Commit Graph

573 Commits

Author SHA1 Message Date
Sergiy Markin 6b317dda05 Airflow stable 2.8.2
This PS bumps up Airflow version to the latest
2.8.2 and also bumps up openstack dependences to
Antelope 2023.1

Change-Id: I61b5b39079f9c3360f5dfaafb1f961b629795c1c
2024-02-26 20:59:52 +00:00
Sergiy Markin 1e180a3f51 Airflow stable 2.8.1
Change-Id: I7667fc5cfc5e02c360d0e964de75cf5d5e6fe825
2024-02-21 22:23:55 +00:00
Ruslan Aliev 47ced6d7de Allow creation of network bonding with a single interface
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: I7a5f51541051abbeada3bea1608394bb4e374115
2024-02-16 13:44:43 -06:00
Ritchie, Frank (fr801x) aa1ebf9207 Update helm toolkit reference
Update helm toolkit reference

Update helm toolkit ref so that ingress will be created with a pathType
of Prefix.

https: //review.opendev.org/c/openstack/openstack-helm-infra/+/905757
Change-Id: I07dde50ba811aaf040a45b6e30ec53352e25fe55
2024-01-23 17:30:55 -05:00
Anselme, Schubert (sa246v) e57f77613b Deprecating the Ingress Class Annotation
Upgrading htk to version 0.2.55, which deprecates the ingress class
annotation (kubernetes.io/ingress.class) with .spec.ingressClassName

https://review.opendev.org/c/openstack/openstack-helm-infra/+/891720

Change-Id: Ib4fb99c475ce8bb5d2225f9ba84086e919029785
Signed-off-by: Anselme, Schubert (sa246v) <sa246v@att.com>
2023-10-05 22:27:56 +00:00
Sergiy Markin f99abfa433 Airflow stable 2.6.2
This PS updates python modules and code to match Airflow 2.6.2:

- bionic py36 gates  were removed
- python code corrected to match new modules versions
- selection of python modules versions was perfrmed based on
  airflow-2.6.2 constraints
- postgresql image updated to 14.8

Change-Id: Ibdcc75e600166c20b842508aa5539587cca466f0
2023-08-29 00:50:54 +00:00
Sergiy Markin 25456d677b Drydock updates
This PS makes the following changes:

- increases timeout for docker images build jobs
- adds available security updates to docker images

Change-Id: Ib10309bab017e864d14cad2dec816645220fba06
2023-08-24 01:45:45 +00:00
SPEARS, DUSTIN (ds443n) 613dd89fb0 Add ttlSecondsAfterFinished field to cronjob
Adding ttlSecondsAfterFinished option to the chart for db
clean up cronjob
Add history limit options
Add concurrency policy to forbid

Change-Id: I431a9a3692fee36f77c6037031965e58c2c343c0
2023-06-27 16:20:22 -04:00
Sergiy Markin 6609d561e1 Fix go binary path
This PS fixed Go binary path in some bionic image docker build process.

Change-Id: I9975b4898b7cd312672bbad92765bc2ab5ed3089
2023-05-31 14:33:28 +00:00
Sergiy Markin 73d22a488f Restored ubuntu_bionic image build
This PS restores image build for ubuntu_bionic and adds appropriate
gates to keep it tested by appropriate functional and integrational
tests.

Change-Id: I695fb42efff29aeda737f2b9c1eaeb84b95aa57c
2023-05-24 18:37:21 +00:00
Sergiy Markin 375abedb8a Drydock updates
This PS delivers the following updates:
- fixed sample config and policy files generation
- rolled back chart version incremention

Change-Id: I0a7145afd8c81e2bbf36d9437d4eff3c0354667a
2023-04-28 18:39:25 +00:00
Sergiy Markin d00eaf0303 Drydock focal related upgrades
This PS implements the following changes:
- switches freeze approach to requirements-direct.txt and
  requirements-frozen.txt files
- adjusts code tabulation style according to  yapf recommendations
- replaces deprecated usage of responce.body attribute with
  responce.text
- fixes integration tests in controlled by Makefile + tox
- uplifts Helm to v3.9.4

