Uplift airshipctl to version with new phases.
Add phases from zuul job in deploy-airship-core-gating.
Relates-To: #166
Change-Id: I98b605d16940fab2a728e4646e52c7d1ad992c2d
As HelmRepository resource used by dex-aio was renamed and moved
airshipctl/manifest/function/helm-chart-repository,
airship-core (workload) and multi-tenant (workload) types were updated accordingly.
Relates-To: #135
Change-Id: Ia4bd9af2d388b921c18e62e770a2a6d0744cbee8
* Remove the local copy of workers-capm3 from treasuremap and
re-use the workers-capm3 function from airshipctl
* include workers-capm3 at type level
Change-Id: I843c7412d8b551219cbd679ab5cbb28408d98a95
This copies the hcc functions from airshipctl into treasuremap.
They are not used in the airshipctl repo, and thus having them
there doesn't add value, and also led to issues which were
not uncovered until we uplifted airshipctl in treasuremap [0].
This moves them to treasuremap where they are actually used.
They will need to be removed from airshipctl separately.
[0]: https://review.opendev.org/c/airship/airshipctl/+/794707
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Change-Id: Ief295eaa9b84b4303add537b3526b425c91014e6
I'm splitting these changes from [0] for clarity.
This change fixes various indentation errors/ key placements in LMA
functions.
Also fixes a validation error in the test-site's workload
replacements
[0] https://review.opendev.org/c/airship/treasuremap/+/793106
Change-Id: I9f252cf067e30de6e961edaa412ab87a902918de
This integrates the airshipctl change to externalize KRM
function versions [0].
The KRM function versions used in the manifests are updated to those
which the airshipctl deployment scripts now resolve to the "in tree"
locally built images, as both sourced via AIRSHIPCTL_REF.
[0]: https://review.opendev.org/c/airship/airshipctl/+/790507
Depends-On: https://review.opendev.org/c/airship/airshipctl/+/790507
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Change-Id: I61b29fda93b9d70c47612ebd1bfdcd348cc63a0f
Change in the vino networking model to accomodate pxe network
(https://review.opendev.org/c/airship/vino/+/793652) has made the iptables
update in the vm-infra-bridge manifesst unnecessary.
This PS removes the iptables related entries.
Change-Id: I0eb530b17302f34c3eaee83ca6fd454c665f7e73
The workload entrypoint does not have an replacements directory, meaning
that each function's replacements must be listed at the site level.
Relying on calling a function's replacements can be unreliable when
making changes at the type level because entrypoints also have to be
updated at the site level. This change adds a replacements entrypoint
for the workload phases so that changes can be made at the type level
without changing each site.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I450fb5e57967b1fe0b585f85686b558962338d90
Added sample calico v3 global network policy and hostendpoint for controlling
traffic flow between sub-clusters.
Also, adds Calico hostendpoints with labels for oam, ksn and vm-infra-bridge.
Relates-To: #131
Closes: #131
Change-Id: I1bb0b1e450b9f78fe1ee77abb0ff12eea72873a5
The host-inventory entrypoint of the virtual-network-cloud site is using
the old cleanup method, which has been removed. This change updates it
to use the new cleanup function. This change also re-enables voting for
the virtual-network-cloud deployment job.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Ib09125a9c5e7c61f314f1962f89efef51c5ead58
Work on this minio chart has been halted, so we need an alternative
S3 provider in the long term (#111). Removing references to this function
and associated CRs from airship-core deployments and the lma-configs
composite
Also, taking the opportunity to move our cluster flow & output
definitions out of the logging-operator-logging HelmRelease and
into proper CR documents
Relates-To: #111
Relates-To: #150
Change-Id: Id4b4b8d07fb6b38ba033e76a015d8703efca727a
port_range is not part of networking schema and it is neither
defined in subcluster network catalog nor used for any purpose.
