THe cinder chart contains several values overrides for older
releases of openstack that are no longer supported by
openstack-helm. This change removes these overrides from the
cinder chart.
Change-Id: I9d506e2cc1eebaeb6d2eacff5bd47113d069dbb0
This changes use the helm-toolkit template for toleration
in openstack services
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Story: 2009276
Task: 43531
Depends-On: I168837f962465d1c89acc511b7bf4064ac4b546c
Change-Id: Id63d0950fd8b7ff9592cbfe196b95739dc0b1380
Glance registry was deprecated in Queens and removed in Stein.
This change removes glance-registry settings and templates
from the glance chart. Also removed the overrides from older
releases that are no longer actively supported and tested.
Change-Id: I704d844b9ab96daa73ec42e29cded31fbbe3f720
At the moment, the Cinder usage audit runs every 5 minutes which
is excessive and causes load on the system. Also, it defaults to
auditing an entire month which can take ages for large systems.
This patch makes it run sanely at the 5th minute of ever hour and
also runs the audit for the past hour only.
Change-Id: I59d1230fa4d33a2cf0364ade1a710e65ef449057
Signed-off-by: Mohammed Naser <mnaser@vexxhost.com>
After volumev1 and volumev2 were removed, openstack-helm-infra gates
started failing because they are deploying defult cinder image which
is currently stein. The python-openstackclient for stein sets volumev2
as default volume type. This was failing volume commands in cinder
bootstrap job for openstack-helm-infra gates
Change-Id: Ifcb3c813f132c9deedaba9a11f9ef721efcb92b0
This change removes the cinder v1 and v2 endpoint definitions
from the default values in the cinder chart.
Change-Id: I0ee35ad71c76df157e2c670a7899e4b6c1b91e46
As part of the move to helm v3, all the charts in the OSH repos
will no longer lint/build properly due to a lack of helm serve
in helm v3.
This change modifies the helm-toolkit repo location to the
osh-infra repo in order to account for the removal oh helm serve.
This work is part of the migration to helm v3 and will be utilized
in future changes.
Change-Id: I90d25943d69ad6c76455f7778a4894f00c525c46
If labels are not specified on a Job, kubernetes defaults them
to include the labels of their underlying Pod template. Helm 3
injects metadata into all resources [0] including a
`app.kubernetes.io/managed-by: Helm` label. Thus when kubernetes
sees a Job's labels they are no longer empty and thus do not get
defaulted to the underlying Pod template's labels. This is a
problem since Job labels are depended on by
- Armada pre-upgrade delete hooks
- Armada wait logic configurations
- kubernetes-entrypoint dependencies
Thus for each Job template this adds labels matching the
underlying Pod template to retain the same labels that were
present with Helm 2.
[0]: https://github.com/helm/helm/pull/7649
Change-Id: Ib5a7eb494fb776d74e1edc767b9522b02453b19d
This PS adds the rabbitmq secret volume + mount for the audit
usage cronjob, as it was previously missing and the job's command(s)
were failing when run.
In addition, add labels to the CronJob's metadata, so that it can
be picked up for pre-delete hooks.
Change-Id: I0a2ed0655702b4e41cc12d3908b9aed141e6f0d2
During upgrade, the Cinder pods go through the upgrade
process. Sometimes, the pods are unavailable to handle
the requests in bootstrap even the Cinder services are
up. This patchset gives the bootstrap job additional
attempt to finish the tasks
Change-Id: Ie7bd8909f1c93b76b2242748318f892a6ff9c53d
Defines compute kit and cinder jobs for new releases with
corresponding values overrides.
Disables compute agent list test for Wallaby since related API
is removed [0].
Since Wallaby with switch of osc to sdk '--id auto' is no longer
treated specially in 'openstack flavor create'. The same behavior
can be achieved w/o specifying --id flag for flavor creation [1].
Starting Wallaby 'nova-manage api_db version' returns init version
for empty database greater than 0 [2]. _db-sync.sh.tpl logic prior to
this commit does not work due to this. We need to either remove
(done in current commit) or justify and alter previous logic.
[0] https://review.opendev.org/749309
[1] https://review.opendev.org/750151
[2] https://opendev.org/openstack/nova/src/branch/stable/wallaby/nova/db/sqlalchemy/migration.py#L32
Change-Id: I361431d9aa8c1a06c5d59f479fb161ecd87e2ee2
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
Chart upgrading was failing due to some immutable fields are needed to upgrade before the jobs can be upgraded. For solving this issue, we
have added the helm.sh/hook annotations with post-install and post-upgrade values.
As for hook-weight annotations, we have added these to control the flow of the jobs with hook creation as the jobs are dependent. Like,
db-init jobs need to run before db-sync and so on.
helm3_hook values is added so that hook can be disabled from the values files.
Change-Id: Idfcc0479d152286ecd144502d80732094c9e43ea
Mount rabbitmq TLS secret to openstack services which support internal
TLS. Once internal TLS support is added to other service, the TLSed
rabbitmq support should be added.
