Commit Graph

199 Commits (master)

Author SHA1 Message Date
Diogo Guerra 11bcc17568 Drop bay and baymodel from magnum
- Drop bay and baymodel tests
- Drop bay and baymodel from controllers

Depends-On: Ib85e4fda8e4ac467bd49590dc72ba5913bb9a19d

Story: 2009104
Task: 42957
Task: 42959

Signed-off-by: Diogo Guerra <>
Change-Id: Ida2e42c86400438951d9804e3ce122c56a46b94f
4 weeks ago
Jake Yip df5bb49bf2 Remove Swarm documentation
Swarm is deprecated. Remove all documentation for swarm to reflect

Also fix up image used, from fedora-atomic to fedora-coreos

Change-Id: I67fa19bf5637e61464e682e7787b795b7604d569
4 weeks ago
Jake Yip 58b4c8c296 [doc] Add FCOS version in Supported versions
Due to differences in different versions of FCOS 35 [1], users need to
know the exact version of FCOS 35 that are tested and supported.


Change-Id: Ia040e9f3b0861a57f70cd8397ee02ebe3d32a297
2 months ago
guilhermesteinmuller 6e8657912c Drop Mesos code
The coe mesos has not been maintained for quite some
time and hasn't got much attention from the community
in general. As discussed in the mailing list [1] we
are dropping for now.



Change-Id: Ie7de9a37bfad6214f52d0605409e74d62a51df47
3 months ago
Jake Yip ab9fe94d53 Remove user docs for Cluster Type Definition
ClusterType Template has been moved to Drivers since Change
I17ba94b0e2000486b5fcbf792991ad98183bd26c. There is no longer any need
to manage drivers since they are now loaded automatically now.

Also removed deprecated config option.

Change-Id: Ie72180b903c0c13b2291482516829bf7d340dd79
3 months ago
Jake Yip 4dad26bf53 Fix docs table formatting
Change-Id: Ie5db14ee07f20966a4f47df8d1ab46d0562a8846
4 months ago
Jake Yip 78a6ff0d03 Add supported Kubernetes version
As discussed in the PTG, Move the Compatibility Matrix from wiki[1] to
user docs.

The wiki will be retired after this.


Change-Id: I15dd799af58272577d53793417795bf793179598
4 months ago
Jake Yip 0aedd208dd Minor fix for flannel default in docs
Flannel default is vxlan on fedora coreos[1] and udp on coreos.

However, since we are planning on dropping coreos, let's keep this


Change-Id: I7966ad70c00f20f4b051762efbfaec6700f5d141
7 months ago
Michal Nasiadka ac5702c406 Adapt Cinder CSI to upstream manifest
- Bump also components to upstream manifest versions.
- Add small tool to sync Cinder CSI manifests automatically

Change-Id: Icd19b41d03b7aa200965a3357a8ddf8b4b40794a
8 months ago
Jake Yip 9ed49d4845 Fix ingress-controller link in docs
Task: 45340
Change-Id: Ifaf5e707d5f3c257e17bd9540418c4284250cbb3
1 year ago
Zuul 53f5e804d1 Merge "Add support for choosing Octavia provider" 1 year ago
Michal Nasiadka 5af49aa2fa Add support for choosing Octavia provider
Story: 2008805

Add support for:
* choosing Octavia provider
* setting octavia_lb_algorithm
* disabling Octavia healthcheck

Change-Id: I2d424fc2e2f8967e4b3007faedbc089f37126968
1 year ago
Jake Yip 9ad849db7c Drop mesos documentation
Remove all mention of mesos in documentation prior to removing it in

Story: 2009873
Task: 44581

Change-Id: Ib3bc3ee578bd5e3fd8124ebd370a36ec2fd735c2
1 year ago
Michal Nasiadka a9ab65200c Fix ref in labels table
This fixes openstack-tox-docs gate

Change-Id: I9d8f7e1e4cdf3b7db344c0b6142b181820cafd15
1 year ago
Spyros e47f640f3f [k8s-coreos] Default hyperkube_prefix to rancher
Change the default of hyperkube_prefix to and kube_tag to v1.23.3-rancher1.

