This will give admins a way to revoke access to an existing cluster
once a user has been granted access.
Bumped the API microversion to 1.5 for the new endpoint.
Deprecated policy certificate:get in favor of certificate:get_ca for
clarity and consistency.
Depends-On: Ie960464e45445e195e75b91e8d65a4046eb21e93
Implements: blueprint revoke-cluster-cert
Change-Id: Ief28bef3a79f212acf4166e443a96e5419fbb757
Adding config option to limit the max number of clusters
allowed per project. This limit is ignored if there is
an explicit hard limit set for a project in the 'quotas'
table.
Change-Id: I8a904de156c10c210e9e72999cdcbc28e374ea71
Partially-Implements: blueprint resource-quota
Following up cluster drivers implementation, move the scale managers
at driver level. This change is needed to add the driver field
properly.
Change-Id: Ia854f2354c51b5fa47095bb4cb118416f3f01a33
Implements: blueprint bay-drivers
Following changes for cluster-drivers, move coe specific monitors
at driver level. This change is needed to add the driver field
properly.
Change-Id: Id4658b8f7400bf3c86c8ff81756fb33d1211a0b3
Implements: blueprint bay-drivers
Instead of downloading kubernetes.tar.xz for extracting "kubectl"
binary, we should download only kubectl binary(v1.2.0) for accessing
kubernetes cluster.
Reason for this change: The tar archive is of
large size(above 100MB for v1.0.1 and above 400MB for v1.2.0) which
is not required.
Change-Id: I27e5625c89daa50d243029bb0e736cf77c9a2941
Closes-Bug: #1656752
Recent update of upper-constraints for novaclient 7.0.0 in [1]
breaked magnum.
This patch makes magnum code compatible with latest release.
Also, passed endpoint_override while class Initialization to
remove warning [2]:-
[1] https://review.openstack.org/#/c/414170/
[2] Property `management_url` is deprecated for SessionClient.
It should be set via `endpoint_override` variable while class
initialization.
Change-Id: Idc0e501c23b77ed5b4e9e9e7a6a7b6af7c7bca75
Closes-Bug: #1658058
Closes-Bug: #1658005
This patch move software configs out of resource group (kubeminion.yaml).
With this fix, k8s minions will no duplicate software configs.
Partial-Bug: #1646710
Change-Id: I2cabc40401ce9a12bce7a8103090e0b9f0289e4d
This patch move software configs out of resource group(mesosslave.yaml).
With this fix Mesos templates will no duplicate software configs.
Change-Id: I241acb6aa9389e01e5412d412f07adb0b318f835
Partial-Bug: #1646710
This patch let mesos slave share same wait condition and wait condition
handler resource instead of create same function of resource for each
slave node.
Partial-Bug: #1646720
Change-Id: I4271e0bce1a0a9a5b9d5e4b29a53508fe529badd
This patch let kubemasters share same wait condition and wait condition
handler resource instead of create same function of resource for each
kubemaster node.
Partial-Bug: #1646720
Change-Id: Ib529e695409ba4519bdf0ad159a4599ef0805d54
This patch let kubeminions share same wait condition and wait condition
handler resource instead of create same function of resource for each
kubeminion node.
Partial-Bug: #1646720
Change-Id: I890a6f3155737286fe8930de038ba78ff7c2498c
This change introduces a new /stats REST endpoint that
provide the following basic information;
1) Total number of clusters and nodes for the given tenant.
2) Total number of clusters and nodes across all the tenants.
Follow-up patches include more stats.
Change-Id: Iac0bf9343549de31654545d5b1fd7601e56142a7
Partially Implements blueprint magnum-stats-api
Copy magnum.bash_completion script to /etc/bash_completion.d
so that users/developers can take advantage of auto completion
of magnum commands.
Change-Id: I8d0ba953e7eb963be1d9e459c4015e882231e2c8
Closes-Bug: #1657004
Instead of downloading kubernetes.tar.xz for extracting "kubectl"
binary, we should download only kubectl binary(v1.2.0) for accessing
kubernetes cluster.
Reason for this change: The tar archive is of
large size(above 100MB for v1.0.1 and above 400MB for v1.2.0) which
is not required.
Closes-Bug: #1656752
Change-Id: I6c0013c6900252486129a9ba0e7d9df23d577d77
In swarm nodes the docker certs are named server.crt and server.key.
Replace filenames in swarm-agent service from client to server.
Change-Id: Ic3bc228d98c3829b583403156d8ad3ad4939037a
PArtially-Implements: blueprint secure-etcd-cluster-coe
With this patch following are done:-
- Configure Etcd with TLS support
Configure Following to commuicate with TLS enabled Etcd:-
- Swarm manager
- Swarm agent
- Docker
- Flannel
Etcd also listens at http://127.0.0.1:2379,
so on master nodes etcdctl can be used without certificates.
if TLS_DISABLED="True" then no TLS is enabled for etcd.
Change-Id: I6cadfebcfaaaf7ac7a7660b377b7d96748f0f9f0
Partially-Implements: blueprint secure-etcd-cluster-coe