Override default "metadata_proxy_shared_secret" parameter.
This secret is used by Neutron to sign instance-id headers
to prevent spoofing when proxying metadata requests.
Change-Id: I771d7f818a18b82d55bf781d71fc95114ac7e78c
Sloop type/site is a minimalistic approach to Airship with reduced
requirements towards hardware and external dependencies while keeping
all the functional features.
Major differences compared to reference site airship-seaworthy
- Two bare-metal server setup with 1 control, and 1 compute.
Most components are scaled to a single replica and doesn't carry
any HA as there is only a single control plane host.
- No requirements for DNS/certificates.
HTTP and internal cluster DNS is used.
- Ceph set to use the single (root) disk. This generally
provides minimalistic no-touch ceph deployment.
No replication of ceph data (single copy).
- Simplified networking (no bonding).
Two network interfaces are used by default (flat PXE, and DATA network
with VLANs for OAM, Calico, Storage, and OpenStack Overlay)
- Generic hostnames used (airsloop-control-1, airsloop-compute-1) that
simplifies generation of k8s certificates
- Usage of standard Ubuntu 16.04 GA kernel (as oppose to HWE)
Change-Id: I4944fcae7d29ed8799d810c93efb0120b6b3a105
During the initial configuration it's required to
configure a set of valid certificates for ingress.
Make it more explicit so people don't miss this step.
Change-Id: Ie6477f934688467b7d5dfe1cc8191f6acff29a21
This is to represent specific partitions for journals
instead of whole disk, ceph charts will create journal partitions
and default size is 10GB
Change-Id: I0f032a0d87396fe44f1179b3104ed446cc448d28
Updates to use new Shipyard pod configurations, removes node port use.
Requires Shipyard commit a11e962eef or
newer.
Change-Id: Iff5af45d6b4f60c34d18aad821cf9afa4ea67dda
This parameter has been deprecated in Newton and removed [1] in Ocata.
[1] https://review.openstack.org/#/c/385604/
Change-Id: I4e0130fea0375754cebb4a22d2248346f313fe6d
Currently, the tests for the OSH rabbitmq charts are disabled; however,
the value that disables the chart is sometimes discarded during document
layering because the `.test` value does not get merged with the parent
document. This commit adds an action to merge the test key and disable
the rabbitmq tests.
Change-Id: Ia23042bd03871cc085f69c232a85375571282af6
Kibana chart is configured with elasticsearch and ldap
credentials, so both kibana password and user are not
used for the configuration.
Change-Id: Ic83087b3bc732d539ac2b837f9c925d0e4ee9849
- Use whole disk /dev/sdc format.
- Don't specify partition and let ceph-osd util create
and manage partition.
- On an OSD disk failure, during manintanance window,
Journal partition for failed OSD should be deleted.
This will allow ceph-osd util to reuse space for new partition.
- Disk partition count num will continue to
increase as more OSD fails.
Change-Id: I6900898fb90bcbb1743cd6382c176ad24b6624d7
Transposed characters in the target replacements in
some of the deployment files can lead to unexpected
results (mostly that defaults are used instead of
overrides)
Since defaults were being used before, the endpoint definition needed to
be redefined to use the expected scheme (amqp) and path (/airflow)
Change-Id: I85a58c7b525e29208957845bf25ffbb0111c8f35
* "keystone-api" host is used for internal communication and
it listens on 5000 port.
* "keystone" host is used for public and admin, its port
is 443.
Ensure default host and port match if "host_fqdn_override"
is not specified.
This is also consistent with OSH defaults.
Change-Id: I020c5a3c13ea33849cd794b845427fbe03e914c5
- Due to latest changes client port is no longer exposed directly,
and charts using elastic should use port 80.
This fix relaxes port overrides to allow using chart defaults.
Change-Id: I8dac2d7240f3e8e925340b2479034a059ab85d42
Charts in the `openstack-compute-kit` chart group are deployed in
sequence. Currently, `libvirt` can fail while waiting for dependencies
from `neutron`. This commit disables sequencing for the
`openstack-compute-kit` chart group to allow for dependencies.