Change-Id: Ife7fd2d113221a9a6a458ba89b8c03bc3e2ec865
Storage configuration for Rook is currently located within the
airship-core type; however, the multi-tenant type no longer inherits
this configuration from the airship-core type. This change introduces a
new composite, storage-cluster, to share the configuration between both
types.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Ib10098b38466725f00d9ec9d48058cd269544a3a
The rook-operator is deployed in the multi-tenant type; however, the
replacements do not accompany the deployment of the rook-operator
function. This change adds the rook-operator replacements to the
multi-tenant initinfra phase so that the replacements are used for the
rook-operator function.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Iddb948c120b02b152f752650904ce2ebfc4394f9
This change introduces a function for deploying the community
prometheus-easticsearch-exporter chart, and adds it to our
elastic-stack composite.
Upon review it was found that the chart version was being
replaced at the incorrect yaml path accross all LMA components,
so these replacements are corrected in this PS as well.
Change-Id: Iad973f4a16d9985a639c3c6927d9f74cd57f4910
This change adds a composite to treasuremap for deploying
Elasticsearch & Kibana in the lma-stack phase
Co-Authored-By: gs909v <graham.steffaniak@att.com>
Change-Id: I6b4a9b1787f9daae9889084cb2dde483b815186e
This moves to the latest version of SIP:
f9226befbd49e4eba8909aa430ce7407551bba62
This version includes a workload load balancer service, for
which configuration is added.
Closes: #146
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Change-Id: I1820b408559bc51d86a62d7d4aad10c458890354
Note:
1. As per the latest conclusion, Dex and SIPCluster would be deployed on same namespace, hence dex function added to same Kustomization file
2. As a part of Issue# 136 for catalogue, there would be another patchset to make nodeport flexible
Change-Id: I53b2bb33278dd229450c305ad2e15476d8796073
- The HelmRepository url replacement would overide the
entire contents of .spec, removing the interval
parameter which was defined in the originaldocument
- Update Chart and Image Versions
Change-Id: I09cb9f6d68bc5e73a46d1cf17e72d2437b61eb1e
This change corrects the vm-infra-bridge creation script to set
the iptable rule for masquerade to use the host oam vlan and
updates the vlans to match the multi-tenant site configuration.
Change-Id: If288ed63628658f4e461f512f853b384f0eaeba4
This PS is to update the Rook yaml files for version v1.6.2. Additionally, the version of Ceph is upgraded to v15.2.11 and Ceph-CSI is upgraded to v3.3.1.
v1.6 provides a few features the storage team wants:
* The operator supports upgrading multiple OSDs in parallel
* LVM no longer used to provision OSDs by default
* Monitor failover can be disabled if needed
* Operator support for Ceph Pacific (v16)
* Ceph 15.2.11 by default
* CephClient CRD standardized to controller-runtime library (kubebuilder)
https://github.com/kubernetes-sigs/controller-runtime
* Pod Disruption Budgets enabled by default.
https://github.com/rook/rook/blob/master/design/ceph/ceph-managed-disruptionbudgets.md
More notes:
* There are many indentation changes in common.yaml
* There is now a variable in operator.yaml for enabling host networking for the CSI pods. Default is to use host network.
* CSI image updates:
ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.3.1"
ROOK_CSI_SNAPSHOTTER_IMAGE: "k8s.gcr.io/sig-storage/csi-snapshotter:v4.0.0"
* There is a very large update to crds.yaml largely due to the controller-runtime being employed.
