321 Commits

Author SHA1 Message Date
Robert Church
949dd5aa77 Enable helm/armada plugin delivery with the application
This creates a new package spec called python-k8sapp-openstack that will
hold all the stevedore plugins needed to support the application. This
spec will build two packages python-k8sapp-openstack and
python-k8sapp-openstack-wheels.

These packages are included in the build dependencies for the
stx-openstack-helm application package build where the wheels file is
included in the application tarball.

The helm and armada plugins have been relocated to this repo and
provided in a k8sapp_openstack python module. This module will be
extracted from the wheels and installed on the platform via the sysinv
application framework. The module will be made available when the
application is enabled.

Change-Id: I342308fbff23d29bfdf64a07dbded4bae01b79fd
Depends-On: https://review.opendev.org/#/c/688191/
Story: 2006537
Task: 36978
Signed-off-by: Robert Church <robert.church@windriver.com>
2020-05-27 15:05:02 -04:00
Sabeel Ansari
8d3452a5e8 Update stx-openstack TIS version
Since nginx-ingress-controller app was removed for external facing
ingress (https://review.opendev.org/#/c/724385/), updating the app
version to mark the change.

Story: 2007360
Task: 39596

Change-Id: Ied28669dd10fc19549812848f4aa28b147fb6245
Signed-off-by: Sabeel Ansari <Sabeel.Ansari@windriver.com>
2020-05-11 13:14:14 -04:00
Sabeel Ansari
8f55e919d0 Remove kube-system-ingress from manifest
nginx ingress controller is now deployed as a standalone app
(nginx-ingres-controller-armada-app). This commit removes the external
facing ingress controller in stx-openstack.

Story: 2007360
Task: 39596

Tested by checking external REST APIs are served as expected.

Change-Id: I28c56de4b2c4c31b1e0188f47973ba9851430a39
Signed-off-by: Sabeel Ansari <Sabeel.Ansari@windriver.com>
2020-04-29 12:47:00 -04:00
Zuul
9318e72740 Merge "Update mariadb chart to enable probe overrides" 2020-04-21 14:59:43 +00:00
Zuul
1f62df2bbd Merge "Fix openstack services could not bind port to ipv6 address issue" 2020-04-14 21:11:26 +00:00
Andy Ning
dedf9c952f Free dcdbsync openstack instance port for https admin endpoint
Currently dcdbsync instance for openstack is listening on port 8220.
With the admin endpoint of dcdbsync instance for platform has https
enabled and uses port 8220, the port of dcdbsync instance for
openstack is updated to use 8229.

Change-Id: I37edfe3b5813386b087f13997f4ce312a4766f70
Story: 2007347
Task: 39408
Depends-On: https://review.opendev.org/#/c/720009/
Signed-off-by: Andy Ning <andy.ning@windriver.com>
2020-04-14 11:33:30 -04:00
Zhipeng Liu
b07282ff55 Fix openstack services could not bind port to ipv6 address issue
Need to set bind_host to :: instead of "0.0.0.0" and host listen
ip to ::
Otherwise it will only bind to port to ipv4 address.

Partial-Bug: 1859641

Test pass on both ipv4 and ipv6 simplex setup

Depends-on: https://review.opendev.org/714898
Change-Id: I51bd1a65d7728c74f6c69b87e57e3fc42e8adc15
Signed-off-by: Zhipeng Liu <zhipengs.liu@intel.com>
2020-04-01 08:19:43 +00:00
Hu, Yong
6538342c26 Update mariadb chart to enable probe overrides
Adding probes parameters for armada overriding them in duplex AIO and
multi-node deployment. Specifically, there are 2 mariadb-servers in
the DB cluster for OpenStack services at duplex or multi-node cases.
These 2 mariadb-server pods are placed on Controller-0 and Controller-1
respectively (manipulated by anti-affinity). Whenever one Controller is
rebooted on purpose or even worse accidiently shutdown for any reasons
mariadb-server pod on that controller is gone together. To keep mariadb
cluster still working even with only one instance, we have to adjust
the default probe behaviors. Upon this request, we have to export probe
parameters for "startupProbe" and "readinessProbe" so that StarlingX
Armada application could set these parameters accordingly and thereby
mariadb server can still work as expected with even only one pod in the
cases of Controller node rebooting or shutdown.

Closes-bug: 1855474

Change-Id: I3a8a99edd44d7ac4257ddf79b6baba5c52714324
Signed-off-by: Hu, Yong <yong.hu@intel.com>
Co-Authored-By: Zhipeng, Liu <zhipengs.liu@intel.com>
2020-03-27 06:04:31 +08:00
Zhipeng Liu
530933f9c2 Fix rabbitmq could not bind port to ipv6 address issue
When we use Armada to deploy openstack service for ipv6, rabbitmq
pod could not start listen on [::]:5672 and [::]:15672.
For ipv6, we need an override for configuration file.

