As the nova.DEFAULT.log_config_append is a aption
for the configuration of nova, we should be add
condtional statement here.
Change-Id: Ib9c50c9ccc0c93226fffccc997c232b0259dff0c
This commit is to fix the issue with heat chart, because of
indentation issue in annotations. The current chart is not allowing
the upgrade via helm if not fixed. Also bumping the chart version
and added release notes.
Change-Id: Ic22d2d20d00febc51bd410316522a85d2f7e582e
This PS adds generation of certificate for barbican, when
tls connection is enabled (manifest.certificate=true), using
values from endpoints.key_manager.host_fqdn_override.default.tls
This PS also fixes tls connection to rabbitmq.
Change-Id: I6397ce934e33975b1d91795aaade498f3a71468a
Signed-off-by: Anselme, Schubert (sa246v) <sa246v@att.com>
In multi-region environment, endpoints of other regions are also changed.
So, if we add the region option to endpoint-update file,
it changes endpoints only for the current region.
story: 2010965
task: 49081
Change-Id: Ia678b6737871dec8f6979924de7f2ba53153e7bf
If there are multi regions, OS_SWIFT_ENDPOINT_PREFIX has broken url. To prevent this problem, use --region option.
story: 2010964
task: 49071
Change-Id: I1bbd76616ab9c9ec7a8554c7f382642b2dbe0661
DVR with OVN floating ip is currently unstable and caused us a lot
of network connectivity issues.
This propose disable it as the default value (False) for
`enable_distributed_floating_ip`.
Change-Id: Ibcf49c331482336e1cbae76dfc2bde86962e350e
With these missing flags, the Helm deploy would finish
but the services would not be functional, causing the
jobs to fail.
Change-Id: If0f6447945552fe6aedace45562e27efcab9a534
We recently re-worked all the deployment jobs
so they use `deploy-env` Ansible role which works
for both multi-node and single-node environments.
This means there is no need to have diffrent sets
of scripts for these two cases.
Also when we deploy Openstack components it is better
to have values overrides for different scenarios but
not different sets of scripts. Here we remove unused
deployment scripts which in many cases duplicated
the code base.
We will be cleaning up the code base even further to
provide excelent user experience.
Change-Id: Iacda03964a4dd0e60873593df9f590ce20504f2f
Recently we updated our test jobs so that all of them
use the `deploy-env` Ansible role which utilizes the
Kubeadm to deploy the test Kubernetes cluster.
The role works for both multi-node and single-node
environments. Although the deployment of Kubernetes itself
is out of scope of Openstack-Helm, we recommen using this
role to deploy test and development Kubernetes clusters.
So at the moment there is no need to provide
different sets of tools single-node and multi-node test envs.
Now this is a matter of the Ansible inventory file.
Also the deployment procedure of OpenStack on top of Kubernetes
using Helm is the same for multi-node and single-node clusters
because it only relies on the Kubernetes API.
We will be improving the `deploy-env` role even futher and
we will be cleaning up the deployment scripts and the documentation
so to provide a clear experience for the Openstack-Helm users.
Change-Id: I70236c4a2b870b52d2b01f65b1ef9b9518646964
In Bobcat by default the ssh keypair is generated
with ed25519 algorithm which is incompatible with
Cirros 0.3.5. The Cirros 0.6.2 also requires minimum
128Mi of RAM
Change-Id: I0135c09a9ae5bc3171891576b29a450f7000f180
The current values specified in values.yaml along with the configmap-etc
template can make it very difficult for the end user to properly configure
a cinder authentication method other than password. These changes give the end
user the needed flexibility.
Change-Id: I99e75e1aa9ddd8378518b1291123a34d2881715f
Add options to nova to enable/disable the use of:
1. The vnc or spice server proxyclient address found by the console
compute init container
2. The my_ip hypervisor address found by compute init container
3. The libvirt live_migration_inbound_addr used by nova compute to
live-migrate instances
These options can be used to prevent cases where the found addresses
overwrite what has already been defined in nova.conf by per host nova
compute DaemonSet overrides.
It is important to allow the flexibility of using or not the default
ConfigMap - DaemonSet cluster level configuration, allowing the
possibility of having custom per host overrides definitions that will
not be overwrite by nova-compute-init.sh
One use case (live-migration) for this flexibility is the following:
Originally the nova-compute-init.sh script received the capability of
selection a target interface (by name, in a ConfigMap level) through
which the live-migration traffic should be handled [1], allowing the
possibility of selecting a separate network to handle live-migration
traffic. This was not assuming any interface/network IP if users did not
set .Values.conf.libvirt.live_migration_interface.
