- Drop bay and baymodel tests
- Drop bay and baymodel from controllers
Depends-On: Ib85e4fda8e4ac467bd49590dc72ba5913bb9a19d
Story: 2009104
Task: 42957
Task: 42959
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
Change-Id: Ida2e42c86400438951d9804e3ce122c56a46b94f
Swarm is deprecated. Remove all documentation for swarm to reflect
that.
Also fix up image used, from fedora-atomic to fedora-coreos
Change-Id: I67fa19bf5637e61464e682e7787b795b7604d569
Due to differences in different versions of FCOS 35 [1], users need to
know the exact version of FCOS 35 that are tested and supported.
[1] https://storyboard.openstack.org/#!/story/2010041#comment-201361
Change-Id: Ia040e9f3b0861a57f70cd8397ee02ebe3d32a297
ClusterType Template has been moved to Drivers since Change
I17ba94b0e2000486b5fcbf792991ad98183bd26c. There is no longer any need
to manage drivers since they are now loaded automatically now.
Also removed deprecated config option.
Change-Id: Ie72180b903c0c13b2291482516829bf7d340dd79
As discussed in the PTG, Move the Compatibility Matrix from wiki[1] to
user docs.
The wiki will be retired after this.
[1] https://wiki.openstack.org/wiki/Magnum
Change-Id: I15dd799af58272577d53793417795bf793179598
- Bump also components to upstream manifest versions.
- Add small tool to sync Cinder CSI manifests automatically
Change-Id: Icd19b41d03b7aa200965a3357a8ddf8b4b40794a
Remove all mention of mesos in documentation prior to removing it in
code.
Story: 2009873
Task: 44581
Change-Id: Ib3bc3ee578bd5e3fd8124ebd370a36ec2fd735c2
Change the default of hyperkube_prefix to
docker.io/rancher/ and kube_tag to v1.23.3-rancher1.
story: 2008609
task: 44568
Signed-off-by: Spyros Trigazis <spyridon.trigazis@cern.ch>
Change-Id: I340f9569f517191d54bc492c82c631f485511b0f
* Traefik version updated from v1.7.19 to v1.7.28
* Force secure connections to use TLSv1.2 or greater
Change-Id: I65561358113952e3f60dc488b35ee8fa8f8da740
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
In I05cbd1ec62e9a68c68a1666ff62f20138bf8c731, fedora_coreos_v1 driver was
missed in version bump. This PS bumps it to 1.4.4 for both fedora_coreos_v1 and
fedora_atomic_v1 drivers.
Story: 2008451
Task: 42098
Change-Id: I22b698cd925dcf4f10805ae9493b77ddc9709f3f
Additionally:
- update syntax for compatibility with Ansible 2.9+.
- explicitly check for "not found" to prevent rebuild due to
other types of errors, e.g. "pull rate limit".
Story: 2007264
Task: 42009
Change-Id: I68ca057e500ea293bde398288432a67eb758af25
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: Icfd9e2a75d8fdfb24cbd1c850f498aadee91f543
Change the User Documentation to introduce the new way of installing
the prometheus monitoring suite by using label monitoring_enabled.
Give a broad overview of the existent monitoring features available
out-of-the-box and which components exist and what they do.
Explain which FAQ can be solved with already existent integrations
by manipulating monitoring specific labels.
task: 39627
story: 2006765
Depends-On: Ie0e7000e0d94b2037f2c398fa67a2a2b7e256bc3
Change-Id: I5581650b15ce94e31a44de09f82aef1790013b54
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@gmail.com>
* Add monitoring_ingress_enabled magnum label to set up ingress with
path based routing for all the configured services
{alertmanager,grafana,prometheus}. When using this,
cluster_root_domain_name magnum label must be used to setup base path
where this services are available.
* Add cluster_basic_auth_secret magnum label to configure basic auth
on unprotected services {alertmanager and prometheus}. This is only
in effect when app access is routed by ingress.
* Set services logFormat to json to enable easier machine log parsing.
task: 39477
story: 2006765
Depends-On: Ieb90605182626869528349a7fdeed65061914bcb
Change-Id: Ie0e7000e0d94b2037f2c398fa67a2a2b7e256bc3
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
When label monitoring_storage_class_name is specified
dashboards altered using the grafana UI are now
persisted if the pod is terminated.
