936 Commits

Author SHA1 Message Date
Steven Fitzpatrick
fdcac8d9fb Add elasticsearch-exporter to our elastic-stack
This change introduces a function for deploying the community
prometheus-easticsearch-exporter chart, and adds it to our
elastic-stack composite.

Upon review it was found that the chart version was being
replaced at the incorrect yaml path accross all LMA components,
so these replacements are corrected in this PS as well.

Change-Id: Iad973f4a16d9985a639c3c6927d9f74cd57f4910
2021-05-26 19:48:18 +00:00
gs909v
4bf27930e9 Treasuremap Elasticsearch & Kibana
This change adds a composite to treasuremap for deploying
Elasticsearch & Kibana in the lma-stack phase

Co-Authored-By: gs909v <graham.steffaniak@att.com>
Change-Id: I6b4a9b1787f9daae9889084cb2dde483b815186e
2021-05-26 05:32:41 +00:00
Zuul
b850bc140f Merge "Uplift VINO function" 2021-05-25 22:10:12 +00:00
Kostiantyn Kalynovskyi
70f4b92003 Uplift VINO function
Closes: #145
Change-Id: Id47007f762aebf2faee36c384c754eddb4982960
2021-05-25 15:47:45 +00:00
Sean Eagan
869b0da10f Uplift SIP
This moves to the latest version of SIP:
f9226befbd49e4eba8909aa430ce7407551bba62

This version includes a workload load balancer service, for
which configuration is added.

Closes: #146
Signed-off-by: Sean Eagan <seaneagan1@gmail.com>
Change-Id: I1820b408559bc51d86a62d7d4aad10c458890354
2021-05-25 10:21:10 -05:00
Zuul
3ec45406b2 Merge "Add forwarding for vm-infra-bridge" 2021-05-24 22:13:00 +00:00
Zuul
8f013394a0 Merge "Dex deployment for subclusters using existing dex HelmRelease in treasuremap" 2021-05-24 22:12:57 +00:00
Zuul
7a7de3fc9d Merge "Update substitutions for lma components" 2021-05-24 19:19:53 +00:00
Zuul
100a7388c6 Merge "Rename lma-infra namespace to lma" 2021-05-24 19:19:50 +00:00
sa069q
88d18fa126 Dex deployment for subclusters using existing dex HelmRelease in treasuremap
Note:
1. As per the latest conclusion, Dex and SIPCluster would be deployed on same namespace, hence dex function added to same Kustomization file

2. As a part of Issue# 136 for catalogue, there would be another patchset to make nodeport flexible

Change-Id: I53b2bb33278dd229450c305ad2e15476d8796073
2021-05-24 22:17:48 +05:30
Steven Fitzpatrick
e19661d6a0 Update substitutions for lma components
- The HelmRepository url replacement would overide the
  entire contents of .spec, removing the interval
  parameter which was defined in the originaldocument

- Update Chart and Image Versions

Change-Id: I09cb9f6d68bc5e73a46d1cf17e72d2437b61eb1e
2021-05-24 16:09:49 +00:00
Steven Fitzpatrick
e76545b4be Rename lma-infra namespace to lma
Change-Id: If4ec8ef12b0ee7653ce5e3f26abad4b104f7110d
2021-05-24 16:07:25 +00:00
siraj.yasin
0c092bbc6a Fix the regex with job trigger filter
Change-Id: I0489ea1485f95f46c6794578c8c47d41598ac3e7
2021-05-24 12:45:52 +00:00
Zuul
ee9403fb1c Merge "Changes in dex function to work for both target cluster as well as sub-clusters along with few enhancements" 2021-05-22 14:15:35 +00:00
Andrii Ostapenko
76d8a8da62
Add forwarding for vm-infra-bridge
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
Change-Id: I07dbb044571ec683e5c0a432d53aee759f718a26
2021-05-21 18:52:42 -05:00
Zuul
db5442ce14 Merge "Update deployment job voting status" 2021-05-21 22:59:49 +00:00
Zuul
6026c86e4d Merge "Updates vm-infra-bridge iptables vlan" 2021-05-21 18:11:06 +00:00
Zuul
e0d394588d Merge "Add filter rules to Job trigger" 2021-05-21 14:20:41 +00:00
Zuul
21a00b96e6 Merge "Fix incorrect reference-airship-core type refs" 2021-05-21 14:20:33 +00:00
Drew Walters
8ca990371d Update deployment job voting status
Now that the site deployment jobs are green and reliable, make them
voting so that breaking changes are not introduced.

Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I69cede69807f3d018f87cd3a52d7ef03291232af
2021-05-21 13:56:39 +00:00
Egler, Jess (je808k)
6f6a7d46dc Updates vm-infra-bridge iptables vlan
This change corrects the vm-infra-bridge creation script to set
the iptable rule for masquerade to use the host oam vlan and
updates the vlans to match the multi-tenant site configuration.