story: 2008609
task: 44568

Signed-off-by: Spyros Trigazis <>
Change-Id: I340f9569f517191d54bc492c82c631f485511b0f
1 year ago
Spyros c1c9942f8b fcos-k8s: Update to v1.22
* change to v1
  * update metrics-server
* change to v1
* drop kubelet-https
* update to FCOS 35

story: 2009828
task: 44416

Signed-off-by: Spyros <>
Change-Id: I24b89366a4a8e8bc4c90f6a85ef6de2ac77dae1d
1 year ago
Grzegorz Bialas 9643abc9ae Upgrade to calico_tag=v3.21.2
Additionally, use fixed subnet CIDR for IP_AUTODETECTION_METHOD
supported from v3.16.x onwards.

Story: 2007256
Task: 42017

Change-Id: Iaa25cd5054cec5482f01d90e2cd150bcd9700dbe
1 year ago
Piotr Parczewski a9b9ba2361 Fix docs
Change-Id: Ie25c2748eb2acb6f1ad6bf019a10562628a51010
1 year ago
Zuul 042d2ad144 Merge "Update traefik options" 2 years ago
Zuul bc6ec3ab63 Merge "[hca] Use wallaby-stable-1 as default HCA tag" 2 years ago
Zuul c07628bca6 Merge "Support hyperkube_prefix label" 2 years ago
Diogo Guerra b4016783d5 Update traefik options
* Traefik version updated from v1.7.19 to v1.7.28
* Force secure connections to use TLSv1.2 or greater

Change-Id: I65561358113952e3f60dc488b35ee8fa8f8da740
Signed-off-by: Diogo Guerra <>
2 years ago
Bharat Kunwar 1de9b140f4 Download correct cri-containerd-cni tarball
In I05cbd1ec62e9a68c68a1666ff62f20138bf8c731, fedora_coreos_v1 driver was
missed in version bump. This PS bumps it to 1.4.4 for both fedora_coreos_v1 and
fedora_atomic_v1 drivers.

Story: 2008451
Task: 42098

Change-Id: I22b698cd925dcf4f10805ae9493b77ddc9709f3f
2 years ago
Bharat Kunwar 7be7a5a123 [hca] Use wallaby-stable-1 as default HCA tag
- update syntax for compatibility with Ansible 2.9+.
- explicitly check for "not found" to prevent rebuild due to
  other types of errors, e.g. "pull rate limit".

Story: 2007264
Task: 42009

Change-Id: I68ca057e500ea293bde398288432a67eb758af25
2 years ago
Ghanshyam Mann 3b7a33eb64 [goal] Deprecate the JSON formatted policy file
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc.


Change-Id: Icfd9e2a75d8fdfb24cbd1c850f498aadee91f543
2 years ago
Bharat Kunwar fc1f27a569 Support hyperkube_prefix label
Additionally for k8s_fedora_coreos_v1 driver:
* Introduce hyperkube_prefix which defaults to
* Bump default kube_tag to v1.18.16

Story: 1668998
Task: 41791

Change-Id: I38b8df45a00f1a2a1604059b8329d1dd762e05cd
2 years ago
Zuul 421269c476 Merge "[doc] Replace Atomic/CoreOS with Fedora CoreOS" 2 years ago
Dmitriy Rabotyagov afce5d9cb7 [doc] Replace Atomic/CoreOS with Fedora CoreOS
Story: 2008596
Task: 41767
Change-Id: I6ee02e49ba50676f9e7c5b06432b9c1d962734da
2 years ago
Diogo Guerra a3d8b4fe8d 4. Update cluster monitoring documentation
Change the User Documentation to introduce the new way of installing
the prometheus monitoring suite by using label monitoring_enabled.
Give a broad overview of the existent monitoring features available
out-of-the-box and which components exist and what they do.
Explain which FAQ can be solved with already existent integrations
by manipulating monitoring specific labels.