It is still recommended that the user utilizes a
kubernetes configMap to persist the dashboard.
task: 39514
story: 2006765
Depends-On: I42117837e8e3cd03f3cb723df4d73692ead0d169
Change-Id: Ieb90605182626869528349a7fdeed65061914bcb
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
* Add metrics_retention_days magnum label allowing user to specify
prometheus server scraped metrics retention days (default: 14)
* Add metrics_retention_size magnum label allowing user to specify
prometheus server metrics storage maximum size in Gib (default: 14)
* Add metrics_scrape_interval allowing user to specify prometheus
scrape frequency in seconds (default: 30)
* Add metrics_storage_class_name allowing user to specify the
storageClass to use as external retention for pod fail-over data
persistency
task: 39509
story: 2006765
Change-Id: I42117837e8e3cd03f3cb723df4d73692ead0d169
Signed-off-by: Diogo Guerra <diogo.filipe.tomas.guerra@cern.ch>
Now k8s cluster owner can do CA cert rotate to re-generate CA of
the cluster, service account keys and the certs of all nodes will
be regenerated as well. Cluster user needs to get a new kubeconfig
to access kubernetes API. This function is only supported by
Fedora CoreOS driver.
To test this patch with python-magnumclient, you need this patch
https://review.opendev.org/#/c/724243/, otherwise, you will see
an error about "not enough values to unpack", though the CA cert
rotate request has been processed by Magnum server side correctly.
Task: 39580
Story: 2005201
Change-Id: I4ae12f928e4f49b99732fba097371692cb35d9ee
In I157a3b01d169e550e79b94316803fde8ddf77b03, support for
master_lb_allowed_cidrs was introduced but only for the fedora coreos
driver. However, this parameter is also supplied to fedora atomic
clusters but the template does not expect this parameter. As a result,
cluster creation fails due to backward incompatibility. This PS
addresses this issue.
Task: 40632
Story: 2007478
Change-Id: Ia781288f7aa35146582b10d5762aa05e3b107dce
+ Adds placeholder ConfigMap and with a template
keystone-sync-policy that can be edited by the cluster
admin
+ Docs for sync policy added
+ Docs for auth policy edited for grammar, spelling
and clarity.
Task: 39136
Story: 1755770
Change-Id: I0afc19c630e077c079f7f6a52439f4aee8bf5eb8
Adding the master_lb_enabled option when creating a cluster,
which will benefit both the cloud provider side and the end
user side. For cloud prodiver, they don't have to maintain
separate cluster templates with or w/o master_lb_enabled enabled.
For end user, they can easily use one single template to create
different clusters with different configs.
Task: 39680
Story: 2007634
Change-Id: I0b586f05168ece84fd340ef7493a56688191053d
At present, when a cluster is patched without node_count (e.g. when
health_status and health_status_reason are patched), the node_count in
the cluster_update invocation contains cluster.node_count instead of
default_ng_worker.node_count which causes unexpected behaviour when a
cluster has additional nodegroups (e.g. the default-worker size gets
incremented by 1 if the additional nodegroup has 1 worker each time the
cluster is patched).
This PS fixes this issue by using default_ng_worker.node_count if path
"/node_count" is not present in the patch object.
Story: 2005266
Task: 39962
Change-Id: I0df5149860604f0adf52701df371e34a6e667b9d
Now the label `fixed_network_cidr` is not handled correctly, no matter
if the label is set, the default value '10.0.0.0/24' is used for
fixed network anyway. This patch fixes it and renamed it as
`fixed_subnet_cidr` to make less confusion. The new behaviour will be:
1. If the label `fixed_subnet_cidr` is set but no fixed subnet passed
in, then a new subnet will be created with the given CIDR.
2. If a fixed subnet is passed in by user, then label `fixed_subnet_cidr`
will be override with the CIDR from the given subnet.
Task: 39847
Story: 2007712
Change-Id: Id05e36696bf85297a556fcd959ed897fe47b7354
Eventlet used by many openstack packages depends on greenlet which does
not have a pip release supported by Python 3.9 (default Python version
on Fedora 33). Therefore, pin Fedora to version 32 until new greenlet
release is cut which includes the required fix [0].
Also update default heat_container_agent_tag to victoria-dev.
[0] https://github.com/python-greenlet/greenlet/pull/161
Change-Id: Ice75ae880925cd15c096eb6d1cdabf7f802bccde
Story: 2007264
Task: 39941
- Refactor helm installer to use a single meta chart install job
install job and config which use Helm v3 client.
- Use upstream helm client binary instead of using helm-client container
maintained by us. To verify checksum, helm_client_sha256 label is
introduced for helm_client_tag (or alternatively for URL specified
using new helm_client_url label).
- Default helm_client_tag=v3.2.1.
- Default tiller_tag=v2.16.7, tiller_enabled=false.
Story: 2007514
Task: 39295
Change-Id: I9b9633c81afb08b91576a9a4d3c5a0c445e0cee4
- Deprecate in-tree Cinder volume driver for removal in X cycle in
favour of out-of-tree Cinder CSI plugin for Kubernetes.
- Set cinder_csi_enabled to True by default from V cycle.
- Add unit test for in-tree Cinder deprecation.
- Add mssing unit tests for resent docker_storage_driver deprecation.
Change-Id: I6f033049b5ff18c19866637efc8cf964272097f5
Story: 2007048
Task: 37873
Diogo Guerra