Since some patches were deleted on [1], they also need to be removed
from the series file.
[1] I6a1cb3832be8dc15930edc226e09a55f6f89951b
Test Plan:
PASS - Build openstack-helm and openstack-helm-infra debian packages
Story: 2009138
Task: 45716
Signed-off-by: Pedro Almeida <pedro.monteiroazevedodemouraalmeida@windriver.com>
Change-Id: Ie3e4f204b10025778338b622bf9165fdc5368c9f
We are removing the patches that disables the helm3-hook which are
used by osh(-i) to build an armada app as these patches are not
necessary when building the fluxcd app.
By removing the patches and changing the manifest.yaml, these hooks
will only be disabled for the armada app, and the fluxcd app can be
built as it is with [1].
There's also a small change on Patch #16 so it can be applied as it
was created on top of a change made on Patch #8 (which is being
removed).
Test Plan:
PASS - Build all the packages necessary for the openstack app
PASS - Create openstack tarball
PASS - Apply/remove/delete openstack
[1] I97402f9d4cacb2130118f49589b13b686d04e13b
Story: 2009138
Task: 45716
Signed-off-by: Pedro Almeida <pedro.monteiroazevedodemouraalmeida@windriver.com>
Change-Id: I6a1cb3832be8dc15930edc226e09a55f6f89951b
This change patches the correct apiVersion for Ingress resources created
by the openstack ingress chart to work correctly when stx-openstack is
applied on stx with kubernetes 1.22+ running.
Same applies to spec changes that need to be done according to
io.k8s.api.networking.v1.IngressBackend [1] and
rbac.authorization.k8s.io.v1 [2] documentations.
Test Plan:
PASS - Build stx-openstack armada tarball (CentOS)
PASS - Upload stx-openstack on Stx7.0/master build
PASS - Apply stx-openstck on a Stx7.0/master build
PASS - Ensure openstack ingress pod is up
NOTE:
It could be done by upversioning openstack-helm-infra and
openstack-helm to its latest commits (currently
1147988b8eba6ab7d1e7af262843f641be6657ff and
18fdc309615f335fe16ad27ab27bb91972aac75a respectively)
but this upversion has a different series of complications
that are being discussed in [3].
[1] https://kubernetes.io/docs/reference/using-api/deprecation-guide/#v1-22
[2] https://kubernetes.io/docs/reference/using-api/deprecation-guide/#rbac-resources-v122
[3] https://review.opendev.org/c/starlingx/openstack-armada-app/+/848336
Closes-Bug: 1980397
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Co-authored-by: Rafael Falcao <rafael.vieirafalcao@windriver.com>
Change-Id: I0bbecc097fdafdf5ebbc3a164b80ba903b5623f2
A new job is introduced for the purpose to cleanup
network resources before OpenStack removal.
TESTS STATUS
- After a fresh deployment of existing stx-openstack app, PASSED
check that VMs can be launched successfully
- Delete VMs and remove OpenStack, without a cleanup of PASSED
network resources. After re-deploying OpenStack, verify
that an error scenario arises where new VMs can not be
launched, with the following error message:
"nova.exception.VirtualInterfaceCreateException ...
Failed to allocate the network(s), not rescheduling".
- Load the updated charts in a fresh OpenStack re-install. PASSED
Assert that OpenStack is deployed successfully, and that
VMs can be launched successfully.
- Delete VMs and remove OpenStack, without a cleanup of PASSED
network resources. After re-deploying OpenStack, verify
that the previous error scenario does not show up and
that new VMs can be launched successfully.
- Verify that the OpenStack charts deployment-sequence PASSED
is unchanged, compared to existing codebase.
- Verify that, for all OpenStack charts, except the ones PASSED
under the compute-kit group, the removal sequence is
the reverse of deployment-sequence.
- Verify that the charts under the compute-kit group are PASSED
deployed in parallel but removed in sequence.
The removal sequence is the reverse deployment-sequence
from the OpenStack Armada App manifest.
- Verify that, within the OpenStack compute-kit group, PASSED
the Neutron chart is the first one to be removed.
Partial-Bug: 1892659
Explanatory text: this is a system improvement which aims
to prevent from similar bugs as the one above.
Signed-off-by: rferraz <RogerioOliveira.Ferraz@windriver.com>
Change-Id: I268ab75a849734874646b5f23b0bcdbe5faae1ef
All debian packages in this repo are architecture-independent (ie don't
include any arch-specific binaries). Declare them as such in debian
control files. This is inline with their centos versions.