Upstream patch link is:
https://review.opendev.org/#/c/714027/

Partial-Bug: 1859641

Depends-on: https://review.opendev.org/#/c/714034/
Change-Id: I34e92afe291c4b7f31f53f1b974ad5fdc47b9560
Signed-off-by: Zhipeng Liu <zhipengs.liu@intel.com>
2020-03-23 15:05:49 +00:00
Zhipeng Liu
4aeacc3e17 Fix ipv6 address issue causing mariadb ingress not ready
In nginx.tmpl, it not enclose ipv6 addresses in square brackets
resulting in them being unable to be parsed, which cause mariadb
ingress pod could not be ready.

Tested it on both ipv4 and ipv6 simplex setup, it fixes mariadb
ingress not ready issue.

Upstream patch submitted as below
https://review.opendev.org/#/c/710413/

Partial-Bug: 1859641

Change-Id: Ic7726eea671bbedf4f37fbe31965bc8fffd2e8cd
Signed-off-by: Zhipeng Liu <zhipengs.liu@intel.com>
2020-03-08 11:39:40 +00:00
Zuul
80c05681f3 Merge "Set nova config max_concurrent_disk_ops" 2020-02-11 15:14:06 +00:00
Bin Qian
6f2137f7ca Adding job to upload commits to GitHub
Add job to publish openstack-armada-app repo to GitHub

Change-Id: Ic127f9d1cb4fdab724cfb8c06b62dba0a02df6a7
Story: 2007252
Task: 38690
Signed-off-by: Bin Qian <bin.qian@windriver.com>
2020-02-06 13:12:22 -05:00
Mingyuan Qi
a4503a28ac Check return value of get subnets before iterate for ironic
With the update of openstack clients within heat image:
openstack client >= 4.0.0
neutron client >= 6.14.0
neturon lib >= 1.29.1

The command 'openstack network show ${network} -f value -c subnets'
returns '[]' instead of null string if no subnets found in the
specific network. This commit adds a check logic to avoid subsequent
command returns error by using '[]' as subnet input.

Change-Id: I695e504518e1c884c7d66ecc94c9fa8787ce9752
Closes-Bug: 1855319
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
2020-02-03 07:56:40 +00:00
zhipengl
1a9290dde1 Set nova config max_concurrent_disk_ops
Current config "concurrent_disk_operations" is not used anymore.
Change it to "max_concurrent_disk_ops" as related patch already
merged since stein.
https://review.opendev.org/#/c/609180/

Closes-Bug: #1835559

Change-Id: I98ce7cee6ef133dbbe70f7af89494ee6e6c021f9
Signed-off-by: Zhipeng Liu <zhipengs.liu@intel.com>
2020-01-15 02:32:54 +00:00
Zuul
fa5016a243 Merge "Add 'PATCH' to request method in order to enable 'PATCH' method in Horizon" 2020-01-14 15:33:55 +00:00
Scott Little
d5c89d9ce2 Modify centos_tarball-dl.lst to be consistent with a recent rebase of
openstack-helm and openstack-helm-infra tarball.

Story: 2006166
Task: 37553

Change-Id: I155a61b12c114eb20a775c207fa8fef7e3f3bc49
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-12-31 15:10:32 -05:00
Zuul
9725355629 Merge "Create admin instead of internal endpoint for dcdbsync" 2019-12-19 21:50:58 +00:00
Andy Ning
8f9c724ec8 Create admin instead of internal endpoint for dcdbsync
This update changed dcdbsync endpoint to be created in subcloud
from internal to admin. The admin endpoint will be used by dcorch to
access dcdbsync service in subcloud.

The reason why admin endpoint is used for dcorch access is, public
endpoint is intended for end users and its domain name can be
overrided by "system service-parameter-add openstack helm
endpoint_domain=<public domain>", internal endpoint is used by services
running within the subcloud cluster with listening port on 5000, which
is not accessible from outside the subcloud cluster even its fqdn is
overriden. admin endpoint is a good fit for DC orchestration and
adminstration.