Change-Id: I751db72eb8f670825382f11a36657112faeb169a
2023-04-26 22:32:49 +00:00
Sergiy Markin 415a8b52c5 [focal] Python modules sync with Airship project
- uplifted some python modules
- fixed tox4 requirements
- added focal build node as a default one
- added bindep.txt and bindep role to playbooks and docker image build process
- changes Makefile to reflect GoLang and dependency management changes
- upgraded Helm to v3 for chart build process
- uplifted postgresql version to 14.6
- fixed deprecated falcon.API - replaced with falcon.APP
- fixed upstream docker image publishing process

Change-Id: I307d72bb7680f6f5c71e42ad30666cf786420460
2023-04-08 08:20:22 +00:00
Ruslan Aliev 98f3d886d8 Add retries to set/get boot device actions
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: I3c1f12fdad2bbd13503c85ae3ea54bc281f40207
2023-03-21 00:04:22 -05:00
Ruslan Aliev 389db640e4 Change MAAS api endpoints according to v3.0.0
Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
Change-Id: I9daa8b5b8d76f2da939ce0dffdb3471ba7cd8947
2023-03-10 01:44:09 -06:00
Markin, Sergiy (sm515x) b431f7a2cf [NIC Card Auto-Detect] NIC Card Auto-Detect
This patch is an addition to this patchset:

https://review.opendev.org/c/airship/drydock/+/850579

It adds more debug messages.

Change-Id: I01061934f5584276e461ef7a7f4c7a87c30755af
2022-08-02 14:54:27 +00:00
Markin, Sergiy (sm515x) afdfa33099 [NIC Card Auto-Detect] NIC Card Auto-Detect
This patch adds an ability to match several NIC addresses by one
hardware profile by using regex as the address. The regex expression has
to have regex: prefix in order to be recognized.

Change-Id: I0bb067fb1783725e4ac485683eb898d5fc2d7bf2
2022-07-20 20:09:43 +00:00
SPEARS, DUSTIN (ds443n) a171f3c7a5 Add postgresql retention cronjob
Adding cronjob to purge the drydock DB based on retention day value. Additionally adding drydock API endpoint for purging the tasks and result_message tables and running vacuum full on drydock DB.

Change-Id: Ibcce61ecdafa637ca3ffec654152060aae26d4b8
2022-05-18 10:55:26 -04:00
Phil Sphicas e3f984d92b Fix schema typo
Spelling correction in the BaremetalNode and HostProfile schemas.

Change-Id: I83ec294dec63a520dba892ed4dee5afa69134012
2021-11-10 08:54:19 -08:00
Phil Sphicas 1dee9c7d77 Update HTK stable commit (Ingress)
Update helm-toolkit to include updated Ingress templates that use
current API versions (i.e. networking.k8s.io/v1)

https://review.opendev.org/c/openstack/openstack-helm-infra/+/813115

Change-Id: Iaee8e2a597a43f2391ff6b73bdaa9804155e48ed
2021-10-18 11:50:21 -07:00
Sean Eagan c90fa60e2a Helm 3: Fix Job labels
See the dependency below for details.

Depends-On: https://review.opendev.org/c/openstack/openstack-helm-infra/+/811826
Change-Id: Id72e8c97603aa205ea1d071e6b99ad81513bacfc
2021-10-01 13:03:25 -05:00
anthony.bellino 34597ae0f1 (zuul) Drydock Post Gate Fixes
Change-Id: I293f83385af97943232dac1bf381442e401e6a07
2021-09-16 08:36:31 -07:00
Maximilian Weiss 10469ed3e5 Update HTK stable commit to 0.2.19
Update helm-toolkit stable commit to merge of this change:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/802925

Change-Id: I78b5061ae38644a6ff5b9965488d4f4ae889df25
2021-08-17 17:55:44 +00:00
Maximilian Weiss de3d51d452 Update helm installation script
Updates the helm installation script to download and install v2.17.0
from get.helm.sh (instead of v2.14 from storage.googleapis.com).