TESTS
====================================
Rebuild packages in debian
Story: 2009897
Task: 45278
Signed-off-by: Davlet Panech <davlet.panech@windriver.com>
Change-Id: I25a41dc96565caa62767ab3c302967cec3b96fb5
The glance-api pod has a terminationGracePeriodSeconds
of 600s(10min) and the others services has 30s. This high
terminationGracePeriodSeconds may cause timeout in some
cases and there is no reason for this high
terminationGracePeriodSeconds.
The terminationGracePeriodSeconds has been introduced on
https://review.opendev.org/c/openstack/openstack-helm/+/469974
but there is no explanation why it is too high.
the Glance don't gracefully terminate due to a authenticate
with kube-apiserver with the error: "Unable to authenticate
the request" err="[invalid bearer token, Token has been invalidated]"
Looking after it I saw that it can be a timing error between the
communication of the kube-apiserver and the glance-api when is in
terminating state. Normally, the glance api terminate gracefully
before 30sec, but if the error of Unable to authenticate appear, it
kill faster to keep the things working like the other services does.
Test Plan:
PASS: Build on centOS
PASS: Build on Debian
PASS: Apply chart
Story: 2009959
Task: 44927
Signed-off-by: Arthur Luz de Avila <arthur.luzdeavila@windriver.com>
Change-Id: Id4ef301c9ee1fce9f78ee09b3ce7f896d59a5a96
On the previous work to add tolerations for the openstack-helm charts,
we missed adding those tolerations to disabled charts like the charts
for the telemetry services, ironic, gnocchi and ceph-rgw. This commit
will fix it.
This is a cherry-pick with minor removals from [1] and [2]and should
be removed from the openstack-armada-app tree on the next osh/osh-i
upversion.
NOTE: Since ironic/gnocchi/ceph-rgw charts are not proven to work with
stx-openstack, we will not validate those on the test plan.
[1] https://review.opendev.org/c/openstack/openstack-helm-infra/+/812753
[2] https://review.opendev.org/c/openstack/openstack-helm/+/812734
TEST PLAN
PASS build stx-openstack and install on SX
PASS enable telemetry charts
REGRESSION PLAN
PASS debian build
LOG: https://paste.opendev.org/show/bV3bgChLHxro3caaRC7q/
Story: 2009232
Task: 44572
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: I0b35e2cb531cf54fc5a319c35e0a058603790af1
Change Ifb7946e9a289234047934b52d200b951a59c1a3f was rebased wrong
and intends to use an old method of building openstack-armada-app
openstack-helm and openstack-helm-infrafor debian.
This patch correctly applies the new patch changes.
Test Plan:
PASS: Centos Build (build-pkgs openstack-helm-infra openstack-helm)
PASS: Debian Build (build-pkgs -p openstack-helm-infra
build-pkgs -p openstack-helm)
Closes-bug: 1960968
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: Ica08158dbba5a10ec7b6266b6808d22d53244095
Openstack-helm provides the option to terminate TLS at the services.
However, at Starlingx TLS termination is done at the reverse
proxy (ingress) and therefore is unecessary for the OpenStack itself
be HTTPS and terminate tls a second time. Furthermore, it is not
possible to have https enabled on openstack services with the
current centos based containers that we have, openstack-helm only
supports tls using debian based containers.
Manually working arroud this creates a cumbersome override file, so
to diminish this overrides this patch 0020 and 0013(osh-i) disables
https at the backend, thus maitaining the same behaviour as stx 5.0
Mariadb and RabbitMQ tls does not seem to be working very well within
Starlingx, so we also disable TLS for them. I am not confident that
current openstack-helm and openstack-helm-infra supports production level
openstack with mariadb in TLS mode. Furthermore, from the way everything
is redirected in StarlingX I do see too many performance and stability
issues using both of them with tls enabled.
Disclaimer I did not test with either only mairiadb tls or
rabbitmq activated, but with both of them on the system is not usable.
Test Plan:
PASS: Openstack is Applied. (https disabled)
PASS: enable https. Opensatck is Applied (WITHOUT service.conf
overrides)
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: Ifb7946e9a289234047934b52d200b951a59c1a3f
Partial-bug: 1960354
Related-to: https://review.opendev.org/c/starlingx/helm-charts/+/828815
vncserver_listen and vncserver_proxyclient_address were deprecated,
this change aims to replace them with the versioned name.