* Ceph 15.2.11 needed for CVE-2021-20288
Change-Id: I5cf0cf63bfcf4b0ea1d242d6eae2f53adda7be5e
1. Reflecting changes done in [1] to treasuremap.
2. Changing airshipctl ref to [1]
3. Making static validation work, since it was merged before [1]
4. Adding dex.ldap.bind_password to imported secrets
5. Adding dex.oidc.clientSecret to generated secrets
6. Due to the added new site - increasing the validation timeout
7. Adding replacement for [2]
[1]
https://review.opendev.org/c/airship/airshipctl/+/786286
[2]
https://review.opendev.org/c/airship/treasuremap/+/788991
Relates-To: #128
Change-Id: I473ace3d7aae85ebe76b73253108c6f1b6ca6e95
Some phase entrypoints were missing in the multi-tenant type when the
baremetal reference-multi-tenant-site was created. When the multi-tenant
type was disassociated from the airship-core type [0], those entrypoints
were created and added to all virtual sites; however, the reference
multi-tenant site was not updated. This change fixes those references in
the reference-multi-tenant site.
[0] https://review.opendev.org/c/airship/treasuremap/+/786888
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Icc346615a1a6de9cfd4a93e9b8a89a4cd0a640e0
This commit removes the relationship between the multi-tenant and
airship-core types. Since the airship-core type deploys LMA, adding an
LMA sub-cluster to the multi-tenant type would result in deployment of
the LMA stack twice if the inheritance is not removed.
Closes: #116
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Ie7dd236af3836d904e41df866e0c2351b7cb0558
- Added vm-infra-bridge/workers-capm3 function
for supporting kubeadmConfigTemplate
- Added k8scontrol-vm-bridge function dir
to house vm-infra-bridge (controlplane)
- Added a new VariableCatalogue to support
vm networking in multi-tenant/shared.
- Added a new systemd service vm-infra-bridge to
handle persistence of bridge and NATing info.
Relates-To: #122
Closes: #122
Change-Id: I5585b05be9e68976e402d025ddc8578870c137f1
This is to add support for creating storageclasses for pv/pvc.
- block-storage-sc
- cephfs-storage-sc
Change-Id: I30471d8d6515a22bcf7c9628c804e6c72191be7a
* cephcluster fails to bring up 3 mons with 2 nodes
* reducing the mon count to 1 for test-site
Error: "start 3 mons on 2 node(s) when allowMultiplePerNode is false"
Change-Id: I140252692c10307eb40f68d5fd18cafeb696cfa2
This patchset integrates the ControlPlane's API server, Dex and LDAP IdP.
The "oidc-apiserver-flags.json" JSON patch file is tailored to the
baremetal operator. It also uses a FQDN for "dex-aio" service that is
not resolvable by the DNS.
This patchset depends on https://review.opendev.org/c/airship/charts/+/785540
which is used to deploy Dex using the function dex-aio. See
treasuremap/manifest/function/dex-aio for implementation details.
Change-Id: I263a5370e6416a7ef7e2813ff362622f49ca4a3c
This change adds a reference site for the multi-tenant type, adapted
from the airship-core reference site.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I7e1518f6fc960ba49d40af79e4bb052251ce749a
The current sub-cluster type implementation does not include any phases
to deliver the SIPCluster CR or the machine templates required for
provisioning a sub-cluster. This change adds the phases to the
sub-cluster type so they can be reused across sub-clusters.
Change-Id: I708cd087749474c2d73b8dca0318b09e86dca0c1
This change adds a basic storage configuration for the stl3 lab for
testing purposes.
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I8d16def2acb0df6aa0dc4302f22d99a7c7cbdbda
Additionally edited a few instructions of some existing NEWSUTE tag
Signed-off-by: James Gu <james.gu@att.com>
Change-Id: I6776f5e36ec16f307256362f8aa3720b6399246f
Vladislav Kuzmin
sa069q
Ian Howell
Sirajudeen
Sean Eagan
Chinasubbareddy Mallavarapu
Steven Fitzpatrick
Manoj Alva(ma257n)
Drew Walters
Frank Ritchie
Ratnopam Chakrabarti
Andrii Ostapenko
Reddy, Hemachandra (hr858f)
Arijit Bose
gs909v
Kostiantyn Kalynovskyi
Egler, Jess (je808k)
vs422h
Alexey Odinokov
Shiba, Sidney
James Gu
Sreejith Punnapuzha