176 Commits

Author SHA1 Message Date
Vladyslav Drok
6d6a598945 Install and enable apparmor in gate
Change https://review.openstack.org/614805 starts requiring
apparmor.

Change-Id: Idd7a1abec7a58f5e7c9ace91aaff3c95872cdf5b
2018-12-17 14:47:40 -08:00
Evgeny L
8b5387e1b8 Fix a link to OSH bugtracker in the docs
Change-Id: I99fa255d9e0881923bdaf00f7bdb555c5f8f4b0a
2018-12-13 17:50:09 +00:00
Steve Wilkerson
aa55b30426 osh-infra: update fluentbit config, sequence logging group
This corrects some erroneous configuration in the fluent-logging
chart. This also updates the chart group to be sequenced, as
fluent-logging depends on Elasticsearch to be up prior to running
the template jobs

Change-Id: I5ac52a86008a5c91ac0a6fd0081fd60ec977d5ce
2018-12-07 01:13:40 +00:00
Zuul
4b75ae25ab Merge "zuul: Add Airskiff Zuul Gate" 2018-12-05 20:34:51 +00:00
Zuul
d4d794329d Merge "zuul: Update Zuul nodeset name" 2018-12-05 19:40:36 +00:00
Zuul
d8dfce086e Merge "airskiff: Sequence Airship components" 2018-12-05 12:06:06 +00:00
Mark Burnett
d8d80d9b66 Uplift Kubernetes to version 1.10.11
This addresses a critical security vulnerability.

Change-Id: I76dbc59d2b5d4a85c72e16eb3fe7f760b01a53f7
2018-12-04 22:49:56 +00:00
Drew Walters
c1a8aa7b38 zuul: Add Airskiff Zuul Gate
This change introduces a Zuul gate that deploys a limited number of
components from the Airskiff site (i.e. memcached) using the Airskiff
site documents.  The purpose of the job is to gate all patches against
an integration of several Airship components (i.e. Armada, Deckhand,
Pegleg, and Shipyard), and exercise their capabilities by deploying
software. This change also creates a framework to allow for future,
robust gates that include other projects (e.g. OpenStack-Helm).

Story: 2004351

Change-Id: I953e0c809d7fe112fd84458a4c6eec6ecadaf010
2018-12-04 21:49:22 +00:00
Drew Walters
d0742e34d6 zuul: Update Zuul nodeset name
This commit seeks to standardize the Zuul nodeset name to match other
projects and the existing `ubuntu-xenial` label.

Change-Id: I199e47da2a3738388aea612e43c0f55ed8bf2366
2018-12-04 21:49:22 +00:00
Drew Walters
4f46b2c5f7 airskiff: Sequence Airship components
Currently, Airskiff does not deploy Airship components in sequence. This
can lead to timeouts due to limited resources, namely when deploying
Shipyard. This commit changes the Airship components to a sequenced
deployment to avoid timeouts due to limited resources.

Change-Id: Ib0f836652d6d96384ddb031cf52175bbeab1cd86
2018-12-04 21:49:22 +00:00
Zuul
65ed3bddc1 Merge "Fix ceph-common package for latest Ubuntu 16.04" 2018-12-04 21:45:57 +00:00
Kaspars Skels
6bb51aef07 Fix ceph-common package for latest Ubuntu 16.04
Change-Id: Id846de049c90ff9a0b97117d531098a7fac9ce2f
2018-12-04 15:15:33 -06:00
Zuul
8924cae09f Merge "Increase api-burst and api-qps to coincide with max-pods" 2018-12-03 21:18:51 +00:00
Jenkins Uplifter
7ea5f760e8 Auto chart/image uplift to latest
Change-Id: Ibb095520408cefca26ec7b201f58a9a312231307
v18.12.03
2018-12-02 05:16:19 +00:00
Dejaeger, Darren (dd118r)
26dec3d4e4 Increase api-burst and api-qps to coincide with max-pods
This PS increases the kubelet's api-burst and api-qps params to
better coincide with what the max-pods param allows.