Change-Id: If288ed63628658f4e461f512f853b384f0eaeba4
2021-05-20 21:08:29 +00:00
siraj.yasin
17a9ccfae7 Add filter rules to Job trigger
* Trigger deployment job only when relevant files are updated and
  ignore on any document updates

Change-Id: Icac40a35071950639ca04593662e9e6d460519a3
2021-05-20 20:57:28 +00:00
Frank Ritchie
e7130f4301 Updates for Rook 1.6.2 and Ceph 15.2.11
This PS is to update the Rook yaml files for version v1.6.2. Additionally, the version of Ceph is upgraded to v15.2.11 and Ceph-CSI is upgraded to v3.3.1.

v1.6 provides a few features the storage team wants:

* The operator supports upgrading multiple OSDs in parallel
* LVM no longer used to provision OSDs by default
* Monitor failover can be disabled if needed
* Operator support for Ceph Pacific (v16)
* Ceph 15.2.11 by default
* CephClient CRD standardized to controller-runtime library (kubebuilder)

https://github.com/kubernetes-sigs/controller-runtime

* Pod Disruption Budgets enabled by default.

https://github.com/rook/rook/blob/master/design/ceph/ceph-managed-disruptionbudgets.md

More notes:

* There are many indentation changes in common.yaml
* There is now a variable in operator.yaml for enabling host networking for the CSI pods. Default is to use host network.

* CSI image updates:

ROOK_CSI_CEPH_IMAGE: "quay.io/cephcsi/cephcsi:v3.3.1"
ROOK_CSI_SNAPSHOTTER_IMAGE: "k8s.gcr.io/sig-storage/csi-snapshotter:v4.0.0"

* There is a very large update to crds.yaml largely due to the controller-runtime being employed.

* Ceph 15.2.11 needed for CVE-2021-20288

Change-Id: I5cf0cf63bfcf4b0ea1d242d6eae2f53adda7be5e
2021-05-20 17:58:01 +00:00
sa069q
f0aa07c82f Changes in dex function to work for both target cluster as well as sub-clusters along with few enhancements
Depends-On: https://review.opendev.org/c/airship/airshipctl/+/792316

Change-Id: I13f97faec5523b6ae86cd0a578d4b76c8c1344a2
2021-05-20 22:38:15 +05:30
Alexey Odinokov
2946a13806 Adding a place for external secrets to be stored on site level
1. Reflecting changes done in [1] to treasuremap.
2. Changing airshipctl ref to [1]
3. Making static validation work, since it was merged before [1]
4. Adding dex.ldap.bind_password to imported secrets
5. Adding dex.oidc.clientSecret to generated secrets
6. Due to the added new site - increasing the validation timeout
7. Adding replacement for [2]

[1]
https://review.opendev.org/c/airship/airshipctl/+/786286

[2]
https://review.opendev.org/c/airship/treasuremap/+/788991

Relates-To: #128
Change-Id: I473ace3d7aae85ebe76b73253108c6f1b6ca6e95
2021-05-20 05:34:19 +00:00
Drew Walters
a84f980a21 Fix incorrect reference-airship-core type refs
Some phase entrypoints were missing in the multi-tenant type when the
baremetal reference-multi-tenant-site was created. When the multi-tenant
type was disassociated from the airship-core type [0], those entrypoints
were created and added to all virtual sites; however, the reference
multi-tenant site was not updated. This change fixes those references in
the reference-multi-tenant site.

[0] https://review.opendev.org/c/airship/treasuremap/+/786888

Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Icc346615a1a6de9cfd4a93e9b8a89a4cd0a640e0
2021-05-20 05:28:11 +00:00
Drew Walters
1534abf6ad Remove multi-tenant type inheritance
This commit removes the relationship between the multi-tenant and
airship-core types. Since the airship-core type deploys LMA, adding an
LMA sub-cluster to the multi-tenant type would result in deployment of
the LMA stack twice if the inheritance is not removed.

Closes: #116

Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Ie7dd236af3836d904e41df866e0c2351b7cb0558
2021-05-18 20:54:48 +00:00
Zuul
dd5a42e4eb Merge "Support for vm-infra-bridge" 2021-05-18 16:51:12 +00:00
Zuul
ea6f382fba Merge "Remove verify hwcc from default scripts" 2021-05-18 16:04:16 +00:00
Manoj Alva(ma257n)
64bc219f9a Support for vm-infra-bridge
- Added vm-infra-bridge/workers-capm3 function
  for supporting kubeadmConfigTemplate

- Added k8scontrol-vm-bridge   function dir
  to house vm-infra-bridge (controlplane)

- Added a new VariableCatalogue to support
  vm networking in multi-tenant/shared.

- Added a new systemd service vm-infra-bridge to
  handle persistence of bridge and NATing info.

