The coe mesos has not been maitenaned for quite some
time and hasn't got much attetion from the community
in general. As discussed in the mailing list [1] we
are dropping for now.
In this patch, we start by removing the mesos driver
and its test cases. This part of the code has no impact
for other drivers. Then we can clean up mesos references
that affect the API.
[1] http://lists.openstack.org/pipermail/openstack-discuss/2021-December/026230.html
Conflicts:
lower-constraints.txt
tox.ini
Change-Id: Ied76095f1f1c57c6af93d1a6094baa6c7cc31c9b
Now the label `fixed_network_cidr` is not handled correctly, no matter
if the label is set, the default value '10.0.0.0/24' is used for
fixed network anyway. This patch fixes it and renamed it as
`fixed_subnet_cidr` to make less confusion. The new behaviour will be:
1. If the label `fixed_subnet_cidr` is set but no fixed subnet passed
in, then a new subnet will be created with the given CIDR.
2. If a fixed subnet is passed in by user, then label `fixed_subnet_cidr`
will be override with the CIDR from the given subnet.
Task: 39847
Story: 2007712
Change-Id: Id05e36696bf85297a556fcd959ed897fe47b7354
Removes the role heat param from all templates. Instead and only for
k8s templates adds the master_role and worker_role params. The new
worker_only condition should be true for all roles except for master.
Finally, adds the missing is_cluster_stack param to all templates.
Change-Id: Ie0799373fe492c2e0a0cad903ed6e8c93e6266b5
* Fedora CoreOS need the key to be passed as
a string.
* We can adopt in all drivers so that users in
the same project can do cluster resize.
story: 2005201
task: 36934
Change-Id: I9a18ce4dcbd74f0dcd23274baed7c8c3d2029d50
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
Using comma delimited ipv4 address list to specify multi dns server
"8.8.8.8,114.114.114.114".
Task: 29465
Story: 2004994
Change-Id: I031247b0cc2ae417f18b2a5b9b3832e78ed9dafd
- Never allocate floating IP for etcd service.
- Introduce a new label `master_lb_floating_ip_enabled` which controls
if Magnum allocates floating IP for the master load balancer. This
label only takes effect when the `master_lb_enabled` is set. The
default value is the same with `floating_ip_enabled`.
- The `floating_ip_enabled` property now only controls if Magnum
should allocate the floating IPs for the master and worker nodes.
Change-Id: I0a232406deaf112b0cb9e445735d7b49206c676d
Story: #2005153
Task: #29868
Now Magnums onlys has one server group for all master and worker nodes
per cluster, which is not very flexible for small cloud scale. For a
3+ master clusters, it's easily meeting the capacity when using hard
anti-affinity policy. This patch is proposing one server group for each
master and worker nodes group to have better flexibility.
story: 2004195
Change-Id: If11ba863a2aa538efe1e3e850084bdd33afd27d2
A user may not rely on nova-keypairs to access their cluster
such as a preconfigured SSSD.
story: 2004402
task: 28035
Change-Id: I77fbdc174d3dddfd312fb8dac20516314d4c182e
Currently, there is no guarantee to make sure all nodes of one cluster are
created on different compute hosts. So it would be nice if we can create
a server group and set it with anti-affinity policy to get a better HA
for cluster. This patch is proposing to create a server group for master
and minion nodes with soft-anti-affinity policy by default.
Closes-Bug: #1737802
Change-Id: Icc7a73ef55296a58bf00719ca4d1cdcc304fab86
In the drivers section of magnum.conf add openstack_ca_file.
This file is expected to be a CA Certificate OR CA bundle
which will be passed on every node and it will be installed
on the host's CA bundle.
Update devstack plugin to use the ssl bundle if tls-proxy is
enabled.
Install the CA for drivers:
k8s_coreos_v1
k8s_fedora_atomic_v1
k8s_fedora_ironic_v1
mesos_ubuntu_v1
swarm_fedora_atomic_v1
swarm_fedora_atomic_v2
Add doc in troubleshooting-guide.
Add release notes.
Closes-Bug: #1580704
Partially-Implements: blueprint heat-agent
Change-Id: Id48fbea187da667a5e7334694c3ec17c8e2504db
Added configuration parameter, verify_ca, to magnum.conf with default
value of True. This parameter is passed to the heat templates to
indicate whether the cluster nodes validate the Certificate Authority
when making requests to the OpenStack APIs (Keystone, Magnum, Heat).
This configuration parameter can be set to False to disable CA
validation.
Co-Authored-By: Vijendar Komalla <vijendar.komalla@rackspace.com>
Change-Id: Iab02cb1338b811dac0c147378dbd0e63c83f0413
Partial-Bug: #1663757
The instance type of servers at the moment can become quite long
due to the Heat autogenerated names. This patch cleans up the names
so that they are shorter yet contain all the info needed to be able
to know where they belong to.
Change-Id: I5bcbe73f08844242d049b8408221da40d22cd3dc
This commit addresses multiple potential vulnerabilities in
Magnum. It makes the following changes:
* Permissions for /etc/sysconfig/heat-params inside Magnum
created instances are tightened to 0600 (used to be 0755).
* Certificate retrieval is modified to work without the need
for a Keystone trust.
* The cluster's Keystone trust id is only passed into
instances for clusters where that is actually needed. This
prevents the trustee user from consuming the trust in cases
where it is not needed.
* The configuration setting trust/cluster_user_trust (False by
default) is introduced. It needs to be explicitely enabled
by the cloud operator to allow clusters that need the
trust_id to be passed into instances to work. Without this
setting, attempts to create such clusters will fail.
