Migrate the legacy job to start using our bindep role from zuul-jobs.
This will allow openstack-infra to delete
slave_scripts/install-distro-packages.sh in the future.
Signed-off-by: Paul Belanger <firstname.lastname@example.org>
Zuul only handles .yaml as file extension, so rename the file so that it
Fix the file so that tests work:
* Add kolla-kubernetes-base, it was missing here.
* Fix path of playbooks.
* Remove extra "---" and project name since it's not needed anymore (the
scripted change does not catch this, since it's an invalid file).
* Use legacy nodesets.
1. Added Weave as a working CNI/SDS for inter pod communication.
Weave is far more secure than Canal and gives the user another
option to test and play with.
2. Updated tools, kubernetes, ansible, jinja2 etc. Latest k8s
added and tested.
3. Clean up (-cc) now cleans up docker images much more effectively.
4. Support for Ocata, Pike and Master (Queens)!
5. Support added for customer images in custom repo.
6. Support added for custom tags.
7. Pike and Master Nova work-arounds.
8. Addition of option to run fluent-bit container which now picks
up the logs from containers and forwards to ELK etc.
9. Lots of code and message format consistency.
10. Removal Pike Docker registry work-around - now works with real
images from dockerhub.
11. Cinder V3 API integration (still dev mode).
Support configuring the services to just dump out to stdout/error to
get picked up by docker logging mechanisms. This allows kubectl logs
and kubernetes log plugins to be supported out of the box.
Partially-Implements: blueprint centralized-logging
Partially-Implements: blueprint docker-logging
The switch to Zuulv3 changed the way iptables works, breaking all
the multinode gates. This makes it work again until we can find a
* Add deploy playbook
* Add Dockerfile
* Also uses regular filenames with underscores as key in configmaps
since kubectl creates them from file this way
There is an issue that setup-kubectl.sh and setup-helm.sh can only
download helm and kubectl for X86_64, but it cannot handle other
architectrues like arm64 or ppc64le.
This patch detects architecture and make the script architecture-aware,
so the script can download proper helm and kubectl for the corresponding
arm64 and ppc64le architectures, in addition to X86_64.
Signed-off-by: Kevin Zhao <email@example.com>
Prometheus release v0.8.0 version haproxy_exporter 3 months ago.
All the parameters prefix change from "-" to "--", it's good to
align with it.
Signed-off-by: Kevin Zhao <firstname.lastname@example.org>
Deploying Nova libvirt container with Kolla kubernetes
and pike images has not been possible as the nova-libvirt
container constantly crashes - causing nova api and other
services to not come up.
The issues are a combination of https://review.openstack.org/#/c/492552
and other missing TLS/Qemu issues previously fixed in
kolla-ansible but not ported to kolla-kubernetes.
In particular, turn listen_tls off, and make sure using kvm or
qemu appropriately. However if TLS is enabled, make sure the correct
SSL header is used.
A series of small fixups - primarily to handle libvirt better,
as a result of debugging and fixing libvirt nova issues.
Two new options to edit globals.yaml and cloud.yaml.
Updated default versions for helm and k8s.
Various additions to change and fix bugs.
Cleaner info output at beginning.
nova.conf additions as per deployment guide.
Remove libvirt running on host as well as nasty apparmor.
Feature: give user the options of specifying their own docker
repo. Very useful for running with own images.
Release notes are version independent, so remove version/release
values. We've found that projects now require the service package
to be installed in order to build release notes, and this is entirely
due to the current convention of pulling in the version information.
Release notes should not need installation in order to build, so this
unnecessary version setting needs to be removed.
This is needed for new release notes publishing, see
I56909152975f731a9d2c21b2825b972195e48ee8 and the discussion starting
This tool provides a method to deploy OpenStack on a Kubernetes
Cluster using Kolla and Kolla-Kubernetes on bare metal servers
or virtual machines. Virtual machines supported are Ubuntu and
Versions supported are 4.x (Ocata) and 5.x.
I started developing it as I worked on the project and the
In no way is this supposed to be an official production method.
It is however very simple to use (ko.py eth0 eth1), and I have
verified it on Centos and Ubuntu and Ocata and Pike.
It comes with a 'demo' mode that attempts to explain each step
to the user.
It comes with lots of switches to play with different versions
of all the tools used.
Added a bunch of changes discovered while doing bare-metal
Added contrib/orchestration directory and using this as the
location to host user contributions.
Newer Kubernetes supports a mode that eliminates the need for the
resolv.conf workaround. This removes the workaround and changes
the code to use the new mode.
Kubernetes 1.8 removed some options that we were still using.
This ports the code to use the new way of doing things. It
also bumps canal to the the 1.7 branch that suppots 1.8 too.
Previously Kubernetes only supported init containers stored
in json encoded annotations. This PS switches them all to
use the native initContainer yaml section now.
During testing of VM workload on kolla-kubernetes I
found that the console tab did not work - the
novncproxy_base_url was not replaced by the correct IP Addr.
Remove the code that tried to create this, use the value from
the nova.conf file.
pycrypto is unmaintained for a while and requirements team advises using
pycryptodome or cryptography libraries instead (see openstack-dev thread
genpwd.py uses pycrypto to generate RSA keypair. This commit rewrite
generate_RSA function using python-cryptography while keeping strict 1:1
compatibility with previous code.
In this doc :
after step of deploy Kubernetes with kubeadm, the note is :
If the following issue occurs after running this command:
preflight] Some fatal errors occurred:
/proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
There are two work-arounds:
Add net.bridge.bridge-nf-call-ip6tables = 1 and
net.bridge.bridge-nf-call-iptables = 1 to /etc/sysctl.conf
Type sysctl -p to apply the settings from /etc/sysctl.conf
Type sysctl net.bridge.bridge-nf-call-iptables to
verify the values are set to 1.
Modify preflight] to [preflight].
Modify command 'sysctl net.bridge.bridge-nf-call-iptables' to
'sysctl net.bridge.bridge-nf-call-ip6tables' and