We recently re-worked all the deployment jobs
so they use `deploy-env` Ansible role which works
for both multi-node and single-node environments.
This means there is no need to have diffrent sets
of scripts for these two cases.
Also when we deploy Openstack components it is better
to have values overrides for different scenarios but
not different sets of scripts. Here we remove unused
deployment scripts which in many cases duplicated
the code base.
We will be cleaning up the code base even further to
provide excelent user experience.
Change-Id: Iacda03964a4dd0e60873593df9f590ce20504f2f
bugfix: add helm3_hook default
bugfix: revert change on neutron - not applicable to this changeset
Change-Id: I4bc60e8e34a6861742f1f9e7582e69f49740ab87
Strictly speaking, open socket doesn't mean working API.
We experienced API stopped responding and the socket was still
open so API was unhealthy actually but kubernetes did not restart.
HTTP probe will fix this issue.
Change-Id: I95bb3ad3123d8a4a784d260477f037fa5506d290
Based on spec
support-OCI-image-registry-with-authentication-turned-on.rst
Each Helm chart can configure an OCI image registry and
credentials to use. A Kubernetes secret is then created with this
info. Service Accounts then specify an imagePullSecret specifying
the Secret with creds for the registry. Then any pod using one
of these ServiceAccounts may pull images from an authenticated
container registry.
Related OSH-infra change:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/848142
Change-Id: I54540f14fed29622bc5af8d18939afd06d65e2d8
This change updates the default image values for the ironic chart
to use the wallaby release images.
This is part of the effort to remove older release references.
Change-Id: I485bc247c5d14176b6b4db36e2b5006a900238f9
This changes use the helm-toolkit template for toleration
in openstack services
Signed-off-by: Lucas Cavalcante <lucasmedeiros.cavalcante@windriver.com>
Story: 2009276
Task: 43531
Depends-On: I168837f962465d1c89acc511b7bf4064ac4b546c
Change-Id: Idf412a10e6c6eb6721c427627cf945a70151e355
As part of the move to helm v3, all the charts in the OSH repos
will no longer lint/build properly due to a lack of helm serve
in helm v3.
This change modifies the helm-toolkit repo location to the
osh-infra repo in order to account for the removal oh helm serve.
This work is part of the migration to helm v3 and will be utilized
in future changes.
Change-Id: I90d25943d69ad6c76455f7778a4894f00c525c46
In the Victoria cycle oslo.policy decided to change all default policies
to yaml format. Today on openstack-helm we have a mix of json and yaml
on projects and, after having a bad time debugging policies that should
have beeing mounted somewhere but was being mounted elsewhere, I'm
proposing this change so we can unify the delivery method for all
policies across components on yaml (that is supported for quite some
time). This will also avoid having problems in the future as the
services move from json to yaml.
[1] https://specs.openstack.org/openstack/oslo-specs/specs/victoria/policy-json-to-yaml.html
Signed-off-by: Thiago Brito <thiago.brito@windriver.com>
Change-Id: Id170bf184e44fd77cd53929d474582022a5b6d4f
This change bumps each openstack chart version up to the next
greatest minor version of 0.2.0, signifying that openstack-helm
will no longer support older, EOL releases for each chart.
Change-Id: I7ce80c7bdc779c1de4472079f18102f506bfbb90
Chart upgrading was failing due to some immutable fields are needed to upgrade before the jobs can be upgraded. For solving this issue, we
have added the helm.sh/hook annotations with post-install and post-upgrade values.
As for hook-weight annotations, we have added these to control the flow of the jobs with hook creation as the jobs are dependent. Like,
db-init jobs need to run before db-sync and so on.
Change-Id: I0905be3d1708e5226ccd41b84b409a290c89f826
Since we introduced chart version check in gates, requirements are not
satisfied with strict check of 0.1.0
Change-Id: If537f69dec7e3360f6bffcc4424f10c248919ece
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
Added chart lint in zuul CI to enhance the stability for charts.
Fixed some lint errors in the current charts.
Change-Id: I7e4b191fb9e355ab5d5a233e8ed121346519df62
Some OSH charts have diffferent values for logger_root
handler from upsgream repo config defaul values.
Exactly, logger_root handler values.
This leads double logging finally.
To fix this, set logger_root as null like upstream repos.
Change-Id: I20e4f48efe29ae59c56f74e0ed9a4085283de6ad
ironic conductor does not allow to have the enabled_drivers
configuration value from stein version.
If we set values for enabled_drivers, the service raised errors.
Change-Id: I5b299ab691013836d5eb2169f95b12805a27b4e8
The current copyright refers to a non-existent group
"openstack helm authors" with often out-of-date references that
are confusing when adding a new file to the repo.
This change removes all references to this copyright by the
non-existent group and any blank lines underneath.
Change-Id: Ia035037e000f1bf95202fc07b8cd1ad0fc019094
This reverts commit 1c85fdc390.
Do not use randomly generated strings in configmaps as this leads to
whole helm release redeployment even no values are changed. The random
items have to be generated outside of helm chart and provided via
values.
Also previous behaviour didn't allow to use cache during rolling upgrade
as new pods were spawned with new key.
Change-Id: I423611b18fca0d65e2e721a9c6a0c3d8df0813d2
With the update of openstack clients:
openstack client >= 4.0.0
neutron client >= 6.14.0
neturon lib >= 1.29.1
The command 'openstack network show ${network} -f value -c subnets'
returns '[]' instead of null string if no subnets found in the
specific network. This commit adds a check logic to avoid subsequent
command returns error by using '[]' as subnet input.
