325 Commits

Author SHA1 Message Date
Zuul
48e7275f2a Merge "Update docs, clarify the requirements on DNS names registration" 2019-04-23 03:15:03 +00:00
Zuul
9bf5b82567 Merge "Change default number of l3 agents from 5 to 3" 2019-04-22 23:34:18 +00:00
Zuul
921ce157d4 Merge "Enable nested virtualization by default" 2019-04-22 23:34:17 +00:00
Kaspars Skels
dca6a10bb3 Update Zuul refs for airship-treasuremap to treasuremap
Change-Id: I9d07ee14d645c2983c5736eb0f10740a93a7183f
2019-04-22 20:09:15 +00:00
Evgeny L
160c04ebb3 Enable nested virtualization by default
* Add configure kernel parameter `kvm-intel nested=y`
* Configure nova to use kvm host-passthrough libvirt driver.

Change-Id: I8e3b6c6adedb4db481981e2ce4f4721b9f30f511
2019-04-22 17:55:54 +00:00
Dimitrios Markou
46100f03c7 Integrate support for MAAS HA and VIPs
Change-Id: I1c7f3892a03536d94064da1722751eb6683da451
Signed-off-by: Dimitrios Markou <dimitrios.markou@att.com>
2019-04-22 17:08:20 +00:00
Evgeny L
66851e2f4e Change default number of l3 agents from 5 to 3
Currently we don't test the configuration with 5 controllers,
change the number of l3 agents per router from 5 to 3.

Change-Id: I84bcb196fb78006c02ba0e860cc2e69420081b87
2019-04-22 17:02:59 +00:00
Evgeny L
41631c390a Update docs, clarify the requirements on DNS names registration
Airship Seaworthy installation requires a set of valid DNS
names to be configured, ensure that the user register
these names prior to running the deployment.

Change-Id: I7846e5bdcaf55560f8a0d841fd3dc1db7c912490
2019-04-22 16:37:33 +00:00
Drew Walters
2ed2a37124 CI: Update repository references
On April 19, OpenStack completed the migration from openstack.org to
opendev.org [0]. During this migration, Airship projects moved from the
"openstack" namespace to the "airship" namespace. This commit makes
preliminary updates to gate and developer scripts to account for the
migration and fix broken integration gates.

[0] http://lists.openstack.org/pipermail/openstack-discuss/2019-April/005011.html

Change-Id: I88c4d96a756c59dd68ce8c3b801eba9ca8a6f8db
2019-04-21 11:24:23 -05:00
OpenDev Sysadmins
86e644a2fc OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:52:19 +00:00
Kaspars Skels
8d8e2bcb39 Add tools/airship as wrapper for deployment tools
Change-Id: Ic79b3c47964940b1362a24f6f5fcf123ae183722
2019-04-18 11:21:11 -05:00
Drew Walters
c3081eaec5 CI: Add airsloop site linting gate
This commit adds a site linting gate for the new airsloop site.
Additionally, this change aims to standardize the names of all gates and
creates a parent job for site linting gates.

Change-Id: Ia8fa428909adf09c584540cfe4e5803bd3ca2420
2019-04-17 16:19:31 +00:00
Drew Walters
f41e637d85 airskiff: Update bootstrap OSH-infra pin
Currently, Airskiff deployments fail in Airskiff due to pod a missing
helm-toolkit snippet. This change updates the OSH-infra reference to a
version that includes the missing snippet.

Change-Id: Iad523ecacf5563b4aa3c1ddb4b2a058dfe8c639c
2019-04-16 17:51:09 +00:00
Zuul
17e1dfd393 Merge "Sloop type and Airsloop site" 2019-04-16 16:25:34 +00:00
Evgeny L
2302e53258 Uploading the manifests requires an absolute path to collected dir
`tools/deckhand_load_yaml.sh` script from shipyard uses `docker run`
to upload the documents to deckhand, `-v` parameter to mount
the volume requires an absolute path to the directory to work
correctly.

Change-Id: Ice1d0012b6bcae9652d54f10cf65985e37ca5d77
2019-04-15 16:28:34 +00:00
Kaspars Skels
06ffeec6b1 Sloop type and Airsloop site
Sloop type/site is a minimalistic approach to Airship with reduced
requirements towards hardware and external dependencies while keeping
all the functional features.

Major differences compared to reference site airship-seaworthy
 - Two bare-metal server setup with 1 control, and 1 compute.
   Most components are scaled to a single replica and doesn't carry
   any HA as there is only a single control plane host.
 - No requirements for DNS/certificates.
   HTTP and internal cluster DNS is used.
 - Ceph set to use the single (root) disk. This generally
   provides minimalistic no-touch ceph deployment.
   No replication of ceph data (single copy).
 - Simplified networking (no bonding).
   Two network interfaces are used by default (flat PXE, and DATA network
   with VLANs for OAM, Calico, Storage, and OpenStack Overlay)
 - Generic hostnames used (airsloop-control-1, airsloop-compute-1) that
   simplifies generation of k8s certificates
 - Usage of standard Ubuntu 16.04 GA kernel (as oppose to HWE)

Change-Id: I4944fcae7d29ed8799d810c93efb0120b6b3a105
2019-04-12 16:11:37 -05:00
Evgeny L
a29d85253c Update docs to include generated certs into collected dir
After certificates generated by promenade are copied into
site specific directory, YAMLs in *_collected directory
should be updated.