Change-Id: I70784385e6e4572cccc10ef18bdf103def4ca570
Story: 2006588
Task: 37792
Signed-off-by: Andy Ning <andy.ning@windriver.com>
2019-12-19 16:14:19 -05:00
Zuul
3c0120006b Merge "Support ingress creation for keystone admin endpoint" 2019-12-19 21:13:49 +00:00
Andy Ning
b7d7c7d63a Support ingress creation for keystone admin endpoint
This update patched openstack keystone helm chart to support ingress
creation for custom admin endpoint. It will be used in DC subcloud
deployment to expose keystone admin endpoint to System Controller.

The change has been submitted to upstream openstack-helm for review:
https://review.opendev.org/#/c/697525/

Change-Id: I5792f3f9031470ab97a4dea8f47eff244160f8ee
Story: 2006588
Task: 37747
Signed-off-by: Andy Ning <andy.ning@windriver.com>
2019-12-17 13:16:56 -05:00
zhipengl
6af1446084 Add 'PATCH' to request method in order to enable 'PATCH' method in Horizon
Closes-Bug: #1821213

Change-Id: Ic3d365e7bf9f725e4b39f3fa2df73a2c37bdd19b
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2019-11-27 01:45:38 +08:00
zhipengl
8a98e4888d Fix the issue of neutron router external gateways unreachable
The configuration item "conf.neutron.DEFAULT.lock_path" is not
used anymore, we need to override
"conf.neutron.oslo_concurrency.lock_path" to
/var/run/neutron/lock

Verified that in neutron-l3-agent-controller-0
and nova-compute-controller-0, not see lots of errors anymore.
Router update finished in neutron.agent.l3.agent

closes-Bug: #1841660

Change-Id: I9c62872d86ba8f92cb8380181bf91389767cba09
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
v3.0.0.rc0
2019-11-21 19:18:57 +08:00
Zuul
0adc5b67eb Merge "Upgrade openstack-helm" 2019-11-12 17:29:41 +00:00
Zuul
0188ea27c7 Merge "Upgrade openstack-helm-infra" 2019-11-12 17:29:37 +00:00
Zuul
80ab4d348b Merge "Update manifest.yaml file for openstack-helm upgrade." 2019-11-12 16:43:02 +00:00
zhipengl
64eab01514 Upgrade openstack-helm
Upgrade openstack-helm to below version.
commit 82c72367c85ca94270f702661c7b984899c1ae38
Date:   Sat Sep 14 06:40:03 2019 +0000
    Merge "Add a config item for novncproxy"

Basic deployment test on AIO/Duplex/Multi virtual setup pass
and VM creation pass.

Story:2006544
Task: 36623

Depends-on: https://review.opendev.org/#/c/683910
Change-Id: I691a9feef856d83d82709a428afabd01abdef2ea
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2019-11-12 19:03:16 +08:00
zhipengl
982deda6e7 Update manifest.yaml file for openstack-helm upgrade.
Due to upgrade of openstack-helm, we need to update related
manifest items whose structure changed.

Basic deployment test on AIO/Duplex/Multi virtual setup pass
and VM creation pass.

Story: 2006544
Task: 36623

Depends-on:https://review.opendev.org/#/c/683886/
Change-Id: I62cc2a723ff1c6ef68b2d27f2b538254825d3835
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2019-10-31 03:15:08 +00:00
Zuul
5eb6099e66 Merge "Build layering, add layer build config file and tarball lst" 2019-10-29 19:07:44 +00:00
Zuul
a1fdee220c Merge "keystone-api-proxy for containerized openstack services - helm" 2019-10-17 15:08:42 +00:00
Scott Little
5b0ea74f3d Build layering, add layer build config file and tarball lst
Story: 2006166
Task: 37105

Change-Id: I73b209f0e6db855314cfb3d5d16138c29ea1264e
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-10-15 15:12:28 +08:00
zhipengl
7d9ce6ed97 Upgrade openstack-helm-infra
Upgrade openstack-helm-infra to below version.
commit c9d6676bf9a5aceb311dc31dadd07cba6a3d6392
Date:   Mon Sep 16 17:15:12 2019 +0000
    Merge "Grafana: Updated the Ceph-Cluster variable sorting"

Basic deployment test on AIO pass and VM creation pass.

Story:2006544
Task: 36623

Depends-on: https://review.opendev.org/#/c/687197
Change-Id: Icd7f99400f8dca734f20f1f5cf95524429fd0838
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2019-10-08 01:57:20 +00:00
Andy Ning
7fa666f631 dcdbsync for containerized openstack services - helm
This update contains changes to deploy and config the dcdbsync instance
for containerized openstack services, including:

- Added helm charts to create dcdbsync identities in containerized
  keystone, including user, endpoint, project-role assignment etc.

