This adds a basic egress policy to the charts run by the
network-policy check. A change was recently merged requiring
the eggress tag to be in the chart but did not add it, this
addresses that
Change-Id: I60669c9351db7854cba8c69723eb783a966d2a56
This updates the scripts for deploying fluentd to include
overrides for enabling prometheus monitoring. Despite not
deploying prometheus in the osh-infra-logging job, we can still
leverage the post run job to gather metrics from the exporters
service. This gives us the means for verifying the functionality
of the exporter
Change-Id: Id98474de89d86419157635007e2f114f0947498e
This updates the Curator image to use version 5.6.0, which adds
additional actions for use, such as the ability to shrink indices.
This also adds a separate configmap and config secret for Curator,
as this allows us to use separate configmap annotations on the
Elasticsearch component pods to prevent Curator config updates
from triggering recreation of Elasticsearch components. This helps
alleviate overhead associated with Elasticsearch service restarts.
Change-Id: I0aec7756b0dc09bc3981ede950dc88f821aeca4b
This adds the password for the mariadb sst user to the armada-lma
manifest, as it was previously missed
Change-Id: I8768569fff96bf15cb4b2a577a0f667972fda886
This updates the fluentd-exporter to use the bitnami image for the
chart instead of a personal image
Change-Id: I162dca4556646eb781c380acea307d2feb156d18
This updates the prometheus-process-exporter chart to include the pod
security context on the pod template. This changes the pod's
user from root to the nobody user instead
This also adds the container security context to set
allowPrivilegeEscalation to false and readOnlyRootFilesystem to true
Change-Id: I623227f9f9c878a8e7745f46f2cc77f6904005fb
Added file name, line number and function name to logging message format
for troubleshooting purpose
- This change is related to Grafana's session-db-sync job
Change-Id: Iaadbedfda0fd9cd7fe4b5c09fc05cb6181c400d1
This updates the Elasticsearch chart to allow for setting the
heap size per node type instead of for all nodes equally. This
also adds the required environment variable to configure whether
a node is an ingest node. This is set to false, as suggested for
elasticsearch versions <= 6.x
This also removes the ES_PLUGINS_INSTALL environment variable as
it is not used for anything in the current charts
Change-Id: I9096774db46dcbcd48b8a5448f0510984bf4108f
The changes made will take care of
1. block/allow all ingress
2. block/allow all egress
3. define spec->policyType based on policy type
and/or ingress/egress rules present in values.yaml
4. supports more labels to spec->podSeclector
5. copy the rules as is defined under ingress/egress.
Change-Id: Id437ee4de8d964b48540638ab8dff3199c3cb5ff
Reverting this commit to fix Multiple OSD issue.
Ceph deployment is failing when we specifying multiple osds.
Rendered file for ceph-osd charts have duplicate osd information.
Reverts this PS: https://review.opendev.org/#/c/644604/
This reverts commit 0b8784f26d4ff9d7054a30d8024cae24db93ed0d.
Change-Id: Ida018955eb558c9f890cc9e6aefba6689c992a73
This adds test specific timeout to all LMA components in
Armada. This also removes test enabled true because
Armada enables tests by default
Change-Id: I893342b36ba27cbe7d3ce8767f73795e84a11732