Relates-To: #122
Closes: #122
Change-Id: I5585b05be9e68976e402d025ddc8578870c137f1
2021-05-18 09:07:09 +00:00
Zuul
2940a34610 Merge "Remove labeling from scripts" 2021-05-18 00:20:26 +00:00
Zuul
2b498c5716 Merge "[ceph] Add support to create storageclasses" 2021-05-17 18:37:11 +00:00
Sreejith Punnapuzha
761b1b049f Remove labeling from scripts
This commit removes assigning labels from deployment scripts. Labeling
will be managed via KubeadmControlPlane templates.

Signed-off-by: Sreejith Punnapuzha <Sreejith.Punnapuzha@outlook.com>
Change-Id: I17ebd6663663b6e456e9e968a9f1468295c6232c
2021-05-17 12:25:00 -05:00
Zuul
20a013f9df Merge "Treasuremap - Dex, API server & LDAP integration" 2021-05-17 16:45:05 +00:00
Chinasubbareddy Mallavarapu
862dfd6e74 [ceph] Add support to create storageclasses
This is to  add support for creating storageclasses for pv/pvc.
  - block-storage-sc
  - cephfs-storage-sc

Change-Id: I30471d8d6515a22bcf7c9628c804e6c72191be7a
2021-05-17 14:02:18 +00:00
siraj.yasin
995ae36600 Remove verify hwcc from default scripts
* This playbook is used in thrid party gates and
  it is failing at verify hwcc stage which is removed recently.

Change-Id: I7266a81d87886f7ca4d04fe1f9e360f948dd54a9
2021-05-17 13:07:31 +00:00
siraj.yasin
2d035c8e3c Fix for Zuul gate with test-site deployment
* cephcluster fails to bring up 3 mons with 2 nodes
* reducing the mon count to 1 for test-site
Error: "start 3 mons on 2 node(s) when allowMultiplePerNode is false"

Change-Id: I140252692c10307eb40f68d5fd18cafeb696cfa2
2021-05-14 14:49:21 +00:00
Zuul
e0a44391f2 Merge "Add reference multi-tenant site" 2021-05-12 18:20:43 +00:00
Zuul
672858f0dc Merge "Update validate site docs job timeout" 2021-05-12 15:39:50 +00:00
Zuul
8ea44e237a Merge "multi-tenant: update based on stl3 deployment" 2021-05-12 15:32:09 +00:00
Shiba, Sidney
aefb4cba22 Treasuremap - Dex, API server & LDAP integration
This patchset integrates the ControlPlane's API server, Dex and LDAP IdP.

The "oidc-apiserver-flags.json" JSON patch file is tailored to the
baremetal operator. It also uses a FQDN for "dex-aio" service that is
not resolvable by the DNS.

This patchset depends on https://review.opendev.org/c/airship/charts/+/785540
which is used to deploy Dex using the function dex-aio. See
treasuremap/manifest/function/dex-aio for implementation details.

Change-Id: I263a5370e6416a7ef7e2813ff362622f49ca4a3c
2021-05-12 14:48:48 +00:00
Drew Walters
39e624fdfb Add reference multi-tenant site
This change adds a reference site for the multi-tenant type, adapted
from the airship-core reference site.

Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I7e1518f6fc960ba49d40af79e4bb052251ce749a
2021-05-11 20:46:59 +00:00
Drew Walters
e046a3d5f1 Update validate site docs job timeout
Additional sites in Treasuremap mean that the runtime of this job is
longer. This change updates the timeout to accommodate additional sites.

Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: I05a8ca5200cc5e987f0c15884434f5c5d01dfcd8
2021-05-11 20:46:55 +00:00
Zuul
7743cae6d9 Merge "Disable Verify HWCC gate script" 2021-05-11 17:09:25 +00:00
Arijit Bose
19d7fb11ef multi-tenant: update based on stl3 deployment
Change-Id: I1d0ca2d6613f5065187c8fcb387d23d75046e7b3
2021-05-11 11:43:19 -05:00
Zuul
39df8d69ff Merge "Add LMA sub-cluster" 2021-05-11 15:28:58 +00:00
Zuul
cd8ac4924f Merge "Add target infra phases to sub-cluster type" 2021-05-11 00:09:20 +00:00
siraj.yasin
11bf0c983f Disable Verify HWCC gate script
* HWCC was removed in this PS
  https://review.opendev.org/c/airship/treasuremap/+/787003

* Currently Zuul gate is passing all the stages except the last
  verify hwcc step.

* Zuul gate for treasuremap deploy test site should be green with this PS

Change-Id: I753a59d58c5ed605d418a1c695a5cd960e5135fa
2021-05-10 16:40:50 +00:00
Andrii Ostapenko
65900053f9 Switch to StorageCatalogue and delete deprecated cleanup patches
Change-Id: Icaa9bc2dfef2e52839421dbe2d9888d6ff779440
Signed-off-by: Andrii Ostapenko <andrii.ostapenko@att.com>
2021-05-07 17:19:28 +00:00
Drew Walters
74b505bcad Add LMA sub-cluster
Signed-off-by: Drew Walters <andrew.walters@att.com>
Change-Id: Iaab08092894c74447fc27a8cc29d81b94eccd89e
2021-05-06 19:44:03 +00:00