The overall procedure is, during stx-openstack app application,
dcdbsync identities will be created in containerized keystone. After
stx-openstack is successfully applied the dcdbsync runtime puppet is
called to generate the configuration file for openstack dcdbsync
instance with some information retrieved from helm (particularly
keystone passwords). Finally sm runtime is called to bring up the
dcdbsync service into running. When stx-openstack app is removed,
openstack dcdbsync instance will be cleanup with configuration file
removed and service deprovisioned and stopped.

Change-Id: If4bf60753593e286c3dbe2c2f97c40f6ccbbb5b1
Story: 2004766
Task: 36104
Signed-off-by: Andy Ning <andy.ning@windriver.com>
2019-10-07 16:40:36 -04:00
Andy Ning
0d3dce4a7a keystone-api-proxy for containerized openstack services - helm
This update added "identity_openstack" as sync_endpoint into
containerized keystone-api-proxy configuration file. The sync_endpoint
will be used as endpoint type to enqueue job for dcorch.

Change-Id: Iebe9a209f6f8bc63871aa024f7014638e5deeb05
Story: 2004766
Task: 36155
Depends-On: https://review.opendev.org/#/c/674927/
Signed-off-by: Andy Ning <andy.ning@windriver.com>
2019-09-26 14:42:14 -04:00
Zuul
1af002e22e Merge "Add a network config item for novncproxy" 2019-09-24 03:24:37 +00:00
Zuul
1cd4d7ecce Merge "Add fm-rest-api chart to armada system" 2019-09-23 19:20:59 +00:00
SidneyAn
f46fac5932 Add fm-rest-api chart to armada system
This change allows to deploy the fm-rest-api helm
chart with armada system.

Change-Id: I382c896f4e211b5344ef694a014438beab7cf4ed
Story: 2004008
Task: 36502
Depends-On: https://review.opendev.org/642925/
2019-09-23 01:39:10 +00:00
Al Bailey
149dcb306d Cleanup unused docker image references
The helm charts contain references to images for all
configurations, however some of those configurations
are not being enabled, and so the docker images are never
used.

This change prevents armada from downloading docker images
that are not being used by the armada manifest.

It requires an enhancement in sysinv to handle the null
reference.

The following images are unused and have been replaced
in the manifest with null (or the appropriate reference)

 - kolla/ubuntu-source-nova-novncproxy: referenced by
novnc_assets and must point to the nova image.

 - xrally/xrally-openstack: used when "test" is enabled,
referenced by cinder, ceilometer, glance, heat, keystone,
nova, neutron, panko.

 - openstackhelm/ceph-daemon: referenced by ceph_rgw.

 - openstackhelm/neutron: referenced by openstack-ingress.

 - osixia/keepalived: referenced by openstack-ingress.

 - prom/memcached-exporter: referenced by openstack-memcached.

 - docker: referenced by image_repo_sync image tags in almost
every chart.

 - kbudde/rabbitmq-exporter: referenced by openstack-rabbitmq.

 - prom/mysqld-exporter: referenced by openstack-mariadb

Change-Id: Ide26ddaf3537b8b9595104a683339554aea71b48
Closes-Bug: 1841611
Depends-On: https://review.opendev.org/#/c/680067/
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-09-20 14:14:46 -05:00
zhipengl
2e63d41e5c Add a network config item for novncproxy
In deployment-novncproxy.yaml, it set hostNetwork = true.
We want to let it use cluster network instead of hostNetwork.
This patch will add a config item, so that we can override it
to use cluster network. Then no need to enable 6080 port in
local network firewall for novncproxy access.

Upstream patch submitted as below.
https://review.opendev.org/#/c/679891

Below test pass!
Access to VM console through horizon works!

Closes-bug: 1827246

Change-Id: Icb0cfa39839e151d5869c64bc8f0151d0d9faf49
Signed-off-by: zhipengl <zhipengs.liu@intel.com>
2019-09-16 03:33:20 +00:00
Zuul
379bcc5ad3 Merge "Add a .gitreview file to the new repo" 2019-09-09 17:57:14 +00:00
Al Bailey
1c6c8e30c5 Attempting to add zuul jobs to new repo
This job adds a single linters tox target.

The linters target is an aggregation of linters for
this repo.
At present the only linter being invoked is bashate.

Other linters such as yamllint can be added to this
repo by later commits.

Change-Id: Ife7acf5fbbbfcd69a1d7b393ddf7b650e985af2c
Story: 2006166
Task: 36535
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-09-09 12:25:17 -05:00
Al Bailey
f865963ce4 Add a .gitreview file to the new repo
This file is needed in order for people cloning the repo
to be able to initialize it for gerrit by the
"git review -s" command

Change-Id: I468a5d3fced8fc84c3d189224e88518ed60f0e04
Story: 2006166
Task: 36512
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-09-09 08:42:46 -05:00
Scott Little
90fe24f991 Repair build process for package stx-openstack-helm.
Relocation of helm charts required some modifications to
the spec and relocation of the makefile..

