicas, Phil (ps3910)
750394ee54 helm-toolkit fix dependency resolver
Fixes an issue where dependencies are leaking from one resource to
another by ensuring that `envAll.Values.__dep` is reset each time.

Change-Id: I34a4b2fa70d608b2c69bdf18275e439f96976229
Closes-Bug: #1845538
2019-09-26 09:59:04 -07:00
Zuul
acb6f6c628 Merge "Bring in PowerDNS chart" 2019-09-24 03:13:57 +00:00
Michael Polenchuk
f2d32c8598 Bring in PowerDNS chart
Also bring in endpoint_token_lookup function to
get service token from endpoints schema.

Change-Id: Iffa68d8b2c70799a2013b99d15c9fd55e858babb
2019-09-11 12:46:34 +04:00
Q.hongtao
c3246526f3 Fix misspell word
Change-Id: If71c4dcc49c5a7a7ac2303a9542de24d5ce50a48
2019-09-06 17:01:18 +08:00
Mykola Yakovliev
56cbacc542 Add release uuid to pods
This PS adds the ability to attach a release uuid to pods objects.

Implements: Ability to attach release_uuid to ephemeral pods
Change-Id: I0ebade75e18eced99fe16ba434558264b1793e88
2019-08-28 15:07:30 +00:00
Zuul
6639d0916b Merge "Enhance HTK Job Manifests to be more flexible" 2019-08-20 17:45:31 +00:00
Chinasubbareddy Mallavarapu
1ff4811f06 [ceph-provisioner] Enable pvc resize feature
This is to enable pvc resize feature so that pvc can be resized when need.

Change-Id: Ib5840b10087b39884cfd2249017c974aac407b30
2019-08-16 16:21:05 -05:00
Cliff Parsons
e059f4f827 Enhance HTK Job Manifests to be more flexible
This patch enhances the HTK job manifest functions so that each job can
be configured to use the desired backoffLimit and activeDeadlineSeconds,
and can mount the command/script from either a configMap or a secret
instead of being confined to using only configMaps.

Change-Id: I5231e53b98e3e55e3e93070876d8694f37ad642d
2019-08-01 09:20:12 -05:00
Ahmad Mahmoudi
db164a2925 Generate CA crt and key if needed
Generate CA cert and CA key, if they are not present in
the values.

Change-Id: I14610ab66b72ddd5e6e45f57b56968e462416234
2019-07-30 13:16:03 -05:00
Anderson, Craig (ca846m)
ab8c81f2ee Restore overrides functionality after regression
Revert 833d426da8e4b049277ca9847830f6e6beee40c3

https://review.opendev.org/#/c/667022 introduced a regression in the
overrides functionality, which caused the corresponding gate test to
fail. This "fixed" a problem by breaking the override capability.

This patchset reverts the previous to restore override functionality and
make gates green again. Deep copy is added in order to resolve the
original problem that 667022 attempted to resolve.

Change-Id: I6c052c0fabe0067612d6a3d9d3bfac4df59202d7
2019-07-24 12:18:44 +00:00
Zuul
0c3a46ae6e Merge "Helm-Toolkit: Add a function to return quoted csv sting from a list" 2019-07-18 20:15:12 +00:00
Steve Wilkerson
b7e2d6839c Helm-toolkit: Add snippet template for kubernetes probes
This adds a basic helm-toolkit snippet template for adding
kubernetes liveness and readiness probes to a container. This adds
flexibility by defining the probes contents via values overrides
wholesale

Change-Id: I0862ae59c87b8c0c4e2412030b1801bceb3e3c99
Signed-off-by: Pete Birley <pete@port.direct>
2019-07-02 11:44:11 -05:00
Jugwan Eom
833d426da8 fix host-specific overrides incorrectly overwriting previous values
root_conf area is used for host-specific configuration and overwritten in
each round of loop. It causes that all hosts will share same properties.
This makes use each host's own area in the loop.

Task: 34282
Story: 2005936

Change-Id: I0afb0b32ab80456aa3439b4221f2a95ca05ddf24
2019-06-25 02:34:02 +00:00
Hussey, Scott (sh8121)
9b00075a72 (helm-toolkit) Optionally b64 encode TLS keys
- When using the TLS certificate generation macro, optionally
  support base64 encoding values for direct inclusion in a Kubernetes
  secret. The default is to maintain current behavior for backward
  compatibility.

Change-Id: Ib62af4e5738cbc853a18e0d2a14c6103784e7370
2019-06-22 10:12:49 +00:00
Itxaka
565fb4606b htk: provide default domain env and secrets
We currently do not provide any env or secrets for the
default domain id for keystone

This makes it so we provide both like any other vars

Change-Id: I00c68026af25d8c5af37fcb3a6e1bb0e2da13e1e
2019-06-18 21:51:24 +00:00
Pete Birley
0925f50e2a RabbitMQ: Allow clients to directly connect to servers
This PS updates the rabbitmq chart, to allow clients to connect directly
to backend servers, and also introduces a htk function to produce
the appropriate transport_url used by oslo.messaging to take advantage
of this functionaility.

Change-Id: I5150a64bd29fa062e30496c1f2127de138322863
Signed-off-by: Pete Birley <pete@port.direct>
2019-06-18 15:10:26 +00:00
Georg Kunz
5596247f3f Enable hugepage support in HTK resources snippet
This patch simplifies the resource snippet in helm-toolkit to allow for
specifying hugepage limits. Specifically, this patch replaces the
individual checks for specific system resources (e.g., cpu, memory) by
just copying over the entire resource component as defined in a
values.yaml or a corresponding overwrite.