Change-Id: I98a92c52ee1ecd28eb7a5beb6b72c4565b47cdfe
2021-08-17 17:55:44 +00:00
Phil Sphicas 611e98de3f Use OOB driver creds for MAAS
During MAAS enlistment (and commissioning), an IPMI account (named
"maas" by default) is created on each node, which MAAS then uses for
power management.

This change allows MAAS to use the same credentials as the ones used by
the OOB driver, by overwriting the power parameters for the discovered
nodes. This includes the power type, so if the node is configured to use
Redfish, then Drydock will update a MAAS node discovered as IPMI to use
Redfish instead.

It also provides an option to instruct MAAS not to recreate IPMI
credentials during commissioning, which is passed through to the MAAS
API. Setting this to true is only supported in MAAS 2.7 or later [0].

The two maasdriver configuration options are introduced in drydock.conf,
along with their default values:

    [maasdriver]
    use_node_oob_params = false
    skip_bmc_config = false

These options do not prevent MAAS from creating the IPMI account during
enlistment - this would require addition MAAS customization.

0: 8842d0bfd3

Change-Id: I24d3bc3b1cc94907d73bc247de3fc06dd4750ab1
2021-07-30 16:39:06 +00:00
Phil Sphicas 3cbeb29f2d Increase ThreadPoolExecutor max_workers
The existing max_workers setting for the ThreadPoolExecutor caps the
number of nodes that can be deployed concurrently to 16. This change
allows more threads to be run in parallel, allowing the operator to
deploy more nodes at once.

Change-Id: I6d1dfa7ad8f5e03a8328311e6b59ee116a250462
2021-07-28 22:56:13 +00:00
Phil Sphicas 292e94ee2c Avoid expensive MAAS API calls
The MAAS API call "GET /MAAS/api/2.0/machines/" retrieves information
about every machine known to MAAS, which is very slow. The API supports
filtering based on hostname and mac_address (among others), and querying
for power parameters for all nodes at once.

This change modifies identify_baremetal_node to avoid calling refresh on
the full machine list.

Also, the refresh method of ResourceCollectionBase is updated to allow
passing of params, which can be used to take advantage of the filtering.
Note that a filtered call to refresh overwrites the resources collection
to only contain the returned values.

Most calls to Machines.refresh() aren't really needed at all - they are
replaced with a call to Machines.empty_refresh(), which will still make
sure that the API endpoint is accessible but return an empty collection.
(This may get removed entirely in the future.)

Change-Id: Ie58c45e1790c5c827d9d47f5582214ca519946de
2021-07-28 22:56:13 +00:00
DeJaeger, Darren (dd118r) 3ca7978bc7 Drydock request factory tuning
This patchset tunes the Drydock MAAS request factory to:
a) Implement retries for requests toward MAAS_URL/api/2.0/
b) Bumps the request timeout slightly

In addition, restricts threaded actions towards nodes to
using the same MAAS client, effectively rate limiting calls
to the MAAS api.

Change-Id: I2e66105ae332adaed62c9c3bc8cddc63e1f7bf23
2021-07-27 05:44:19 +00:00
Zuul 2f7ec5fb16 Merge "Add "labels" to Drydock deployment" 2021-06-28 21:08:29 +00:00
anthony.bellino b04304094f Gate Fixes for Drydock
* pep8 fixes for airship-drydock-omni-test
* Install requirements sequential for ubuntu_xenial image
* Install older version of pip<21.0 for ubuntu_xenial image

Change-Id: If494b6abc1f8b85d96da4cad2da8606b8b2a1352
2021-05-17 17:43:00 -07:00
DeJaeger, Darren (dd118r) 0b002d5b67 Add "labels" to Drydock deployment
Adding said label, that's already defined, to the deployment itself.
This will enable Armada to properly wait for certain percentages
of the deployment replicas to be ready prior to proceeding. Prior to
this change, there wasn't a way to select the Drydock deployment via
labels.