Change-Id: Iea5b1cb98471605025973d56dacda51f647e62f3
2019-04-11 21:20:14 +00:00
Zuul
f28a3a7849 Merge "clean-up script for ceph-disks and data" 2019-04-06 01:12:58 +00:00
kranthikirang
6304cb2785 clean-up script for ceph-disks and data
Change-Id: I85898be92781e1fef2293b42186d00f06f600014
2019-04-04 16:20:01 -04:00
Zuul
52a9a7390d Merge "Fix install 4.15.0-34-generic" 2019-04-04 18:24:28 +00:00
Zuul
ea1667a8b1 Merge "airskiff: Use Minikube for Kubernetes deployment" 2019-04-03 23:28:28 +00:00
Kaspars Skels
23fa63abc6 Uplift promeande charts to support latest ciphers
Change-Id: Idd60d3d23fb60a91ec826cd2bb9bf0458f03f8e0
2019-04-03 10:35:06 -05:00
Zuul
82b2e57147 Merge "Add cache for results of requests to quay.io in Updater tool" 2019-04-02 19:13:59 +00:00
kranthikirang
c8450b0524 Fix install 4.15.0-34-generic
Change-Id: I2fb1c27f19468de2351186f74bded5013097626f
2019-03-25 10:42:19 -04:00
Drew Walters
ac91f0cf96 airskiff: Use Minikube for Kubernetes deployment
This commit replaces the kubeadm Kubernetes deployment script with the
new OpenStack-Helm infra minikube deployment script.

[0] https://review.openstack.org/618785

Change-Id: I36c7637a983308891914db7a1cac0907e2724712
2019-03-22 16:33:14 -05:00
Zuul
60d46debca Merge "airskiff: Pull rather than build Airship images" 2019-03-22 19:32:30 +00:00
Zuul
51fe71b062 Merge "Add the wait label to delete nova test pod when nova chart is upgraded" 2019-03-22 16:25:50 +00:00
Drew Walters
4a41d06c61 airskiff: Pull rather than build Airship images
Currently, Airskiff deployment scripts build images of the Airship
components locally so that local changes can be deployed with ease;
however, pulling images with the latest tag has the same effect because
locally built images take precedence over pulling images from the
internet. Therefore, a developer can still build the images locally and
deploy them using the Airskiff deployment scripts.

Depends-on: https://review.openstack.org/633007
Change-Id: I3dabc86a33651dd082581310fbacb994db144481
2019-03-21 17:16:04 -05:00
James Gu
57035296eb Add the wait label to delete nova test pod when nova chart is upgraded
Fixes the error when upgrade nova chart that compains the
airship-nova-test pod alrady exists when upgrade Nova chart.

Change-Id: I26e5e32614d1fd2880c33501bde9638f37606857
2019-03-21 09:57:04 -07:00
Drew Walters
771bc53109 global: Add nfs-provisioner chart
This commit introduces a global chart and chart group for NFS
provisioner, a chart in the OpenStack-Helm-Infra repository [0]. The NFS
chart will be required for Airskiff when deploying global UCP charts.

[0] https://git.openstack.org/cgit/openstack/openstack-helm-infra/tree/nfs-provisioner

Change-Id: I9c6464f08e6ce54bdca72525cdef04df7f14edc5
2019-03-21 11:24:48 -05:00
Zuul
01a9d210ed Merge "Add missing labels to osh charts and ucp chart groups" 2019-03-19 22:24:32 +00:00
James Gu
ee7409ebee Add missing labels to osh charts and ucp chart groups
Add name and component labels to the memcached, ceph-config charts and
horizon charts and ucp chart groups in the global so they can be
referenced by customized sites.

Change-Id: I54aad9582841fc2d91a103aeb28b162660bd1b0f
2019-03-19 11:53:07 -07:00
Michael Beaver
0a739c2187 Uplift HAProxy to address CVEs
The current default version of HAProxy is vulnerable to multiple CVEs:
CVE-2018-20102
CVE-2018-20103
CVE-2018-20615

Which HAProxy versions >=1.8.17 addresses

Change-Id: I8a387a43976dd105ea3c1dd9b74cd435a8f56864
2019-03-18 10:27:53 -05:00
Steve Wilkerson
84beb29ddd Fluent-logging: Update fluentbit input definitions
This updates the fluent-logging chart to match the input configs
used in the upstream chart, primarily focused on moving from the
sqlite db file tracking mechanism to the in memory mechanism
instead. This also adds the appropriate fluentbit filter config
for throttling the number of records being forwarded to fluentd