Change-Id: I352bbd26f2657ee6c1ec64930a983f2c2dc824fc
2018-11-30 17:22:29 -05:00
Zuul
3627e4249a Merge "Change airskiff manifest to deploy local airship" 2018-11-30 19:45:06 +00:00
Zuul
9d35677771 Merge "Remove Nagios image override (use chart's default)" 2018-11-30 17:46:53 +00:00
Zuul
adc66b0e6f Merge "airskiff: Disable openstack-compute-kit sequencing" 2018-11-30 16:13:33 +00:00
Kaspars Skels
ce11adf5c6 Remove Nagios image override (use chart's default)
Change-Id: I1945b1d0982162aebafc5d0c85b7dbfba41aec28
2018-11-30 15:31:46 +00:00
Jenkins Uplifter
332cd073a0 Auto chart/image uplift to latest
Change-Id: I3958eeecc01fc1e976e82643797eb398a7368b85
2018-11-30 13:49:54 +00:00
Jenkins Uplifter
59375fe4b3 Auto chart/image uplift to latest
Change-Id: If4bde402485a04b9437c7a5c5e1b39e274e456ad
2018-11-29 17:30:21 -06:00
Drew Walters
9c4abfd5de airskiff: Disable openstack-compute-kit sequencing
Charts in the `openstack-compute-kit` chart group are deployed in
sequence.  Currently, `libvirt` can fail while waiting for dependencies
from `neutron`. This commit disables sequencing for the
`openstack-compute-kit` chart group to allow for dependencies.

Change-Id: Id59cd22a6f548066414899df44d3067255936d17
2018-11-29 19:20:21 +00:00
Kaspars Skels
577e93a86d Cleanup Airship image overrides
Change-Id: I3898ab4e7a3e9afa4bd1ec176313c0eac15dbdb0
2018-11-28 22:09:15 -06:00
Zuul
94ec5eac0d Merge "zuul: Add site linting gates" 2018-11-27 18:38:59 +00:00
Zuul
d5e2d29f62 Merge "Include Docker in the initial setup step" 2018-11-27 18:34:32 +00:00
Zuul
5efc93f38b Merge "Set kernel.randomize_va_space = 2" 2018-11-27 18:25:11 +00:00
Matt McEuen
1eaac93df2 Change airskiff manifest to deploy local airship
The airskiff 005-make-airship.sh deployment script clones
the armada, shipyard, deckhand, and OSH projects locally with
the intention of deploying them.  However, the Armada static
chart documents (airship.yaml) were configured to pull them
from git during a deployment.

This change modifies the Armada charts to use the local clones.
This is helpful in situations where a developer is making local
changes to one of the Airship projects -- they can just rerun
the 030-armada-bootstrap.sh script to deploy their local changes
to the running cluster. Same goes for testing changes OSH charts
like barbican, mariadb etc that run in the undercloud deployed
by airskiff.

Change-Id: Ice6a64922d13c8aca277b48d2d5266ab1d06c0f3
2018-11-26 16:56:36 -06:00
Dimitrios Markou
096b3c374e Include Docker in the initial setup step
Docker should be installed in the Genesis node because
is a requirement for the miniMirror container

Change-Id: I0b603e2b1f79301d19e9f84210d87401f3ed757f
Signed-off-by: Dimitrios Markou <dm844v@att.com>
2018-11-26 13:28:03 -06:00
Drew Walters
ad01c813a0 zuul: Add site linting gates
With the integration of the airskiff site in Treasuremap, there is a
need for Zuul site linting gates to ensure that all sites are still
syntactically valid when changes are made to global documents. This
change introduces linting gates for both treasuremap sites, airskiff and
airship-seaworthy.

Story: 2004349
Change-Id: I69dc68bf49b02543f8a2def5841dae7cb5824bd6
2018-11-21 12:48:18 -06:00
Jenkins Uplifter
0ad50a083b Auto chart/image uplift to latest
Change-Id: I7548cc54ed20e9fad09b62d88e6e9627b12a3983
2018-11-16 21:07:14 +00:00
Jenkins Uplifter
7b49f9402e Auto chart/image uplift to latest
Change-Id: I2d2929de0324fa36c31acb76073d67f57506aa35
2018-11-16 05:28:37 +00:00
Jenkins Uplifter
61d69ae3e9 Auto chart/image uplift to latest
Change-Id: Id6e3e4550be1e1e0a7d84405858f131f20ddeea0
2018-11-15 21:23:22 +00:00
Zuul
b0347bd6c3 Merge "site: Add Airskiff site" 2018-11-14 22:17:54 +00:00
Zuul
bcf85d7363 Merge "global: Add labels to OSH charts for Airskiff site" 2018-11-14 22:05:34 +00:00
Crank, Daniel (dc6350)
7ab2793aa9 Set kernel.randomize_va_space = 2
Set the kernel tunable "randomize_va_space" to 2
to prevent buffer overflow exploits.