Change-Id: I7c5ed223d54213a1260c27485d0bfd493c09163f
2021-04-30 16:43:05 -04:00
Zuul c7583638e1 Merge "Accelerate YAML operations with LibYAML" 2020-09-28 16:58:34 +00:00
Zuul 5ac0d8c35d Merge "Upgrade LibYAML version in container builds" 2020-09-28 16:58:33 +00:00
Zuul 09fb8ec585 Merge "Change helm-toolkit dependency version to ">= 0.1.0"" 2020-09-25 20:45:12 +00:00
Phil Sphicas caa7f22b50 Accelerate YAML operations with LibYAML
Patch PyYAML (via the pylibyaml library) to automatically enable the
LibYAML parser and emitter, which are faster than the Python versions.

https://pypi.org/project/pylibyaml/

Change-Id: Iaddc0f30ed99b1f9a999f5365e9e8bf43349b82f
2020-09-25 08:07:49 +00:00
Phil Sphicas 3b2e89c2fd Upgrade LibYAML version in container builds
This change installs libyaml from the source repo (currently at version
0.2.5), instead of the old versions from the Ubuntu mirrors (0.1.6-3 for
xenial and 0.1.7-2ubuntu3 for bionic).

https://github.com/yaml/libyaml
https://packages.ubuntu.com/xenial/libyaml-dev
https://packages.ubuntu.com/bionic/libyaml-dev

Change-Id: I72240fbd16adc07e4ce61761ea5453b0e34d331a
2020-09-25 08:02:04 +00:00
Andrii Ostapenko 3cfe2c25c5
Change helm-toolkit dependency version to ">= 0.1.0"
Since we introduced chart version check in gates, requirements are not
satisfied with strict check of 0.1.0

Change-Id: Ic115755eff68f419116b79102661e9fe1a7b1764
2020-09-24 19:42:45 -05:00
Rick Bartra 96db568d4b Update pip package versions in preparation of pip 20.3
When pip is upgraded to 20.3, the pip dependency resolver is much more
strict and will no longer install a combination of packages that is mutually
inconsistent[0].

These changes account for the fact that Shipyard imports Armada, Drydock,
Promenade, and Deckhand. Having said that, with pip 20.3, the pip
packages amongst those projects cannot conflict. A follow-up change may
be needed if more conflicts are found.

[0] https://pip.pypa.io/en/latest/user_guide/#changes-to-the-pip-dependency-resolver-in-20-2-2020

Change-Id: I89c6dc728824f00f964c794142766012c407c4ed
2020-09-23 17:17:28 -04:00
Phil Sphicas d883770ad9 Update HTK stable commit
Update helm-toolkit stable commit to merge of this change:
https://review.opendev.org/#/c/734702/

Change-Id: I2c1c0d8ca8b3f495e440009bb42dc3355ffd2aa2
2020-07-28 16:32:11 +00:00
Mahmoudi, Ahmad (am495p) 5063769796 Added some validations loggs for site model
During drydock node deployments, sometimes MaaS node deployment for
some nodes fails when the node tries to pull the node bootaction
files, using drydock api.
Drydock api call fails with `500 Internal Server Error`, when
drydock tries to create the booaction files for the node. The logs,
however do no provide any additional clues on what caused drydock to
fail. This issue does not happen always, and subsequent site updates
will most of the deploy the failed nodes.

The additional checks and logs are added to help pinpoint the root cause
of the 500 return code, if/when this issue heppens again.