Test plan:
PASS: Verify that vncserver_listen was changed to server_listen inside
nova openstack manifest (system helm-override-show).
Story: 2009783
Task: 44273
Signed-off-by: Iago Estrela <IagoFilipe.EstrelaBarros@windriver.com>
Change-Id: I7bc9087bce8926595fd1f0dbc82d722fd26b45a0
Add "dl_path" to download the source tarball.
Add "src_files" to copy local files to build directory.
Copy patches to deb_folder/patches, and remove the patching commands
from rules.
Remove dl_hook.
Test Plan:
Pass: successfully build openstack-helm
Pass: No difference comparing with the result of dl_hook
Story: 2009101
Task: 43801
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Change-Id: I5686cdab4869f5627422c8e7f99a0ce1bdeac9a7
On stx-openstack, we run the nova-compute containers as user 0 (root) to
get privileged access to some of the host resources. During the latest
upversion of openstack-helm, we got in some commits that were
incompatible with our usage of the root user since the keys for ssh
access to a different compute were always placed under the 'nova' user's
folder. This commit fixes that behavior while we don't merge a
definitive fix on openstack-helm and go through a new upversion.
Test Plan:
PASS - nova-compute-ssh starting correctly after change
the sshd->ssh parameter
PASS - migrate/resize vm
Closes-Bug: #1956229
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Signed-off-by: Hugo Brito <hugo.brito@windriver.com>
Change-Id: Ic90e8e64670b8314b9a2f38b93a59361dcb7ecc9
Adds patches from openstack-helm and openstack-helm-infra that
enables openstack services, jobs, and friends (libvirt, memcached
mariadb, openvswitch, rabbitmq, ingress) to support taint toleration
Also adds tolerations for nova-api-proxy, stx-ks-user and
nova-ephemeral-pool
Taint toleration `node-role.kubernetes.io/master:NoSchedule` is also
enabled by default as seen in `manifest.yaml`
deleted:
- file: 0014-Add-tolerations-to-rabbitmq-chart.patch
reason: deprecated by 0017 (also was not working for rabbit jobs)
- file: 0015-Add-tolerations-to-mariadb-chart.patch
reason: deprecated by 0017 (also was not working for maria jobs)
Test Plan:
PASS: After controller node taint application is applied
PASS: If controller has no taint application is applied
FAIL (expected): After user override removing toleration apply fails
PASS: Other taint is added to controller and after user overrides apply
succceeds
Notes:
- Tested in AIO-SX (Both Virt. and Physical Machine)
- Tested with taint node-role.kubernetes.io/master:NoSchedule
- Tested with taint openstack-compute-node:NoSchedule
- Apply fails -> pods pending untolarated taints
Story: 2009232
Task: 43345
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I6bd0d28cdc31f07d18b3cdfda3b0282a4d3117a4
With the openstack-helm upversion, we noticed that the Panko project was
retired [1][2]. Since this chart is currently disabled by default, we
didn't notice it, but we need to take action to remove the chart
references from stx-openstack.
[1] 160529ef90
[2] http://lists.openstack.org/pipermail/openstack-discuss/2021-May/022337.html
TEST PLAN
PASS Build and install stx-openstack with the change
PASS Verified no override namespaces were generated to Panko via `system
helm-override-list` and `system helm-override-show wr-openstack
panko openstack`
FAIL (expected) Tried to enable the Panko chart using `system
helm-chart-attribute-modify --enabled true wr-openstack panko
openstack
PASS Enabled aodh, ceilometer, gnocchi and re-appplied
Story: 2009161
Task: 44072
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: I2dc99a5d86933b36cc635124aca779e3bb20a7d0
This patch introduces the hw:pci_irq_affinity_mask metadata.
The metadata hw:pci_irq_affinity_mask specifies which CPU cores are
interrupted due to PCI IRQ requests. It can be set as a compute flavor
extra spec, as well as a compute image or volume metadata.