task: 39627
story: 2006765

Depends-On: Ie0e7000e0d94b2037f2c398fa67a2a2b7e256bc3
Change-Id: I5581650b15ce94e31a44de09f82aef1790013b54
Signed-off-by: Diogo Guerra <>
2 years ago
Diogo Guerra ea64468ab3 3. Configure monitoring apps path based endpoints
* Add monitoring_ingress_enabled magnum label to set up ingress with
path based routing for all the configured services
{alertmanager,grafana,prometheus}. When using this,
cluster_root_domain_name magnum label must be used to setup base path
where this services are available.
* Add cluster_basic_auth_secret magnum label to configure basic auth
on unprotected services {alertmanager and  prometheus}. This is only
in effect when app access is routed by ingress.
* Set services logFormat to json to enable easier machine log parsing.

task: 39477
story: 2006765

Depends-On: Ieb90605182626869528349a7fdeed65061914bcb
Change-Id: Ie0e7000e0d94b2037f2c398fa67a2a2b7e256bc3
Signed-off-by: Diogo Guerra <>
2 years ago
Diogo Guerra aec5d469be 2. Add persistency for grafana dashboards
When label monitoring_storage_class_name is specified
dashboards altered using the grafana UI are now
persisted if the pod is terminated.
It is still recommended that the user utilizes a
kubernetes configMap to persist the dashboard.

task: 39514
story: 2006765

Depends-On: I42117837e8e3cd03f3cb723df4d73692ead0d169
Change-Id: Ieb90605182626869528349a7fdeed65061914bcb
Signed-off-by: Diogo Guerra <>
2 years ago
Diogo Guerra 37497ccf5b 1. Configurable prometheus monitoring persistent storage
* Add metrics_retention_days magnum label allowing user to specify
prometheus server scraped metrics retention days (default: 14)
* Add metrics_retention_size magnum label allowing user to specify
prometheus server metrics storage maximum size in Gib (default: 14)
* Add metrics_scrape_interval allowing user to specify prometheus
scrape frequency in seconds (default: 30)
* Add metrics_storage_class_name allowing user to specify the
storageClass to use as external retention for pod fail-over data

task: 39509
story: 2006765

Change-Id: I42117837e8e3cd03f3cb723df4d73692ead0d169
Signed-off-by: Diogo Guerra <>
2 years ago
Simon Merrick f3e88ddba7 Fix syntax error in default rolesync configmap
Change-Id: I455ed0106dd257acbde58af408de0bf6e6abe7d3
3 years ago
Zuul 0640707cff Merge "Configure placeholder role-mapping Sync" 3 years ago
Zuul f2b97898c0 Merge "[k8s] Support CA certs rotate" 3 years ago
Feilong Wang 8020391e4a [k8s] Support CA certs rotate
Now k8s cluster owner can do CA cert rotate to re-generate CA of
the cluster, service account keys and the certs of all nodes will
be regenerated as well. Cluster user needs to get a new kubeconfig
to access kubernetes API. This function is only supported by
Fedora CoreOS driver.

To test this patch with python-magnumclient, you need this patch, otherwise, you will see
an error about "not enough values to unpack", though the CA cert
rotate request has been processed by Magnum server side correctly.

Task: 39580
Story: 2005201

Change-Id: I4ae12f928e4f49b99732fba097371692cb35d9ee
3 years ago
Zuul 5b8edcfe17 Merge "[k8s-atomic] Support master_lb_allowed_cidrs in template" 3 years ago
Bharat Kunwar ffed883959 [k8s-atomic] Support master_lb_allowed_cidrs in template
In I157a3b01d169e550e79b94316803fde8ddf77b03, support for
master_lb_allowed_cidrs  was introduced but only for the fedora coreos
driver. However, this parameter is also supplied to fedora atomic
clusters but the template does not expect this parameter. As a result,
cluster creation fails due to backward incompatibility. This PS
addresses this issue.

Task: 40632
Story: 2007478

Change-Id: Ia781288f7aa35146582b10d5762aa05e3b107dce
3 years ago
Simon Merrick 31623a13ad Configure placeholder role-mapping Sync
+ Adds placeholder ConfigMap and with a template
   keystone-sync-policy that can be edited by the cluster
 + Docs for sync policy added
 + Docs for auth policy edited for grammar, spelling
   and clarity.