Please note, that none of these changes apply to existing
clusters. They will have to be deleted and rebuilt to benefit
from these changes.
Change-Id: I643d408cde0d6e30812cf6429fb7118184793400
This patch move software configs out of resource group(mesosslave.yaml).
With this fix Mesos templates will no duplicate software configs.
Change-Id: I241acb6aa9389e01e5412d412f07adb0b318f835
Partial-Bug: #1646710
This patch let mesos slave share same wait condition and wait condition
handler resource instead of create same function of resource for each
slave node.
Partial-Bug: #1646720
Change-Id: I4271e0bce1a0a9a5b9d5e4b29a53508fe529badd
If a fixed_network and fixed_subnet is specified no private network
is created by the templates and the specified network is
used instead for VMs provisioning, like in the Ironic driver.
Currently missing is the code to handle the use case where you
specify a fixed_network but not a fixed_subnet, this will come
in a following patch.
Partially Implements: blueprint decouple-private-network
Change-Id: I2003eb709b22b905063d846eb71570fc5e033618
Currently for each driver has following code
1) Create a fixed Network.
2) Create a fixed subnet in the network created at step 1.
3) Create a router
4) Attach subnet(created at step2) to router(created at step 3)
A new resource is created for above tasks in network.yaml file.
New resource does the above tasks and output the fixed network ID
and fixed subnet id, which is used by other parts of the heat
template.
Change-Id: Ib347ce5c54c6566300a43e05b277bf80351a2256
Closes-Bug: #1606912
Similarly to pep8 checks, this allows enforcing a consistent
style of the shell scripts accross modfications. For now
only the indentation is enforced to reduce code churn.
Closes-Bug: 1648099
Change-Id: Ie66cbe1aea4bd01a8bba8833ef6cbd2cff6a7c6a
This patch move security group out of mesos slave resource group.
Security group should only declear once, and use it for the rest part.
Closes-Bug: #1646676
Change-Id: I4ea5af1fda5eea452a21151daad5ec2815389824
It creates a mismatch between the generated Nova name
and its hostname which can lead to weird problems.
Closes-Bug: 1645730
Change-Id: I1c7dd459caefacaf41dd77e59c1a6e1df3ef0d42
Output param is wrongly set in mesoscluster.yaml.
Corrected as below:-
mesos_slave_private --> mesos_slaves_private
Change-Id: I2a456c2153945ebf1ded6bcdd537d194b0d3a9bb
LBaaS v1 api is completely removed by neutron, so it
cannot be used now. Added Support of LBaaS v2 API.
Now all COE's uses LBaaS v2.
Co-Authored-By: yatin karel <yatin.karel@nectechnologies.in>
Change-Id: Idbccbe1065857449fc8e158115b7833b68c2da9f
Partially-Implements: blueprint magnum-lbaasv2-support
This is patch 3 of 3 to change the internal usage of the terms
Bay and BayModel. This patch updates Bay to Cluster in DB and
Object as well as all the usages. No functionality should be
changed by this patch, just naming and db updates.
Change-Id: Ife04b0f944ded03ca932d70e09e6766d09cf5d9f
Implements: blueprint rename-bay-to-cluster
This reverts commit 15162ce33a.
Mesos services were not working, so reverted the patch
which renamed slave to agent.
Change-Id: I94a9a36e649f48f8e31386226226261ef459ce25
Closes-Bug: #1617407
"openstack" storageDriver is not supported in latest version of
rexray. It is supported in stable version: 0.3.3.
Once it is supported: http://rexray.readthedocs.io/en/stable,
this commit can be reverted.
Change-Id: I854fb322debe9464c66a566f3b04392ebed61603
Closes-Bug: #1617331
This reverts commit 748cf13182.
This commit breaks to setup.py install phase.
Closes-Bug: #1615026
Change-Id: Ie29a723319775e1becff5a6099cb58e3541e399c
This patch establishes a convention of using a symlink named "common" in
drivers/{driver}/templates/ that points to drivers/common/templates/.
This has two benefits. First, it lowers the burden of forking a driver
by allowing drivers/common/templates/ to be copied over the symlink,
rather than having to update all of the paths in the templates and
driver code. Second, it shortens the paths used, which makes things
cleaner.
Change-Id: I9176ec03905d0a87a43ba6bedf1f768b2b316125
Partially-implements: blueprint bay-drivers
The ApiGatewaySwitcher child template and the environment files that
enable/disable the master load balancer are identical across the bay
drivers that use them. This patch pulls them into the common directory.
Change-Id: I3c34df57f3c6487747ad896444075bf6a22725e5
Partially-Implements: blueprint decouple-lbaas
Mesos community has renamed slave to agent. This change reflect
this renaming in the code.
Change-Id: Ic97a827345b62f812ed63180cd1f5820e2200682
Closes-Bug: #1516188
This patch modifies the mesos bay driver/templates to allow its LBaaS
resources to be conditionally enabled/disabled.
Change-Id: I99e3b4a549e23b15db99ad91b5bb084c34771834
Partially-Implements: blueprint decouple-lbaas
Make consistent default version of heat template across
kubernetes, swarm and mesos
Change-Id: I5f8231336a6832ae8ecd8f789ed0b51ba5062729
Closes-Bug: #1425368
Moves templates and template_definitions to the new
directory structure.
Change-Id: I42e4d2bd056f3d8082ef51ef599d917f2fe82960
Paritially-Implements: blueprint bay-drivers