Test Plan Status
1. New metadata is added to the supported metadata list PASSED
on compute flavor, compute image and volume metadata
2. New metadata can be set to a value PASSED
on compute flavor, compute image and/or volume metadata
3. New metadata can be changed value and/or deleted PASSED
on compute flavor, compute image and/or volume metadata
4. New metadata persists when re-applying OpenStack PASSED
Regression
1. New metadata is added to the supported metadata list PASSED
on compute flavor, compute image and volume metadata
2. New metadata can be set a value, changed valued and deleted PASSED
on compute flavor, compute image and volume metadata
Story: 2009299
Task: 43861
Signed-off-by: rferraz <RogerioOliveira.Ferraz@windriver.com>
Change-Id: I0f94e8cddcff744306a01ce275c697cb39f8c5e7
This commit is rebasing on upstream commit
7803000a545687ec40b0ddc41d46a6b377dea45f
and also remove some patches that were already
merged.
This change depends on the rebase of openstack-helm-infra made at
01f6571912
Patch 0005-Nova-Add-support-for-disabling-Readiness-Liveness-pr.patch
This patch was dropped because a feature that add this support was
implemented in 2020. It can be found on commit
af4e2aaadd
Patch 0007-Allow-more-generic-overrides-for-placeme.patch
Changes that this patch applies were already applied on commit
bdbea96326
Patch 0009-Disabling-helm3_hook.patch
Adding a helm3_hook in values.yaml file in case hooks needs
to be disabled
Patch 0011-Trust-public-ingress-certificate.patch
Removed in favor of using the openstack-helm implementation of tls
support. As we are dropping this patch we moved the changes to the
patch where the job is created. Commits can be found on
https://opendev.org/openstack/openstack-helm/commits/branch/master/search?q=feat%28tls%29
Patch 0012-Update-helm-tookit-dependencies-to-0.2.19.patch
Changes that this patch applies were already applied on commit
20b6b9a236
Due to changes implemented on 054affa290 (diff-9bd79f0fd832cb30fa4f4b6242b9059fbc0c81b30541b4243ff29cdf39bce621R63)
python-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/cinder.py
needed to be modified so the system overrides for the ceph client matches
the name of the internal ceph cluster we that StarlingX creates and the
deployment-cinder.yaml renders without issues.
We've change the endpoints on nova-api-proxy/templates/deployment.yaml
as in upstream openstack-helm deals with TLS internally, however in
starlingx there is a workaround that forces public endpoint for openstack
services. Although after some changes on openstack-helm that came with
this rebase and using cert-manager to generate all tls internal secrets
we dont need to do this anymore.
The volume mounts for dev-pts at
python-k8sapp-openstack/k8sapp_openstack/k8sapp_openstack/helm/nova.py
were removed since this problem was fixed upstream on 04d600c5b0
Story: 2009161
Task: 43150
Change-Id: Iaf7d4bf9aa80e1d5acacdfe24743d41d4e67a8c0
Signed-off-by: Arthur Luz de Avila <arthur.luzdeavila@windriver.com>
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: Iaf7d4bf9aa80e1d5acacdfe24743d41d4e67a8c0
This review updates openstack-helm-infra to commit
8351fdd0f1228717342c2accc96977b0cdc36dc3 and removes patches that were
merged on osh-i; fixes the remaining patches to the current diffs and do
minor adaptations to make osh-i work on StarlingX.
Story: 2009161
Task: 43151
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: I36159b0264a79c3727b20e6ff1b7831183e47c3a
Adding a certificate and ca_certificate using:
`certificate-install -m {openstack | openstack_ca}` ends up breaking
openstack application. OS-STX forces public endpoint and when such
endpoint has TLS enabled everything breaks, therefore based on the
implementation of tls support for openstack-helm that enables tls
for the openstack services we picked the trust cert code without
actually enabling tls backends
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Change-Id: I2dfc7c12defcc948fcdc353251301980e65f3011
Closes-Bug: 1937260
Update remaining StarlingX packages with hardcoded TIS_PATCH_VER to
use PKG_GITREVCOUNT where possible, with offsets as needed to ensure
the version is incremented above the hardcoded version.
Story: 2008455
Task: 41455
Signed-off-by: Don Penney <don.penney@windriver.com>
Change-Id: Icdc9d71d1268a4d3dd9e569c8642717bceadda5e
admin account is used before, but if admin password is changed, flock
service cannot be notified and cannot get the new password, so flock
service like nfv-vim cannot fetch openstack vm info ever.
stx_admin account is created for this case.