Later [2], same script was updated to fall-back to default gateway IP
resolution in case the live_migration_interface is not defined.
So, currently it is mandatory to define a "cluster level config" for the
interface name (i.e., through ConfigMap) or to rely on default gateway
IP resolution for live-migration addresses.
This can be problematic for use cases were:
* There are many networks defined for the cluster and a host default
gateway might not resolve to the desired network IP;
* There is the need of having a per host definition of nova.conf, since
nova-compute-init.sh will create a new .conf that will overwrite it.
[1] commit 31be86079d711c698b2560b4bed654e23373a596
[2] commit 8f0a15413839c92d6d527bf7cbc441380de6c2af
Change-Id: Iaf86e0a215802001f58d607a1a3a18acf83f5e81
Signed-off-by: Thales Elero Cervi <thaleselero.cervi@windriver.com>
Signed-off-by: Robert Church <robert.church@windriver.com>
The template contains extra backslashes which can cause the start function
to contain extra backslashes, ie:
function start () {
exec neutron-server \
--config-file /etc/neutron/neutron.conf \ \
--config-file /etc/neutron/taas_plugin.ini \ \
--config-file /etc/neutron/plugins/ml2/sriov_agent.ini \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini
}
With this change the function templates correctly.
Change-Id: I9f8ceb203a0039a83ee49c76d6891f7380a6cc08
The issue was that we used to add buildset registry
name to the /etc/hosts file only on the primary node.
This PR fixes this.
Change-Id: I48a861c7c6661e3fe1e7384f4b987f1646d652d7
the port name of the "manila/templates/service-api.yaml" file is b-api, resulting in 503 errors. It should change b-api to m-api
Closes-Bug: #2036395
Change-Id: I8fca75f60d82c67eab833ca09e459b028daaa3db
We recently merged https://review.opendev.org/c/openstack/openstack-helm-infra/+/891720
which updates ingress controller deployment and assumes
we now use IngressClass objects instead of annotations.
We have to update the ingress deployment script
so it creates IngressClass objects with correct names.
Change-Id: I547f27250ba21bb068bc83c62954092111df8b50
The change updates all deployment jobs so they use
deploy-env role which leverages kubeadm to deploy k8s.
This role works for both single-node/multi-node
inventories.
Also all jobs are reorganized to improve job
maintenance. Check pipeline runs tests for 3
most recent releases: Yoga, Zed, 2023.1
We are focusing on 2023.1 for which we run both
Focal and Jammy jobs.
Change-Id: Ibba9b72876b11484fd7cc2e4710e92f964f15cc3
Once manifests.certificates is set as true, TLS for all
components are enabled. There is no way to enable TLS for each
component.
This patch is to support the usecase to just enable vencrypt auth
scheme.
Change-Id: I1e33071a16e0eb764c51442f99c3795ceb9efb19
drive-by changes
- Use the same node selector for ovn metadata agent as ovs
because both should be run on the same nodes
- fix ovn_metadata_agent endpoint config
Change-Id: I81402d6f877a469a6f4beeb5550bbb8f9e75cb43
At this point it requires nfs provisioner that provides
ReadWriteMany volumes for vnfpackages, csar files and
also the same storage class is used for logs.
Also this patch adds a job that only deploys Tacker but
does not tests it in any way. This job is put to the experimental
pipeline.
Co-authored-by: Vladimir Kozhukalov <kozhukalov@gmail.com>
Story: 2010682
Task: 47771
Change-Id: I56d7ba489746ab4f818086440a7783f4b1ecb292
If we define ovsdb_connection in os_vif_ovs config group, health
probe fails for nova-compute because of the wrong condition to
detect db connection string from configuration file.
This patch detects db connection string using string.startswith()
in a more strict way.
Change-Id: I12a3ea4061d5c13879b878b85eb206726b5db27c
Glance image PVC contains requires images that should be careful handled
during changing glance storage when migrate out of PVC mode for glance
storage.
Which in migrate/upgrade path, should be be correctly moved and deleted
the PVC after.
On the other hand, it's also possible to accidentally changes storage
mode out of `pvc` and lose the `glance-images` PVC which is unbearable
mistake.
Once storage mode set to `pvc, we should allow that PVC to be able to
stay and ready for reuse again until it's mannually deleted.
This add flag `keep_pvc` (default to true).
Set it to true to set helm/resource-policy to keep for glance-images.
Set it to false to allow helm delete glance-images PVC when request.
Change-Id: I9d0e2a49aabf81eb2d4e00ad2a9d42125261489e