Change-Id: I68ebf05b1b9fcf2a98b4717b74e3d13050446a09
2019-03-15 16:35:06 +00:00
Zuul
bdd8bf0d9d Merge "Disable weak tls ciphers for kube-apiserver" 2019-03-15 15:49:01 +00:00
Zuul
1fbe3e9e44 Merge "Publish pipeline logs to artifactory" 2019-03-14 21:21:52 +00:00
Jared Miller
95a1a9f431 Disable weak tls ciphers for kube-apiserver
Set `--tls-cipher-suites` to golang defaults minus 3DES
Implementation of change made in
https://review.openstack.org/#/c/634815/

Change-Id: Icbeded84d5973b042a779ba20569654d2d91b563
2019-03-14 19:03:42 +00:00
Evgeny L
e4cd4cde48 Shipyard now requires db init template from osh-infra
Update the version of openstack-infra.
The change was introduced into Shipyard [1], that now
requires db-pg-init template to be defined in osh-infra [2].

[1] https://review.openstack.org/#/c/636147/
[2] https://review.openstack.org/#/c/635348/

Change-Id: Ie653a633424a7250502629bd31befb43d029e693
2019-03-12 18:33:13 +00:00
Roman Gorshunov
23b8e13c5b Add cache for results of requests to quay.io in Updater tool
All changes are in Updater tool.
1) Cache results of requests to quay.io
2) Fix formatting of strings and strings in logs
3) Improve logging for http requests to quay.io
4) Fix failure when --out-file is specified with path
5) Fix quay.io HTTP 301 permanent redirect from '.../tag' to '.../tag/'

Change-Id: I7d5cec65c713be261af0997774ee945545b5090a
2019-03-04 17:05:49 +01:00
Zuul
c4977836e1 Merge "Use sudo in systemctl unmask call" v19.03.06 2019-03-01 23:50:27 +00:00
Evgeny
1e9d2c97f9 Update from docker-engine to docker-ce
A previous patch that bumps the version of docker [1]
is broken because there is no "17.03.3" version of
docker-engine.

Docker package is now called docker-ce [2] and is provided
from a different repo, update repo paths and keys
to newer docker version.

The key is taken from: https://download.docker.com/linux/ubuntu/gpg

[1] https://review.openstack.org/#/c/639175/
[2] https://docs.docker.com/install/linux/docker-ce/ubuntu/

Change-Id: Idddee15e17a75017fdb0b8401aafef86cec4af1f
2019-03-01 17:39:48 +00:00
Zuul
8126b27d4d Merge "A minor docker-engine update" 2019-03-01 17:20:54 +00:00
Zuul
d01a5a1659 Merge "Globals: Wait on RabbitMQ StatefulSets" 2019-03-01 17:20:53 +00:00
Egorov, Stanislav (se6518)
93aaaf3b24 Publish pipeline logs to artifactory
Change-Id: Iaf036475abb4d5ea6098a2bae52fc0fda48851c3
2019-02-28 13:21:21 -08:00
Matt McEuen
09f7130383 Globals: Wait on RabbitMQ StatefulSets
This modifies the RabbitMQ Armada charts to wait specifically
for the RabbitMQ StatefulSets to complete prior to proceeding.
This is more robust than the default Pod waiting, as Pod waiting
for SS's has a race condition such that all Pods are likely
Running and Ready prior to any action having been taken, during
and upgrade scenario.

This change leverages recent Armada resource-based wait functionality.

Change-Id: I3867ce6966047d6b877a9bfa872defc0eda9693a
2019-02-28 14:59:57 -06:00
Jenkins Uplifter
930e873ef5 Auto chart/image uplift to latest
Change-Id: I2f98d59e761e19acc4b20a31fe8be6555c0e361b
2019-02-28 06:15:58 +00:00
Evgeny L
c2d0ddd4d4 A minor docker-engine update
Update docker-engine from 17.03.1 to 17.03.3.

Change-Id: Ie9178d548a3b8e01172de172e9086fefadb277a6
2019-02-28 00:12:58 +00:00
Evgeny
0aac1554cc Update docs to clarify certificates requirements
During the initial configuration it's required to
configure a set of valid certificates for ingress.
Make it more explicit so people don't miss this step.

Change-Id: Ie6477f934688467b7d5dfe1cc8191f6acff29a21
2019-02-28 00:07:39 +00:00
Evgeny L
efae9cd97f Uplift Armada and fix neutron configs
The latest version of Armada introduced a separate timeout
value for tests [1], a default value for the timeout is 300,
which is not large enough for Neutron tests.
Also add wait.labels to ensure automatic deletion of test
pods [2].

[1] https://review.openstack.org/#/c/618585/
[2] https://review.openstack.org/#/c/629313/

Change-Id: I86b1f9a8f17c273cf990189b2ffb07d60e3814b9
2019-02-26 22:40:32 +00:00
Jenkins Uplifter
7e5121f644 Auto chart/image uplift to latest
Change-Id: I1acdebcf1f030bff846da5cf55676273dc2c89d8
2019-02-21 16:05:14 +00:00