Depends-On: https://review.opendev.org/753971
Closes-Bug: 1887755
Change-Id: I36f2442036bf6c98fbb0af727fddf1dd50e58330
Signed-off-by: Shuicheng Lin <shuicheng.lin@intel.com>
- cinder-volumes
- cinder.backups
- images
- ephemeral
Pg_num values were increased to avoid ceph health warning
that occurs on larger systems due to the default
pg_num settings not being large enough.
Change-Id: I23feffe613c37b12dff51c73e7ced9a9c7663089
Closes-bug: 1899128
Signed-off-by: Elena Taivan <elena.taivan@windriver.com>
The requests to Openstack services hang/fail sometimes
due to message loss when connecting to internal service
endpoints. This issue was observed before and fixed in
commit https://review.opendev.org/#/c/683818/ by setting
net.ipv4.tcp_tw_reuse to 0, however, it's still being
seen on recent STX loads.
It has been tested and proved that requests go through
ingress pod do not have the issue. This commit updates
helm charts and manifest to make all requests sending
to openstack services go to ingress pod and then ingress
would forward requests to the corresponding api service.
Changes included:
- update helm-toolkit manifest job-ks-endpoint.yaml
to provide an ability to conditionally configure
all types of openstack endpoints with public endpoint
url when endpoints.identity.force_public_endpoint is
true. Same update for keystone and keystone-api-proxy.
With the update, for example, the admin,internal
and public endpoints for neutron will be
neutron.openstack.svc.cluster.local:80
- update armada manifest to make neccessary overrides
in openstack service configuration file to make
communications between services go through ingress
Change-Id: Icd646dd07d544da420a75f920bd7c3e8fc931327
Closes-Bug: 1880777
Signed-off-by: Angie Wang <angie.wang@windriver.com>
This adds support for Helm v3.
- 'helm init' and initialization is no longer required
- 'chartmuseum' is used as a drop-in replacement for 'helm serv'
- all Charts require the tag: apiVersion: v1 (or v2)
This updates ingress chart to specify apiVersion.
Change-Id: Ie41cde4ad450b63a78a0a677995e9c28eefd9798
Story: 2007000
Task: 39327
Depends-On: https://review.opendev.org/719962
Signed-off-by: Jim Gauld <james.gauld@windriver.com>
With the update of openstack clients within heat image:
openstack client >= 4.0.0
neutron client >= 6.14.0
neturon lib >= 1.29.1
The command 'openstack network show ${network} -f value -c subnets'
returns '[]' instead of null string if no subnets found in the
specific network. This commit adds a check logic to avoid subsequent
command returns error by using '[]' as subnet input.
Change-Id: I695e504518e1c884c7d66ecc94c9fa8787ce9752
Closes-Bug: 1855319
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
This update patched openstack keystone helm chart to support ingress
creation for custom admin endpoint. It will be used in DC subcloud
deployment to expose keystone admin endpoint to System Controller.
The change has been submitted to upstream openstack-helm for review:
https://review.opendev.org/#/c/697525/
Change-Id: I5792f3f9031470ab97a4dea8f47eff244160f8ee
Story: 2006588
Task: 37747
Signed-off-by: Andy Ning <andy.ning@windriver.com>
In deployment-novncproxy.yaml, it set hostNetwork = true.
We want to let it use cluster network instead of hostNetwork.
This patch will add a config item, so that we can override it
to use cluster network. Then no need to enable 6080 port in
local network firewall for novncproxy access.
Upstream patch submitted as below.
https://review.opendev.org/#/c/679891
Below test pass!
Access to VM console through horizon works!
Closes-bug: 1827246
Change-Id: Icb0cfa39839e151d5869c64bc8f0151d0d9faf49
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
When https is enabled, the cinder helm chart would fail
to apply due to a failure in cinder bootstrap script.
The cinder client which uses the public endpoint to query
the volume types cannot resolve the dns name locally.
This commit changes the cinder template bootstrap script
to use the openstack client instead of the cinder client
to list volume types.
Upstream (openstack-helm) review:
https://review.opendev.org/#/c/671024/
Partial-Bug: 1826583
Change-Id: I63bf1d557c1dd4c93a0063cc9ec1624584079917
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>
When HTTPS is enabled, the public endpoint of placement service
is set with https and fqdn. The placement helm chart would fail
to apply.
This commit is to correct the syntax of the secret tls section
in the values.yaml and secret-ingress-tls.yaml.