Task: 39136
Story: 1755770

Change-Id: I0afc19c630e077c079f7f6a52439f4aee8bf5eb8
3 years ago
Zuul 16396793d6 Merge "[docs] Bring user docs up to date with recent changes" 3 years ago
Feilong Wang 946c1d67c7 Add master_lb_enabled to cluster
Adding the master_lb_enabled option when creating a cluster,
which will benefit both the cloud provider side and the end
user side. For cloud prodiver, they don't have to maintain
separate cluster templates with or w/o master_lb_enabled enabled.
For end user, they can easily use one single template to create
different clusters with different configs.

Task: 39680
Story: 2007634

Change-Id: I0b586f05168ece84fd340ef7493a56688191053d
3 years ago
Bharat Kunwar b10b55df13 [docs] Bring user docs up to date with recent changes
Change-Id: Ic6fef848726b7b20eaf0cd09f67d9ea21b5ac067
3 years ago
Zuul caf6874944 Merge "[fix] Use default_ng_worker.node_count for patches" 3 years ago
Zuul 52690900a7 Merge "Fix label fixed_network_cidr" 3 years ago
Bharat Kunwar 55fd12a47c [fix] Use default_ng_worker.node_count for patches
At present, when a cluster is patched without node_count (e.g. when
health_status and health_status_reason are patched), the node_count in
the cluster_update invocation contains cluster.node_count instead of
default_ng_worker.node_count which causes unexpected behaviour when a
cluster has additional nodegroups (e.g. the default-worker size gets
incremented by 1 if the additional nodegroup has 1 worker each time the
cluster is patched).

This PS fixes this issue by using default_ng_worker.node_count if path
"/node_count" is not present in the patch object.

Story: 2005266
Task: 39962

Change-Id: I0df5149860604f0adf52701df371e34a6e667b9d
3 years ago
Feilong Wang 001b9c6101 Fix label fixed_network_cidr
Now the label `fixed_network_cidr` is not handled correctly, no matter
if the label is set, the default value '' is used for
fixed network anyway. This patch fixes it and renamed it as
`fixed_subnet_cidr` to make less confusion. The new behaviour will be:
1. If the label `fixed_subnet_cidr` is set but no fixed subnet passed
   in, then a new subnet will be created with the given CIDR.
2. If a fixed subnet is passed in by user, then label `fixed_subnet_cidr`
   will be override with the CIDR from the given subnet.

Task: 39847
Story: 2007712

Change-Id: Id05e36696bf85297a556fcd959ed897fe47b7354
3 years ago
Bharat Kunwar 81d0699c4c [hca] Pin fedora to 32 until new greenlet release
Eventlet used by many openstack packages depends on greenlet which does
not have a pip release supported by Python 3.9 (default Python version
on Fedora 33). Therefore, pin Fedora to version 32 until new greenlet
release is cut which includes the required fix [0].

Also update default heat_container_agent_tag to victoria-dev.


Change-Id: Ice75ae880925cd15c096eb6d1cdabf7f802bccde
Story: 2007264
Task: 39941
3 years ago
Bharat Kunwar a79f8f52f9 [k8s] Use Helm v3 by default
- Refactor helm installer to use a single meta chart install job
  install job and config which use Helm v3 client.
- Use upstream helm client binary instead of using helm-client container
  maintained by us. To verify checksum, helm_client_sha256 label is
  introduced for helm_client_tag (or alternatively for URL specified
  using new helm_client_url label).
- Default helm_client_tag=v3.2.1.
- Default tiller_tag=v2.16.7, tiller_enabled=false.

Story: 2007514
Task: 39295

Change-Id: I9b9633c81afb08b91576a9a4d3c5a0c445e0cee4
3 years ago
Bharat Kunwar 3179921f0c [k8s] Deprecate in-tree Cinder
- Deprecate in-tree Cinder volume driver for removal in X cycle in
  favour of out-of-tree Cinder CSI plugin for Kubernetes.
- Set cinder_csi_enabled to True by default from V cycle.
- Add unit test for in-tree Cinder deprecation.
- Add mssing unit tests for resent docker_storage_driver deprecation.

Change-Id: I6f033049b5ff18c19866637efc8cf964272097f5
Story: 2007048
Task: 37873
3 years ago
Zuul a2f4b28c60 Merge "[k8s] Add label 'master_lb_allowed_cidrs'" 3 years ago