Enhanced rendering of docs, expanded introductory section.
Documented `perm` module, alphabetically sorted documenation for
modules, replaced dead recorded demo links with new links,
documented apt package blacklisting capability.
Change-Id: Ifd889efe73287c13d839ab40b1a78ffa357fd00e
This PS moves to pivot to the hosts namespaces rather than chroot
so as to allow scripts to run fully in the context of the host.
Change-Id: I6b4dab92b6f8a7f9fa5b895d546117fdae43d731
Signed-off-by: Pete Birley <pete@port.direct>
- Adds the ability to rerun divingbell-perm at specified interval.
- Adds the ability to specify a rerun policy of
'always', 'never', 'once_successfully'. Default value is 'always'.
Demo: https://asciinema.org/a/220289
Change-Id: I3909b4d92f8e2bdb0d826ca1cfbd62f937c2532d
The previous README file for Divingbell did not render correctly
as a md. This change converts it to a small RST file.
Change-Id: Iabfc3eb6ed763ddf306d85f85399f2f3f99069ae
Add support for retries and reruns at specified intervals for
divingbell-exec scripts. Also adds support for timeouts.
Also update osh-infra-upgrade-host to allow gate to run.
Change-Id: I5f4cd43b13a467d94f67b358f3190f515256ae66
via new module 'perm'
1) DaemonSet
2) Secret (instead of old ConfigMap)
3) Include module /bin/_perm.sh.tpl
4) Commented example in values.yaml
5) Demo: https://asciinema.org/a/209509
6) Increased # of expected DaemonSets
7) Rebased after a few merges
8) Addressing comments
9) Migrated from ConfigMap to Secret
10) Got rid of 'eval'
11) Test
12) Demo for host targeting: https://asciinema.org/a/213125
Change-Id: Ia3181dcb7fc1ccc7422c635b010000f6d3fbcf4d
In Makefile there is no target which actually installs
Helm binary.
Change-Id: Idca3ed4d0c6d8734b7b6bcfc9d8a1ba9e50693ee
Signed-off-by: Dimitrios Markou <dm844v@att.com>
This change also adds an apt-get update call and a possibility to
provide debconf options that might be needed for some packages.
In case of dpkg interruptions dpkg --configure -a is added to
try to handle the failures.
Change-Id: Ib1f9a412bc544b4f7754634740fb04569bae6d34
For some versions of Tiller, the newline in Secrets were causing
Tiller to error with illegal base64 data error messages.
Change-Id: Ibd005c9b81e620590b0025bd32da4d589eba91ae
- Extends apt daemonset to remove packages.
- Uses a list of packages in remove and automove, so if a
package gets installed that should not be it will be
uninstalled when Divingbell runs again.
Change-Id: Id5c7ccead399a8c78621a0e593033e55412ff315
This change adds a possibility to install or upgrade to packages
with a specific version. The daemonset also tracks the packages
installed, and will be removing the packages that were deleted
from the chart but were previously installed by divingbell.
Change-Id: Ia6066679e549190054eb2cf71589065177447447
Change configmaps to secrets to maintain compatibility with [0].
[0] https://review.openstack.org/#/c/617039
Change-Id: Ie95aee1a4104008ca93c23ac9d19245a87fade20
Avoid filename collision between limits and sysctl module.
Bugfix for sysctl to print reverted setting before it's deleted.
Change-Id: I31269c413f884a25ecf3588b52677ca427b4c082
1) 'Values' configures limit settings to be persisted.
2) Previous DivingBell controlled limits those were set
but now are gone are cleared.
3) Previous values of newly set limits are backed up
to /var/divingbell/limits
4) New limit is applied via adding a separate conf file
to /etc/security/limits.d
5) The Doc is updated with appropriate details.
6) Dev env with Vagrant
7) Increase number of expected DaemonSets in 020-test
8) Demo: https://asciinema.org/a/209619
Change-Id: I5efb39c498c2b666b4ba97271b59757f4a0c1ca7
See false positive in I234a50e9b2e46d5c92a89eb8073771043b4eaf56.
This patch makes the following changes to improve gate stability:
- Increase timeout while waiting for container logs from 30 to 60.
- Exclude terminating containers and get container name on each iteration.
NAME READY STATUS RESTARTS AGE
divingbell-apparmor-default-984mc 0/1 Terminating 0 26s
divingbell-apparmor-default-splhc 0/1 ContainerCreating 0 8s
divingbell-ethtool-default-62dlt 0/1 ContainerCreating 0 8s
divingbell-ethtool-default-v975n 0/1 Terminating 0 26s
divingbell-mounts-default-2xhv5 0/1 ContainerCreating 0 8s
divingbell-sysctl-default-c8nhn 0/1 Pending 0 8s
divingbell-sysctl-default-mlsnp 0/1 Terminating 0 26s
divingbell-uamlite-default-dv9cv 0/1 Pending 0 8s
Change-Id: I35ba6844d41c92bf9f581a97218275363e9ee0bd
1) UCP -> Airship
2) readthedocs.org -> readthedocs.io (there is redirect)
3) http -> https
4) attcomdev -> airshipit (repo on quay.io)
5) att-comdev -> openstack/airship-* (repo on github/openstack git)
6) many URLs have been verified and adjusted to be current
7) no need for 'en/latest/' path in URL of the RTD
8) added more info to some setup.cfg and setup.py files
9) ucp-integration docs are now in airship-in-a-bottle
10) airship-divingbell-ubuntu gate repo split fix (tools/helm_tk.sh)
11) various other minor fixes
Change-Id: I1b7956e77fdd2f01368df1b81b44fdd51ee8443c
This PS adds the ability to attach a release uuid to pods and rc
objects as desired. This can be used, for example, to force an
artificial manifest change in CICD scenarios, for upgradability
testing purposes.
Change-Id: I2f5279c6983f43288e4ef3cb48898d5a36b33833
This patch set:
(a) renamed the docs folder to doc
(b) add in a basic tox.ini to generate the doc via ``tox -edocs``
(c) add in necessary /docs/requirements.txt dependencies
Change-Id: Id45db34fdc8860047047a4e6069483dfb4a56d7f
Signed-off-by: Tin Lam <tin@irrational.io>
This patchset simply drops the AT&T copyright from the Divingbell
README as it renders quite strangely on Github [0]. And besides
that copyrights aren't usually included in README files.
[0] https://github.com/openstack/airship-divingbell
Change-Id: I8484b31f35d67d400c71d2da7a1cda20ec509be7
This PS adds the skeleton for a set of zuul checks and gates for
Airship, using the framework from OpenStack-Helm.
Change-Id: I757aef16f023248ab37e87d47e36fc1eae1e23c4
Signed-off-by: Pete Birley <pete@port.direct>
Note that the tests are a simple build of the helm charts for now.
Left a TODO in place to get the existing test scripts updated to a
current environment.
Change-Id: Icc95ef88c86ab92069e2ed2470a140ef959f7040
purge_expired_users option was added to uamlite chart to allow purging of old
user accounts and the data in their home directories.
Addressed a corner case where the user could lose system access by specifying
ssh key(s) only for the built-in account.
Change-Id: Iccfc914eea219521a290c2b5949ccc2d40d8dbb6