Change-Id: I19ccabf7dd7c63bf2030c5d6d4275ce6b29166c1
2018-11-14 13:45:36 -06:00
Zuul
bdfcc8af40 Merge "Add labels to Airship/Undercloud components" 2018-11-13 16:46:58 +00:00
zhouxinyong
84717befeb Modify mutiple world in authoring_and_deployment.rst
Change-Id: Ibd0a346ba19f4872cf4d6f308d47eb8118666328
2018-11-13 00:44:27 +08:00
zhouxinyong
1c146b47cd Fix mutiple world in authoring_and_deployment.rst
Change-Id: Iada0e679ae6d2e44d0d6dcd08a471bfdafdfc163
2018-11-13 00:44:08 +08:00
Drew Walters
ba0d16dc52 site: Add Airskiff site
This change introduces Airskiff (see [0]), a development/learning environment
for the software delivery components of Airship, to the Airship-Treasuremap
repository. This change also adds a set of scripts accompanied by documentation
for easy deployment. During deployment, Armada, Deckhand, Pegleg, and Shipyard
are downloaded and built from source. Gate scripts from the OpenStack-Helm
project deploy a KubeADM-adminstered cluster. Armada deploys Armada, Deckhand,
and Shipyard into the cluster. The Airship components deploy OpenStack using
the documents provided by the Airskiff site. Airskiff is not safe for
production and should not be duplicated for production usage.

[0] https://github.com/mattmceuen/airskiff

Depends-On: https://review.openstack.org/#/c/613686/
Depends-On: https://review.openstack.org/#/c/614032/
Change-Id: Iae1efcca0812b98a9ad05aa8b869bdccfdb7e44b
2018-11-10 22:01:35 +00:00
Drew Walters
9f23510653 global: Add labels to OSH charts for Airskiff site
The Airskiff site needs the ability to override charts that have
multiple replicas or utilize Prometheus. This commit adds labels to
OpenStack-Helm charts and chart groups that will be overriden in the
Airskiff site. Charts are labeled with name and component selectors to
match existing labels on select charts and leave the `airship-seaworthy`
site unaffected.

Change-Id: I24d69afe70fbee35d3b21b8803eb64a81ed5376e
2018-11-10 20:51:15 +00:00
Bryan Strassner
d7191d4352 Add labels to Airship/Undercloud components
In support of flexibility for document replacement at a site level

Change-Id: Idfcb159be2f84d28093cc93214c5c929777361d2
2018-11-09 14:25:54 -06:00
Steve Wilkerson
0d0a03272d Elasticsearch: Fix storage config, add label config for tests
This updates the Elasticsearch chart to use the correct
overrides for changing the default PVC size to something more
appropriate. This also includes the label configuration used for
selecting a node for the test pods.

Change-Id: I94366792ef89d709e8fcf50262deccdc724e3a2a
2018-11-09 08:56:18 -06:00
Jenkins Uplifter
5444aa73c2 Auto chart/image uplift to latest
Change-Id: I6638dc4f916cc193d71be41769b50189e3d5d0de
2018-11-09 11:19:30 +00:00
Zuul
c3a6970fd1 Merge "Pegleg CLI: encrypt decrypt secrects" 2018-11-09 05:55:26 +00:00
Kaspars Skels
e979dcb590 [fix] Set proper job waiting labels for osh-infra rgw
Change-Id: I90f2f0b4de6592f7263cd3d4104d2ffdae926132
2018-11-08 23:04:23 -06:00
Ahmad Mahmoudi
4484abf816 Pegleg CLI: encrypt decrypt secrects
Added pegleg CLI commands to encrypt and decrypt secrets.

Change-Id: Icd77d89aeddc1ce7222c293af13b51c47e175e7f
2018-11-08 23:16:33 +00:00
Bryan Strassner
899a83c762 Update Genesis schema to include domain parameter
Updates the Genesis schema to match that which is specified in
Promenade's current codebase.

Change-Id: I479453150886a2b5743874cbf424f956fec0d3d6
2018-11-07 14:51:31 -06:00
Steve Wilkerson
7705bba7e2 OSH-Infra: Update monitoring chart configs
This updates chart configuration overrides for the monitoring
services, as well as adds missing secrets, charts and service
accounts for other exporters that have now been enabled

Change-Id: Ia1ed7bba38d7c262e85de8162d53012cdadf487e
2018-11-06 17:09:55 -06:00
Steve Wilkerson
0a1ba88004 Update Elasticsearch and Fluent-Logging configurations
This updates the Elasticsearch and Fluent-logging charts to use
the most recent configuration keys in their values overrides, and
also introduces support for the ceph-rgw s3 api for use for
Elasticsearch snapshot repositories

Change-Id: Ia998db9006350a22fcc7dc3052301d7a5b8259f4
2018-11-05 15:07:09 -06:00
Kaspars Skels
15ef036535 Enable site manfiest push to Artifactory
- rquired by Shipyard library

Change-Id: I640c89d096539998050c7d9f982500a0de9835f4
2018-10-31 13:46:20 +00:00