This change is a prerequisite for enable hugepage handling in other
charts such as openvswitch or postgresql.

Change-Id: I786ff6c7aa5fb6b08b54d2e21878551e5e1e3818
2019-06-05 11:37:43 +02:00
caoyuan
040edeb79a Replace git.openstack.org URLs with opendev.org URLs
Change-Id: I0e3af4a3385f5b2a7705bc19b775863b16c2e08e
2019-05-31 01:52:10 +00:00
Zuul
fd2eb31920 Merge "fix typo errors" 2019-05-27 17:05:26 +00:00
Zuul
038a6e58ae Merge "CephFs-provisioner: fix cephfs storageclass" 2019-05-23 22:02:58 +00:00
Chinasubbareddy Mallavarapu
53bdbf00ed CephFs-provisioner: fix cephfs storageclass
This is to remove invalid key "userSecretName" for
cephfs storageclass as we are having toruble to provision
a pvc with cephfs storageclass with "userSecretName" key .

Failed to provision volume with StorageClass
"cephfs": invalid option "userSecretName"

Change-Id: Ide52987c9f8ef8fc2327bf30747395e70dc05f99
2019-05-23 11:41:44 -05:00
weiyj
e99c122dfe fix typo errors
Change-Id: I4571bcce48038452d28318cb7344ac9fea778aea
2019-05-20 21:29:11 +00:00
Steve Wilkerson
38a6062b7a Fix helm-toolkit snippet for statefulset updates
This fixes the incorrect statefulset update helm-toolkit
snippet, as the previous implementation used incorrect keys
and fields for statefulset updates. See below:

https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets
https://github.com/kubernetes/kubernetes/issues/68397

Change-Id: I5044460f19f0c824b08f99a90472c2e4a0e53e52
2019-05-20 08:12:15 -05:00
Gage Hugo
4f29af3d59 Create upgrade statefulset tpl for helm-toolkit
This change creates a snippet in helm-toolkit for specifying
the maxUnavailable and maxSurge values under rollingUpdate for
statefulsets. This can be utilized then by charts that contain
statefulsets.

Change-Id: I6f48cf1d2faf78b56103525771e3d4c3ecdc6db6
2019-05-17 17:18:30 +00:00
Roy Tang (rt7380)
576a5510f9 HTK: Update kubernetes_pod_anti_affinity function
Currently the weight value is hardcoded for anti-affinity type
preferredDuringSchedulingIgnoredDuringExecution.  This ps updates
the htk function to retrieve the weight value from the configured
setting if it exists, or default to use the original hardcoded
value of 10 if it is not set (for backward compatibility).

Change-Id: I98c8b05ed7861c9c17e9c32569f53bde6ac2579d
2019-05-14 17:08:52 -05:00
Ian Howell
22dcebb93d This adds the ability to specify custom resource dependencies
Change-Id: If4166749085522ee0f10fa673d9fa36094091baa
2019-05-07 05:30:08 +00:00
Hemachandra Reddy
d052381b4e Make network policy template a little more generic
The changes made will take care of

1. block/allow all ingress
2. block/allow all egress
3. define spec->policyType based on policy type
   and/or ingress/egress rules present in values.yaml
4. supports more labels to spec->podSeclector
5. copy the rules as is defined under ingress/egress.

Change-Id: Id437ee4de8d964b48540638ab8dff3199c3cb5ff
2019-04-30 19:27:45 +00:00
Gupta, Sangeet (sg774j)
1f48c4bcbe Helm-Toolkit: Add a function to return quoted csv sting from a list
Added a utility function of return joint list with single quotes and
separated with comma.

Change-Id: I815404a30e0021b938b2857d1eaf0ea4cb8927c9
2019-04-21 03:36:54 +00:00
Pete Birley
8ebb89180f HTK: Remove helm test rally user by default following run
This PS updates the helm test script to remove the rally user by
default following a test run.

Change-Id: I5a28244f8f8bd8ef485cb45cc922601d631adff1
Depends-On: https://review.openstack.org/#/c/643206/
Signed-off-by: Pete Birley <pete@port.direct>
2019-04-21 03:09:29 +00:00
Pete Birley
2abf62ff4d OSH-Infra: Add emptydirs for tmp
This PS adds emptydirs backing the /tmp directory in pods, which
is required in most cases for full operation when using a read only
filesystem backing the container.

Additionally some yaml indent issues are resolved.

Change-Id: I8b7f1614da059783254aa6efc09facf23fca3cad
Signed-off-by: Pete Birley <pete@port.direct>
2019-04-20 20:50:59 +00:00
Anderson, Craig (ca846m)
c9396e3480 Add tiller version requirement to helm-toolkit
Change-Id: I30b54188dcfb7d007cb5812f40fd7e0d9ccc443d
2019-04-11 10:32:10 -07:00
Zuul
da8cb2ffa1 Merge "Ceph: fix overriding ceph monitor hosts value" 2019-04-08 16:38:31 +00:00
Pete Birley
9af2ef9f62 HTK: Update k8s-entrypoint container macro to add security context
This PS updates the htk k8s-entrypoint container macro to add security
context, with a set of defaults to allow operation with existing charts.

Change-Id: Ib41600e2e3c848ae0d62181ad7e01f3cf00a26a0
Signed-off-by: Pete Birley <pete@port.direct>
2019-04-08 13:03:03 +00:00