Change-Id: Id59cd22a6f548066414899df44d3067255936d17
This change introduces Airskiff (see [0]), a development/learning environment
for the software delivery components of Airship, to the Airship-Treasuremap
repository. This change also adds a set of scripts accompanied by documentation
for easy deployment. During deployment, Armada, Deckhand, Pegleg, and Shipyard
are downloaded and built from source. Gate scripts from the OpenStack-Helm
project deploy a KubeADM-adminstered cluster. Armada deploys Armada, Deckhand,
and Shipyard into the cluster. The Airship components deploy OpenStack using
the documents provided by the Airskiff site. Airskiff is not safe for
production and should not be duplicated for production usage.
[0] https://github.com/mattmceuen/airskiff
Depends-On: https://review.openstack.org/#/c/613686/
Depends-On: https://review.openstack.org/#/c/614032/
Change-Id: Iae1efcca0812b98a9ad05aa8b869bdccfdb7e44b
This updates chart configuration overrides for the monitoring
services, as well as adds missing secrets, charts and service
accounts for other exporters that have now been enabled
Change-Id: Ia1ed7bba38d7c262e85de8162d53012cdadf487e
This updates the Elasticsearch and Fluent-logging charts to use
the most recent configuration keys in their values overrides, and
also introduces support for the ceph-rgw s3 api for use for
Elasticsearch snapshot repositories
Change-Id: Ia998db9006350a22fcc7dc3052301d7a5b8259f4
This is to uplift ceph charts which will Initialize OSDs with a crush
weight of 0 to prevent automatic rebalancing the osds joing the cluster
This also updates the ceph-osd and ceph-mon versions to include the
update to remove the fluentbit sidecar containers. This also
updates fluentd's configuration to target the ceph logs mounted
via the new hostpath
Change-Id: Id912291d47850cd56fc68abaf0e3edadd9a5e31f
- Add tenant ceph manifests in globals
- Add reference overrides for site in airship-seaworthy
- Re-purpose 4th control as an additional compute to total 3.
This allows to maintain proper ceph replication
- Update disk layout to use partitions for journals
Change-Id: I0edf35bd56e4e5253f78c9074d88369283b6fac3
1) UCP -> Airship
2) readthedocs.org -> readthedocs.io (there is redirect)
3) http -> https
4) attcomdev -> airshipit (repo on quay.io)
5) att-comdev -> openstack/airship-* (repo on github/openstack git)
6) many URLs have been verified and adjusted to be current
7) no need for 'en/latest/' path in URL of the RTD
8) added more info to some setup.cfg and setup.py files
9) ucp-integration docs are now in airship-in-a-bottle
10) various other minor fixes
Change-Id: I89458b4367c0fa33297b25c0b9f9413e68485f73
Notable changes
- Ceph client split in provisioner and rgw charts
- Fixes in endpoints/osh-infra
- Multiple charts moved from openstack-helm to openstack-helm-infra
- Hold back MaaS/Drydock helm-toolkit - fixes in charts needed
Change-Id: I790865a4e1ec973b8182d66acad681b99414187c
- Set correct release group prefix
- Remove DNS and HTTPS from endpoints
- Fix external interface for ovs/neutron
- Enable all charts in full-site
- Set versions to known working state
Change-Id: I5ed4cecc3f0034da448d10b79ccb0abf4efc2b86
- Fix missing k8s IP for etcd certs
- Fix release groups for wait labels
- Fix versions that changed since initial manfiests
- Fix barbican override to use loci image
- Add re-generated certs
- Adjust partitions for host profiles
Change-Id: I961886cbaa3a0ce03e836d2392cf81bb74afc26c
Kaspars Skels
Evgeny L
Dimitrios Markou
Chinasubbareddy Mallavarapu
Bryan Strassner
Drew Walters
Vladyslav Drok
Evgeny L
Steve Wilkerson
Roman Gorshunov