for upgrade strategy for ceph components
This PS uses HelmToolKit function to add
upgrade strategy parameters to ceph Components
Change-Id: I54e71d2a52bd639b3e93fc899c1bf2cd075b5396
This adds the affinity key to the pod spec for the grafana,
nagios, kube-state-metrics, and openstack-exporter charts as it
was previously missed
Change-Id: Ifefa88d7f33607b4d595effa5fbf72f3387e5081
Signed-off-by: Steve Wilkerson <sw5822@att.com>
- Adding helm tests for Ceph provisioner chart
- Helm test should only executed when deploying chart with
client_secrets: true.
Co-Authored-By: Chinasubbareddy Mallavarapu <cr3938@att.com>
Change-Id: I33421249246dfaf6ea4f835e76a74813dfb3b595
This updates the rabbitmq chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem to true
Change-Id: I68aa4b49bf6301e1b1004a526151fa0ab4b197b4
This is to update test pod dependency since its getting started
right after mgr service availbe and mgr pods are in init state and
waiting for rbd-pool job.
Change-Id: Iaf9af3ffcf1f4940c1b661a853df0ec4edd99d39
This adds selenium tests for the Nagios chart via a helm test
pod to help ensure the Nagios deployment is functional and
accessible
Change-Id: I44f30fbac274546abadba0290de029ed2b9d1958
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the Nagios chart to use the helm-toolkit template
renderer snippet for generating the Nagios configuration files.
This was done to make the exposure of the configuration files
simpler for those who are more familiar with traditional Nagios
configuration files, as well as allowing for values overrides for
adding custom host names or custom object definitions to nagios
objects (as Nagios doesn't easily allow for this via environment
accessible macros).
Change-Id: I84d5c83d84d6438af5f3ab57997e80e8b1fc8312
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This is to update logic for pool min_size parameter as this is
not getting changed when replication changes from intilization.
Change-Id: I30f99aaf92c3dc83afce10534b1d2ac9402b7fa7
* Update the version of nfs-provisioner to the latest image.
* Allow nfs-provisioner user to manage endpoints, this is
required because the newest version uses `leaderelection`
package from k8s, this packages leverages labels on endpoints
to track leader election information.
Change-Id: Ie2727bd6bcc26e57875bea38f0f665d4a0e85bd7
This adds selenium tests for the grafana chart to the helm test
pod to help ensure the Grafana deployment is functional and
accessible
Change-Id: Idc8d97e5111628d1ed4f25145086d54c5e0136e7
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This changes the user from root to the nobody user instead
in ceph-osd chart wherever needed
This also permits read-only filesystems to back the containers by setting
the default to true
Change-Id: Ia777bf212e0e3414909c70a4bd839e12d4919bb2
This patch simplifies the resource snippet in helm-toolkit to allow for
specifying hugepage limits. Specifically, this patch replaces the
individual checks for specific system resources (e.g., cpu, memory) by
just copying over the entire resource component as defined in a
values.yaml or a corresponding overwrite.
This change is a prerequisite for enable hugepage handling in other
charts such as openvswitch or postgresql.
Change-Id: I786ff6c7aa5fb6b08b54d2e21878551e5e1e3818
This updates the etcd chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem to true
Change-Id: I9bf05ab5c21f9afbe269e1566cfecd20b3c086c0
This updates the apparmor job to account for the splitting of the
fluent-logging chart, as it was missed during that change. Now,
the apparmor job will deploy fluentbit as well as fluentd deployed
as a daemonset running as a collecting agent
Change-Id: Iefa50f474b57a10c5e7e5a9032c7b23d26d97640
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the cluster-wait job script to include a sleep for
when no nodes of a given type are detected. This check was
previously executed only when a node count of (0 < x < expected)
was detected. This update reduces the number of queries executed
against the Elasticsearch http endpoint
Change-Id: I15cb39250a5ab9a7f6df0d62c35289a55e109dbd
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the default fluentd configuration to include
recommended settings for preventing the elasticsearch plugin from
reloading the connection after 10000 requests (default for the
ruby gem). This also updates the configuration overrides for the
fluentd-daemonset deployment to provide input parity with the
default fluentbit configuration by adding inputs for the docker
and kubelet systemd units, inputs for ceph, libvirt, kernel logs,
and auth logs on the host. Finally, this updates the fluentd
template to include environment variables for the host name and
the fluentd pod name so they can be added to logged events through
fluentd filter plugins
Change-Id: I21f7a89a325c44f8b058ff01a20191bea1a210b4
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This removes ReadonlyRootfs from
Elasticsearch data pods as this is
required in order for the data pods
to recover from outages
Change-Id: I603d3a25b6580eab20e2b20e1b1cd0cf740c7ab2
this updates the Elasticsearch cluster wait and snapshot repo jobs
to include values overrides for the job backoff limits and the
active deadline seconds field. This allows for tweaking beyond the
standard defaults for kubernetes jobs
Change-Id: I1f95a635ab4dfdb3718d5d4fa668c64a9095e899
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This moves Fluentd to use the helm-toolkit endpoint lookup for
using the fqdn for the Elasticsearch hostname instead of the
standard short host name
Change-Id: Ibe640979002331693f0a9b6155c9014572294664
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the Elasticsearch entrypoint override for the data
nodes to include a signal to kill the process after the trap to
drain each data node completes
Change-Id: Iccd4342fe16d06787cb24342d9a57e4de12e6980
This updates the Elasticsearch client and data pod dependencies
to allow for sequential bring up of the cluster components. As
we want the order to be master->client->data, we add the discovery
service endpoint as a dependency for the client pods and add both
the discovery and client service endpoints as dependencies for
the data pods
Change-Id: Iec6d6f259dc8b7b4f2309b492409cc0e5feab669
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the default fluentd image to use the fluentd image
built with the systemd input plugin from the openstack-helm-images
repository
Change-Id: I7c75cd19d62f3dbc3fa4708642119f1781e58677
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the Elastic Curator cron job to include configuration
for successful and failed job history limits, similar to the other
cron jobs we deploy. This also moves the key for configuring the
cron schedule from under .Values.conf.curator to a new top level
jobs key to maintain consistency
This also fixes an indentation issue with the deployment overrides
for Curator as well as adds the overrides for the Armada job
Change-Id: I9c720df9677215bdd2bf18be77959bd5f671c0ca
Signed-off-by: Steve Wilkerson <sw5822@att.com>
This updates the Elasticsearch chart to include a specific start
script for the Elasticsearch data nodes that includes a trap on
signals that removes a data node from allocation eligible nodes
before shutting down. This results in all shards being moved from
a node on shut down to alleviate issues with planned down nodes,
such as during upgrade scenarios
Change-Id: I22f4957f90e4113831a8ddf48691cb14f811c1e5