Change-Id: I7e7d5209227b0e34131b7715dbd3faa6066a94b7
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
This updates the kubernetes-entrypoint image reference to consume
the publicly available kubernetes-entrypoint image that is built
and maintained under the airshipit namespace, as the stackanetes
image is no longer actively maintainedy
Depends-On: https://review.opendev.org/688435
Change-Id: I8e76cdcc9d4db8975b330e97169754a2a407341f
Signed-off-by: Steve Wilkerson <sw5822@att.com>
The base network policy framework currently applies only to some
OpenStack services' charts but not others. This patch set applies the
same base network policies framework to all services.
Change-Id: I786c68057f6742a79a33f78db6e3bba8b99cf1b8
Signed-off-by: Tin Lam <tin@irrational.io>
Make bootstrap script structured to be able to override
version of agent or even image source itself.
Change-Id: Ibdba2222176833b5a593bfc1619e2a0913b6fac1
We can configure custom volumes and volumeMounts in the helm chart for ironic conductor and these are now mounted in the ironic-conductor container.
Change-Id: I717920cb0b75951175019bb991c8d948916a9db3
Signed-off-by: Radu Viorel Cosnita <radu.cosnita@gmail.com>
Story: 2006458
Task: 36380
Current pxe init script does not support pxe for centos distro as
base image. Different folders were checked for centos to copy
pxe/ipxe files to tftpboot folder.
Change-Id: I4911825193d75aaaed24e8b71ba43efa2fc78fe8
Signed-off-by: Mingyuan Qi <mingyuan.qi@intel.com>
This PS updates the charts to use the htk function recently introduced
to allow oslo.messaging clients ans servers to directly hit their
backends rather than using either DNS or K8S svc based routing.
Depends-On: I5150a64bd29fa062e30496c1f2127de138322863
Change-Id: I458b4313c57fc50c8181cedeca9919670487926a
Signed-off-by: Pete Birley <pete@port.direct>
This PS enables the use of simple logging options if desired.
Change-Id: If6ea420c6ed595b3b6b6eedf99a0bf26a20b6abf
Signed-off-by: Pete Birley <pete@port.direct>
This patch make the db sync job template follows the same pattern
that other templates utilize the variables to make in a predictable
pattern.
Change-Id: Idbedd046c6b4fd001cf63004ffac792173a5778b
Story: 2005754
Task: 33457
We now have a process for OSH-images image building,
using Zuul, so we should point the images by default to those
images, instead of pointing to stale images.
Without this, the osh-images build process is completely not
in use, and updating the osh-images process or patching its
code has no impact on OSH.
This should fix it.
Change-Id: I672b8755bf9e182b15eff067479b662529a13477
In _ironic-conductor-pxe-init.sh.tpl file,
there are only codes for ubuntu system.
However in Openstack-Helm especially in kolla image,
there are Ubuntu version and CentOS version.
So add codes for OS dependency check and ipxe file PATH for each OS.
Change-Id: I04886da64ae0dfda782bcd8d8d2cde960ab1db1d
Signed-off-by: TaewooLee <tw0410.lee@samsung.com>
This PS adds emptydirs backing the /tmp directory in pods, which
is required in most cases for full operation when using a read only
filesystem backing the container.
Additionally some yaml indent issues are resolved.
Change-Id: I9df8f70e913b911ff755600fa2f669d9c5dcb928
Signed-off-by: Pete Birley <pete@port.direct>
Currently a pxe-client has to contact with ironic-api through
it's internal endpoint during lookup() period.
However, the pxe-client cannot access kube-dns by ifself,
so it needs additional dns server. (or Using NodePort)
With additional dns server, it will be safer for pxe-client
to contact with ironic-api through it's public endpoint(passing by ingress)
rather than internal endpoint directly becuase internal pod's IPs would be changed frequently.
Also, I refered to {Values.conf.ironic.glance.swift_endpoint_url}.
(swift is also accessed by the pxe-client and swift_url's default is public endpoint)
Change-Id: I0ad97f3ed608973d7e5a4a11d87595fe258a0db5
Using {{- if for the volume mounts caused them to be added inline with
the previous line.
Removing the - from the if expression makes them be properly aligned on
the next line
Change-Id: Ia5e28366fb1f2ae7420b7f5217c10cbb94bc48ab
currently ironic chart is quite entangled with the presense of
other openstack services (Glance, Neutron, Swift).
Ironic is capable of running completely standalone, and while
the keystone and some neutron-related pieces are implemented as jobs
and can be turned off in manifests and dependencies sections of values,
others are scripts running as initContainers and are not the easy to
switch off.
This patch adds more key/values to the bootstrap key,
which allows to turn off Neutron-, Swift- and Glance-related pieces
while keeping possibility that some other networking, image or
object_store actions appropriate for standalone case may be needed.
Change-Id: Icccbdbce81ca350042f33f5e86bb942064839267
If user wants to add an extra volumeMounts/volume to a pod,
amd uses override values e.g. like this
pod:
mounts:
nova_placement:
init_container: null
nova_placement:
volumeMounts:
- name: nova-etc
...
helm template parser complains with
Warning: The destination item 'nova_placement' is a table and ignoring the source 'nova_placement' as it has a non-table value of: <nil>
So when we create empty values for such keys in values.yaml, the source
will be present and warning does not need to be shown.
Change-Id: Ib8dc53c3a54e12014025de8fafe16fbe9721c0da
Tadas Sutkaitis