Upstream (openstack-helm) review:
https://review.opendev.org/#/c/662229
Partial-Bug: 1826583
Change-Id: I64e7c1ff1972b0640145d18cafe2ea4e505db465
Signed-off-by: Teresa Ho <teresa.ho@windriver.com>
This commit adds the capability for Aodh, Panko and Gnocchi
charts to support TLS on overriden fqdn for public endpoints.
Upstream(openstack-helm/openstack-helm-infra) reviews:
https://review.opendev.org/#/c/670121/https://review.opendev.org/#/c/670123/
Change-Id: I3011a9f0f07c9cf1b30694c97f3c02db6cdef56e
Partial-Bug: 1826583
Signed-off-by: Angie Wang <angie.wang@windriver.com>
Add capability for nova to send service token. Default to disabled.
Config setup is similar to keystone_authtoken.
Upstream openstack-helm review: https://review.opendev.org/#/c/667690
Story: 2003909
Task: 34311
Change-Id: I9f217a4c98298a861f2ade03a620895697e79122
Signed-off-by: Gerry Kopec <gerry.kopec@windriver.com>
Wrap code making the assumption there is only one Ceph backend
(using is_ceph_volume_configured) in a "range" and use ceph_backend_list
helper to iterate all available Ceph backends.
Move Ceph pool application name in values.yaml from
conf.software.rbd.rbd_pool_app_name* to conf.ceph.pools.*.app_name
Change-Id: Ib62407a876b8e679a15d6b9293b8e1e03e149788
Depends-On: I2d3e7d5440b55e0e9e3d053f645fc162736bbde6
Story: 2003909
Task: 30351
Signed-off-by: Daniel Badea <daniel.badea@windriver.com>
This commit adds helm charts of placement to openstack-helm
Related openstack-helm upstream change is
https://review.opendev.org/#/c/662229/
Below test pass on both AIO and multi setup
1) Openstack Application apply and reapply
2) VM creation and delete
3) Active controller switch and create vm after that
Story: 2005750
Task: 33418
Change-Id: I68ec2325af6b37393267d5898a49e75623728349
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
Pull in the two upstream changes since the last chart rebase and cherry
pick the newly proposed changes for enabling Cinder volume backups.
The following changes will be dropped on the next chart rebase:
- Adding a cinder internal tenant to support image-volume caching
- Allow configuring the RBD application name for volumes and backups
Change-Id: I2d3e7d5440b55e0e9e3d053f645fc162736bbde6
Story: 2004520
Task: 33631
Signed-off-by: Robert Church <robert.church@windriver.com>
There are exceptions in nova pods looking like
ERROR oslo_messaging.rpc.server [-] Exception during message handling: oslo_messaging.rpc.dispatcher.UnsupportedVersion: Endpoint does not support RPC version 1.0. Attempted method: pod_health_probe_method_ignore_errors
ERROR oslo_messaging.rpc.server Traceback (most recent call last):
ERROR oslo_messaging.rpc.server File "/var/lib/openstack/lib/python3.6/site-packages/oslo_messaging/rpc/server.py", line 163, in _process_incoming
ERROR oslo_messaging.rpc.server res = self.dispatcher.dispatch(message)
ERROR oslo_messaging.rpc.server File "/var/lib/openstack/lib/python3.6/site-packages/oslo_messaging/rpc/dispatcher.py", line 276, in dispatch
ERROR oslo_messaging.rpc.server raise UnsupportedVersion(version, method=method)
ERROR oslo_messaging.rpc.server oslo_messaging.rpc.dispatcher.UnsupportedVersion: Endpoint does not support RPC version 1.0. Attempted method: pod_health_probe_method_ignore_errors
Merged fix from openstack-helm community
Change-Id: Ic1ce9fb30424beb78ed604d9ae340fe838815bb5
Closes-Bug: 1829793
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
Current script does not consider centos distro as base image.
Different folder was checked to copy pxe files to tftpboot folder.
Story: 2004760
Task: 30280
Change-Id: I288d7e6bc0e3570f6a6bb7a9587e120ab4501736
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
Remove patches that were added on top of upstream to adapt helm to Ceph
Jewel.
Change-Id: I29a2154c662f1a223265e7710a5f7976bc922939
Depends-On: I4d05a05ad116e33ee7c24432219c176c8a0b8d61
Co-Authored-By: Robert Church <robert.church@windriver.com>
Signed-off-by: Daniel Badea <daniel.badea@windriver.com>
Each patch included in this commit contains a commit message that
describes the required purpose of the patch.
