Currently on quota create project_id is not
validated. This change is to check if the given
project id is valid or not.
Change-Id: I8f9785aa83257f3abacb5542d3329d4aef7dd849
Closes-Bug: #1665079
By default, API service with service account is accessible from inside
the cluster at the address 10.254.0.1. This IP should be added to SANS
when generating the certs.
Fixes-bug: #1660811
Change-Id: I214b4296bea55bb0c4015165c56fbd8ca3cebd39
Currently for admin user, quota get-all method returning
all the quotas if all_tenants parameter is passed
irrespective of whether the flag is set to True or False.
This change fixes the issue by setting the correct
parameter type in quotas get-all method.
Change-Id: I6992c4b648bbbd01ce7d6ef4c53c031fa1f1c9aa
Closes-Bug: #1665109
Parent commit allow custom secure HYPERKUBE_IMAGE_REPO (which can also
be a local registry). Here we implement INSECURE_REGISTRY_URL which
allow settings custom insecure registry for Kubernetes infra components.
It also enable the insecure registry for Docker daemon.
Partially-Implements: blueprint coreos-best-pratice
Partially-Implements: blueprint support-insecure-registry
Change-Id: If00afa2e8a9100546301f9a1f161daed6e3ffc4f
Currently cluster-update is rolling back in case of update
failure irrespective of whether the rollback flag set to
True or False. This change fixes the issue by setting the
right parameter type in cluster patch method.
Change-Id: I6c28c583e7e3b98622634ac2381513b442eb57b6
Closes-Bug: #1664781
Keypair was missing in api-ref for cluster create, so
add it and update example accordingly.
Change-Id: Ibf9280cec7000c1303b7898494fec9f3a2020068
Closes-Bug: 1660296
Currently quotas-list operation with limit is failing
since there is no uuid attribute defined in Quota object.
(Please refer to bug#1662935 report for more details)
Change-Id: I7ec53f990b1223fe3c72fc7a20fb8261c12e8398
Closes-Bug: #1662935
Introduce HYPERKUBE_IMAGE_REPO variable which is set to CoreOS
hyperkube by default. Also remove "_coreos.0" from script as it can be a
different build number. This number should be included in the kubernetes
version parameters and not in scripts.
With this, it is possible to use any combination of hyperkube image with
any tags. by default we use the CoreOS one.
Partially-Implements: blueprint support-insecure-registry
Partially-Implements: blueprint coreos-best-pratice
Change-Id: Ie0fbed4b160fa972cfe130c252e87765690e2f5f
For a really long time, we generated and maintained our very own python
client generated from kubernetes swagger json files. Now in Kubernetes
Community there is a concerted effort to organize an official python
client (also generated from swagger) for everyone to use. So let us
please switch over from our python-k8sclient and use the community
driven python client. I have ported all of our end-to-end tests and got
them working in kubernetes client-python project upstream so we should
be protected from regressions.
Implements: blueprint replace-k8sclient-with-upstream-kubernetes-client
Depends-On: I72359f2b811392008eb5267812bf343797b1553a
Change-Id: Ib81a69cfdc25198e259e3b3d4081c92c01fd1bc5
myip is defined almost in every fragment. It is unnecessary. We can use
KUBE_NODE_IP that is defined in HEAT. Also, if for some reason
KUBE_NODE_IP is empty, we use the failsafe like in make-cert fragment
where we curl metadata to make sure KUBE_NODE_IP is not empty.
Implements: blueprint coreos-best-pratice
Change-Id: I8597a5afa9b4bc7a5c740738303102e7b60ec63e
Due to bug in microversion logic, adding any new microversioned
API would mandate OpenStack-API-Version header in the request.
This change is to avoid microversion enforcement until the
bug in microversioning is fixed.
Please note that, this issue is only seen when no version
header is sent to the controller the first time and also
this bug can not be reproduced by magnum CLI since it sends
the latest version header by default.
Change-Id: I9a576e048846e930c62fb55584b125585137fcfd
Partial-Bug: #1659431
Since commit 220675d42a578e51b401c72c7940b5664a289406 heat-params are
used by systemd and are unnecessary.
Implements: blueprint coreos-best-pratice
Change-Id: Iaf88219db2d3aaa452ff07a146acb3fbef323eb1
Multiple variables names where used in different fragments. This commit
makes KUBE_CERTS_PATH and HOST_CERTS_PATH hardcoded values in heat-params
fragment and use them inside fragments instead of hardcoded value and
different variables names
Implements: blueprint coreos-best-pratice
Change-Id: I8c7856601096672890ab5a1318db0177d582e53d
The gating on python 3.4 is restricted to <= Mitaka. This is due to
the change from Ubuntu Trusty to Xenial, where only python3.5 is
available. There is no need to continue to keep these settings.
Change-Id: Id6d387d7e2cf6395a7ccff6291c9c73787984d51
Enforcing microversion 1.5 for the certificates PATCH endpoint
(rotating a CA cert) was not necessary because it is a new endpoint
and not a change to an existing endpoint. The absence of an
implementation for prior microversions of this endpoint was causing
unexpected behavior.
Change-Id: I33240d6b325843972a6f05d1c93c94b82752d32f
Partial-Bug: #1659431