Depends-on: https://review.opendev.org/c/openstack/openstack-helm-infra/+/795188
Change-Id: I9aa272e365f846746f2e06aa7b7010db730e17df
This is to fix the ceph version checks for enabling the applications
on newly created pools for openstack services like cinder and glance.
Change-Id: I2c007f728180cf7753255463ebf2f8dc5dc6fa5b
This change bumps each openstack chart version up to the next
greatest minor version of 0.2.0, signifying that openstack-helm
will no longer support older, EOL releases for each chart.
Change-Id: I7ce80c7bdc779c1de4472079f18102f506bfbb90
If ClusterFirstWithHostNet does not exist, it will cause the communication between services to fail.
Change-Id: Iadac1d570e0aac1aee3361792319d825bcadc83c
When using iscsi in both cinder and nova multipath tooling access is not
currently available. This commit provides the host system access to
configure and control multipath.
This commit has been tested in our own production systems however this
is my first commit into Openstack-Helm so please review carefully and
provide me guidance on what I might be able to do better.
Change-Id: I4f017f67a5d80b9c931e2ee1653062aa503a7fd9
Verification is added to Cinder volume type creation logic
under Values.bootstrap to make sure the volume_backend_name is
configured in Values.conf.backends.
Change-Id: I1b9b1eaac8df861d28d4121477de148dba6a2dbf
When using a helm3 to deploy , it fails. Helm3 no more support rbac.authorization.k8s.io/v1beta1 , but v1 can support helm2 and helm3.
Change-Id: Ie4e1c79c2b2513318d1b7d6a13712921a6c2a6cb
Bidirectional mount propagation doesn't work as expected,
HostToContainer does and is the safer option for now.
Change-Id: Ia0b0ab1a74991745cd74d3629d23f86bd8ff5296
ClusterIssuer does not belong to a single namespace (unlike Issuer)
and can be referenced by Certificate resources from multiple different
namespaces. When internal TLS is added to multiple namespaces, same
ClusterIssuer can be used instead of one Issuer per namespace.
Depends-on: https://review.opendev.org/c/openstack/openstack-helm-infra/+/766359
Change-Id: I6585d5a8c2ccb507a5c99784c0190502b55a5bcf
This patchset added the necessary hostPath, hostIpc and
hostNetwork to enable the volume backup for iSCSI based
Cinder volumes.
Change-Id: Ief3cc723650a6c42e24dfd6159c0de6f81e56fce
This PS enables iscsi actions to work correctly in cinder
volume - enabling things like conversion of glance images
to cinder volumes (required for nova-boot-from-volume)
Change-Id: I63521ff9609ad89485a843bc0fbddb00e38dccc8
Signed-off-by: Pete Birley <pete@port.direct>
Example override yaml file is added to indicate how to
override the manifest for configure an additional externally
managed Ceph Cinder backend.
In ceph.conf, either "mon_host" or "mon host" can be used for
the same parameter. In order not to force the user to use it one
way or the other, "mon_host" is removed from default setting.
Change-Id: I179567d77196ab2fb82d7a78e3a08efb966ed68c
Bring in option to be able to create and send service
tokens to prevent long-running job failures (default is OFF).
Change-Id: I5e5707001687e464386696b9c8d80ad8b2977e97
Since we introduced chart version check in gates, requirements are not
satisfied with strict check of 0.1.0
Change-Id: If537f69dec7e3360f6bffcc4424f10c248919ece
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
In this patchset, comfigmap of ceph.conf and secret of
cinder user keyring is created for externally managed ceph
Cinder backend.
Change-Id: Ie76bf207a7d42bd70a6be2648e060122f7daf5ad
Added chart lint in zuul CI to enhance the stability for charts.
Fixed some lint errors in the current charts.
Change-Id: I7e4b191fb9e355ab5d5a233e8ed121346519df62
Some OSH charts have diffferent values for logger_root
handler from upsgream repo config defaul values.
Exactly, logger_root handler values.
This leads double logging finally.
To fix this, set logger_root as null like upstream repos.
Change-Id: I20e4f48efe29ae59c56f74e0ed9a4085283de6ad
This is to add support for external ceph cluster as second backend
for cinder.
prerequisite:
- create ceph.conf for external ceph cluster as configmap
- create cinder2 user and keyring on external ceph cluster
- create keyring of user cinder2 as a secret
now point configmap and secret created as prerequisite under
values.ceph_client.external_ceph section
also we need to add second backend under values.conf.backends section
with all the details of external ceph cluster.
Change-Id: I8df9f1da7208304f479dbb70b19af97fb01cd38f
This change updates the xrally image from 1.3.0 to 2.0.0
in order to better match the current versions of openstack
we are running in the gate.
Change-Id: I3f417a20e0f6d34b9e7ed569207a3df90c6ddfd2
This updates the cinder chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem flag to true
Change-Id: Ia6e3c56087bae6f8c86db688404c6ce3a1d5d99d
