This is to resolve ds name changes during the site update which triggers
all osds to start at a time and deletes old ds which is causing some timesouts
on clients.
Change-Id: If004e8e46ea34d90d7e05dc41e873c7a64ec046f
This updates the dependencies for the Elasticsearch chart to be
more cautious before proceeding. For example, this updates the
dependencies for the register snapshot job to wait until all
ES components have registered endpoints, and also updates the helm
test pod to wait for all components to have registered endpoints
and the snapshot job to have completed
Change-Id: Ie4e92bba4ae33b33cadb921bdda91ceb813e29e1
Now that we explicity declare there is no need to define the default
username and password.
Change-Id: I95e41c411c2a86ae527283d5dc13b8a1f65b513a
Signed-off-by: Pete Birley <pete@port.direct>
securityContext with allowPrivilegeEscalation: false is implemented at
container level and leveraged the helm-toolkit snippet
Change-Id: Iddb18c87993fd3dc005c55f5678829c2a19718db
This adds the release-annotation to the pod spec for the charts in
openstack-helm-infra. This also adds missing configmap annotations
to charts in openstack-helm-infra
Change-Id: Ie23f0c16a7a21d3929e98928db2bbcef69ae6490
This moves both minikube and kubeadm deployments back to using
the ceph mimic repositories instead of ceph luminous repositories
Change-Id: I1b6b6af6ecb82e7c690a735286198bc7d0ab7c8d
This adds a deployment step for postgresql to the single node
monitoring job to validate the exporter works as intended
Change-Id: I2680b3e40ca4466e27daf6145cef064c312a7b57
This removes the insertion of test dummy data and the following
query for it from the Elasticsearch helm tests. Upon upgrades,
it's possible for Elasticsearch to refuse the direct insertion of
data due to shard reallocation and due to full bulk endpoint
queues. These refusals should not be seen as test failures
Change-Id: Id53d53a7aa2b58e64932d50ca3e7a4fb1141bb3a
This PS adds the ability to change the admin user credentials
and erlang session cookie. To do so requires `--recreate-pods` to
be passed to helm on a release upgrade.
Change-Id: Ib04ad43a7c303a8ddc31fd0de288a2f7f3294a12
Signed-off-by: Pete Birley <pete@port.direct>
This adds the container security context to set
readOnlyRootFilesystem to true and allowPrivilegeEscalation to false
Change-Id: I7b2f78b51b6ff219c371893f975a30fd89f1719b
This PS improves the robustnes of the RabbitMQ clustering logic
to support reforming the cluster following recreation of all pods,
and wait for the cluster to fully form before continuing in case
of an upgrade.
This ability was lost with the introduction of the following PS,
which prevented reformation of the cluster from scratch.
* https://review.openstack.org/#/c/637337/
Change-Id: I99d32fbd3c56dde492717a7850b61001fa8f7fb5
Signed-off-by: Pete Birley <pete@port.direct>
This updates the kubernetes version used when deploying via
kubeadm and minikube to v1.13.4
This required updating the apiVersion in the kubeadm configuration
file template, as well as removing the --cadvisor-port flag from
the kubelet args, as this has been removed entirely
Change-Id: I3088b65ece0a5c9c5ef2669247ac293d6a6f66ed
- Move the cronjob from ceph-mon to ceph-client
- Adding ceph-rbd-pool job as dependencies for cronjob
- checkPGs manifest set to true so it will always run
in gate.
Co-Authored-By: Chinasubbareddy Mallavarapu <cr3938@att.com>,
Renis Makadia <renis.makadia@att.com>
Change-Id: I9855d8d22265e78c7e2f5fa7ece69c9ff532ecb2
This PS adds a test to ensure the correct number of members in a
cluster.
Change-Id: I52d0fcc473322fb9a754e95a2977a5c2cfad6b45
Signed-off-by: Pete Birley <pete@port.direct>
This updates the Redis helm test to use the redislabs/redis-py
image instead of the base ubuntu image, which allows for cleaning
up of the helm test entrypoint script. This was done to address
routine failures in the multinode periodic jobs, eg:
http://zuul.openstack.org/build/49a9627901514eeda40906c146b9a551
Change-Id: Ida0fd39d2c6d3908aca4cdb42d3a271c39ecc601
securityContext with readOnlyRootFilesystem is implemented at container
level and leveraged the helm-toolkit snippet
Change-Id: I98ca4211e0e236beb3dfe0e11cf5bb10a91b16a6
securityContext with readOnlyRootFilesystem is implemented at container
level and leveraged the helm-toolkit snippet
Change-Id: I8b16e9c17154a2bac162f31939b510fcd773126b
This moves the pod security policy job to a nonvoting check and
removes it as a gating job. This was overlooked previously. Once
the job has been vetted, we can revisit potentially making it a
voting and gating job
This had been done previously, but was overlooked in a change that
reintroduced the podsecuritypolicy job as a voting check and gate
Change-Id: I604efb9c608da69a04eaf87a54899cea34d7cd59
Added backoffLimit to exporter-create-sql-user job so that it
keeps retrying to restart the pod incase of an error. Also added
activeDeadlineSeconds for the pod created by this job to terminate
if it does not become ready in one hour.
Change-Id: Ib6214a887f959fed84108884c8d286624d2f164f
Provide support to add annotations to the podsecuritypolicy. This will
allow to add annotations related to seccomp and apparmor in psp.
Change-Id: I78718ae1f60e8ebee8ac8ba86145bb9ae26491d5