Story: 2006166
Task: 35687
Depends-On: I5c34bf66a3631e86e22684412e01c02980e9ae30
Change-Id: If27d138708c580df168797a3878e349fde2c6d19
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-09-04 10:56:22 -04:00
Scott Little
b1ce137f2b Subdirectories 'stx-openstack-helm/stx-openstack-helm/fm-rest-api ' relocated to repo 'helm-charts'
Story: 2006166
Task: 35687
Depends-On: I34e133c6559c2d3d22767202279ffe31896e9c49
Change-Id: I5c34bf66a3631e86e22684412e01c02980e9ae30
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-09-04 10:55:09 -04:00
Scott Little
edbed496e7 Config file changes to add 'stx-openstack-helm helm-charts/garbd helm-charts/nginx-ports-control ' after relocation from 'stx-config'
Story: 2006166
Task: 35687
Change-Id: I34e133c6559c2d3d22767202279ffe31896e9c49
Signed-off-by: Scott Little <scott.little@windriver.com>
Depends-On: I4da1047b8d87ff005464beb0d434a94f57bf3673
2019-09-04 10:55:02 -04:00
Scott Little
c4007abc78 Config file changes to add 'openstack-helm openstack-helm-infra ' after relocation from 'stx-upstream'
Story: 2006166
Task: 35687
Change-Id: Ic6630692d826e78f9a07c2dcfa4e7e7fa595214a
Signed-off-by: Scott Little <scott.little@windriver.com>
Depends-On: Id9e1fb51f303925b09fe006c76dc413d278d5776
2019-09-04 10:54:33 -04:00
Scott Little
c2182633ab Merge select content originating from repo 'stx-upstream'
Change-Id: Id9e1fb51f303925b09fe006c76dc413d278d5776
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-09-04 10:10:56 -04:00
Zuul
fad9e95f71 Merge "Update kubernetes config for 1.15 features."
Change-Id: I4da1047b8d87ff005464beb0d434a94f57bf3673
Signed-off-by: Scott Little <scott.little@windriver.com>
2019-09-04 10:10:56 -04:00
Al Bailey
83e01ecc8c Update kubernetes config for 1.15 features.
Upgrading from kubernetes 1.13.5 to 1.15.0 meant the config
needed to be updated to handle whatever was deprecated or dropped
in 1.14 and 1.15.

1) Removed "ConfigMapAndSecretChangeDetectionStrategy = Watch"
reported by https://github.com/kubernetes/kubernetes/issues/74412
because this was a golang deficiency, and is fixed by the newer
version of golang.

2) Enforced the kubernetes 1.15.3 version

3) Updated v1alpha3 to v1beta2, since alpha3 was dropped in 1.14
changed fields for beta1 and beta2 are mentioned in these docs:
https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta1
https://godoc.org/k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm/v1beta2

4) cgroup validation checking now includes the pids subfolder.

5) Update ceph-config-helper to v1.15 kubernetes compatable
This means that the stx-openstack version check needed to be increased

Change-Id: Ibe3d5960c5dee1d217d01fbb56c785581dd1b42c
Story: 2005860
Task: 35841
Depends-On: https://review.opendev.org/#/c/671150
Signed-off-by: Al Bailey <Al.Bailey@windriver.com>
2019-08-21 10:30:56 -05:00
Zuul
bf3dc2876f Merge "Increase rabbitmq pod probe period from 10 to 30s" 2019-08-21 14:04:26 +00:00
Gerry Kopec
b1234fb0a8 Update rabbitmq chart to enable probe overrides
Add variables for initial delay, period and timeout for rabbitmq
liveness and readiness probes.  Default to current upstream settings.

Do not recommend this for upstreaming to openstack-helm-infra as
enhancements have been added since the last starlingx rebase to enable
more generic override of probes.  On next rebase of starlingx on
openstack-helm-infra, recommend refactoring this change based on these
upstream commits (assuming upstream hasn't done it already):
https://review.opendev.org/#/c/668710/
https://review.opendev.org/#/c/631597/

Partial-Bug: 1837426
Change-Id: I0a8d8f466c4b8482cc9161d28de37bff6fc7ced3
Signed-off-by: Gerry Kopec <gerry.kopec@windriver.com>
2019-08-21 13:43:58 +00:00