This ps also, uplifted `MarkupSafe` pip library from 1.0 to 1.1.1 to
address the issue with MarkupSafe and latest version of setuptools
described here: https://github.com/pallets/markupsafe/issues/116

Change-Id: I08a088d9690d8d9dd1f771dc5e84d1eb02fbd39f
2020-07-24 18:57:21 +00:00
KHIYANI, RAHUL (rk0850) 63f7783da2 Implement helm-toolkit snippet to drydock pods/containers
This updates the drydock chart to include the pod
security context on the pod template.

This also adds the container security context to set
readOnlyRootFilesystem flag to true

Change-Id: Ibeb60d0b88f3519730b5b76996ab137c5af4f4f5
2020-07-02 15:59:14 +00:00
Alexander Hughes 6a9c6b092b Fix image build checks missing setuptools
Use apt to install python3-pip, and use pip3 in event system has
both pip2 and pip3 installed. Use apt to install setuptools for
Ansible's consumption.

Change-Id: Id80c809c636abe41a1cbb4d465f82ed1e8e0e9d7
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
2020-06-19 13:32:58 +00:00
Phil Sphicas aa0cf8c8d0 Fix metadata labels for db-init and db-sync jobs
Corrects a recently introduced rendering error in the chart that
resulted in missing metadata labels for the drydock-db-init and
drydock-db-sync jobs.

https://review.opendev.org/#/c/724768

Change-Id: Ifa01bbc369a33ca3d5482c760a342d873736272e
2020-06-03 03:06:05 +00:00
Phil Sphicas 93f593f568 Support binary prefixes for node storage size
This change allows node storage sizes to be specified using binary
prefixes (MiB, GiB, TiB) in addition to the existing supported formats
(MB, GB, TB).

Change-Id: Idef88b648a75bad87625acf1d73af011480cc0b9
2020-06-02 07:11:13 +00:00
Phil Sphicas a75704b8cb fix: prevent multiple IP assignments
A recent change[0] to address PEP8 issues resulted in an unintended
behavior modification, in some cases resulting in MAAS allocation of
multiple IP addresses to the same NIC.

This reverts to the original code logic.

[0] 1755930331

Change-Id: I6dccd1b60c414e3aa966085e81dc0b61244e9814
2020-05-30 20:26:40 +00:00
Zuul e0d804ed31 Merge "Enabling Apparmor for drydock init and test containers" 2020-05-29 16:53:08 +00:00
DODDA, PRATEEK d862a5171f Enabling Apparmor for drydock init and test containers
Change-Id: I7aca8fd1dabc19603a33466175263c4a7f3fa36d
2020-05-26 18:11:39 -05:00
Drew Walters 57008c9506 Update Airship vulnerability link
The Airship vulnerability documentation has moved [0]. This change
updates SECURITY.md to point to the correct location.

[0] https://docs.airshipit.org/learn/vulnerabilities.html

Change-Id: Iea843a3399bc7836f5645c3ca81603e2e9ca7356
Signed-off-by: Drew Walters <andrew.walters@att.com>
2020-05-18 21:24:48 +00:00
Alexander Hughes 1755930331 Address PEP8 Failures in Drydock
Flake8 version recently updated to include new PEP8 rules. Some of
the codebase is not compliant with the new rules.

Change-Id: I0f5b3d41ee54ff0d9ffa05f733f98c7e34f0f258
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
2020-05-12 18:27:06 +00:00
Alexander Hughes 80c82d8957 Uplift pyyaml and requests
Automatic security alerts were created for pyyaml==3.12 and
requests==2.19.1 suggesting these packages be upgraded to 2.20.0 and
5.1 respectively.

Vulnerabilities addressed:
CVE-2018-18074 on requests package
CVE-2017-18342 on PyYAML package

Change-Id: Iff5bc11d60c2724fef0bb8b2552e17573c79dc9f
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
2020-03-04 23:11:31 +00:00