Change-Id: Ied38e5cbedbe06fd0b6f27612aa0bddf60064dea
Depends-On: Ic788a2c86edfbceca1f1ff18dd0344472546c81b
Story: 2004520
Task: 29966
Signed-off-by: Robert Church <robert.church@windriver.com>
Fuzzy openstack-helm patches are causing intermittent
build failures when .orig files are found by the linter.
==> Linting neutron
[ERROR] templates/daemonset-lb-agent.yaml.orig: file extension '.orig'
not valid. Valid extensions are .yaml, .yml, .tpl, or .txt
[ERROR] templates/daemonset-ovs-agent.yaml.orig: file extension '.orig'
not valid. Valid extensions are .yaml, .yml, .tpl, or .txt
BUILDSTDERR: Error: 1 chart(s) linted, 1 chart(s) failed
BUILDSTDERR: make[1]: *** [lint-neutron] Error 1
make[1]: Leaving directory `/builddir/build/BUILD/openstack-helm'
BUILDSTDERR: make: *** [neutron] Error 2
BUILDSTDERR: error: Bad exit status from /var/tmp/rpm-tmp.Sd6TYe
(%build)
BUILDSTDERR: Bad exit status from /var/tmp/rpm-tmp.Sd6TYe (%build)
RPM build errors:
This update attacks the problem in two ways.
1) Defuzz the patches
2) Add patch options to avoid creation of .orig and .rej files
in a location that will be linted.
Change-Id: Ifc42988984fab5225bc041704c5631ac6cd8043d
Signed-off-by: Scott Little <scott.little@windriver.com>
We should up the interfaces added to ovs bridges, otherwise packets can
not go through the nic interfaces.
Story: 2004649
Task: 29999
Change-Id: Ib1b8577edc7f0d15e1f20479da7740eba127935b
Signed-off-by: chengli3 <cheng1.li@intel.com>
Add new job to create the required ephemeral pool(s).
Tests performed:
- application apply
- launch of instance without ephemeral storage
- launch of instance with remote ephemeral storage
- cold migration of instance with remote ephemeral storage
Change-Id: Iac31bb5ae2dc32913addc8ab9b5182391515c0ea
Story: 2005074
Task: 29648
Signed-off-by: Irina Mihai <irina.mihai@windriver.com>
Depends-on: I9850663fc86c62ed759714f1297cfdaa8183183f
Support per-host overrides of auto_bridge_add, so we can set different
nic for ovs bridges.
This feature is already merged into openstack-helm. As we don't use
latest version of openstack-helm, so make this as a patch in
stx-upstream.
Change-Id: Ida085e8475ade6787aaaee77148d669248dd66c6
Story: 2004649
Task: 29867
Signed-off-by: chengli3 <cheng1.li@intel.com>
Upstream nova helm chart attempts to figure out the address for VM
consoles by running an init container that checks for ip routes and
addresses on a compute host. It then sets the appropriate nova config
options in a config file which it passes to nova-compute. However this
effectively overwrites the same config option that stx has already
set in nova.conf via per host overrides causing us to communicate over
the wrong network or not to connect at all.
This fix introduces an option to enable/disable passing of this
additional config file to nova-compute. Default upstream behaviour is
unchanged, but we will disable it in our overrides.
Partial-Bug: #1815490
Change-Id: I86eb80578b23fd89b7f9643b943ee759f26a15be
Signed-off-by: Gerry Kopec <gerry.kopec@windriver.com>
- pass new pool replication parameter to the storage init script
- set images pool replication in the storage init script
Change-Id: If0ecaeb12afd78caacdbb9b85cda8d6cfda00dea
Story: 2004520
Task: 29324
Depends-on: I120e196ec3acca1f57b717cc4548c7c549fac738
Signed-off-by: Irina Mihai <irina.mihai@windriver.com>
neutron-sanity-check command triggers privsep code and produces the
following:
WARNING oslo.privsep.daemon [-] privsep log:
oslo_log.log.LogConfigError: Error loading logging config
/etc/neutron/logging.conf: [Errno 2] No such file or directory:
'/etc/neutron/logging.conf'
This will add log_config_append to neutron-etc and allow ovs-agent to
successfully deploy
Change-Id: I82dd56dc686e2efbd10921b248497955c37279f1
Story: 2004751
Task: 28894
Signed-off-by: Robert Church <robert.church@windriver.com>