- Start workers as soon as the master VM is created, rather than
waiting all the services ready.
- Move all the SoftwareDeployment outside of kubemaster stack.
- Tweak the scripts in SoftwareDeployment so that they can be combined
into a single script.
Story: 2004573
Task: 28347
Change-Id: Ie48861253615c8f60b34a2c1e9ad6b91d3ae685e
Co-Authored-By: Lingxian Kong <anlin.kong@gmail.com>
There is no need for API tests to be running with concurrency of
one, we can drop that and speed up the API test suite by using
all of our cores.
Change-Id: Ideb379ba7032e83bde852198fc66ccd623ae1424
This patch changes the intergration jobs to use nodes which are
at VEXXHOST that come with supported nested virtualization in
order to allow for the functional jobs to finish on-time.
Change-Id: Ie275caac1a40fb3f10a0653b66611d2ba9d1c470
Story: #2002589
Task: #28341
The functional jobs are currently deploying with an empty list of
admission control list which means that the service token controller
does not go up resulting in the cluster failing to go up.
This patch drops that so it uses the default values of the admission
controllers in order to get the cluster to go up cleanly.
Change-Id: I0fdd65a9859f34e202016c37620f553623ef8a3e
This patch brings the Fedora Atomic version used in gating to
the latest one which includes some improvements alongside a newer
version of Docker (which seems to run things better overall).
Change-Id: Iad0a1f57b29aec9a0cdb2a104fdaa5970133cfb4
The API for delete_namespaced_service requires a body which when
missing will fail the functional tests.
This patch addresses that issue by adding an empty body in order
for the delete to work properly.
Change-Id: I3b4a4bb08f60d9d18368dd3faa84ab1348acb543
Story: #2002589
Task: #28341
At the moment, if a cluster fails to be created, we fall back to
getting the node information from Heat directly. However, this
behaviour doesn't work at the moment because `self.cluster` is
a copy of the API record on-create which does not have the stack
ID yet.
This patch makes an extra HTTP request to get the `stack_id` in
order to get the server IPs and be able to pull down the correct
information.
Story: #2002589
Task: #28341
Change-Id: I3fb3542f8ab63f38a23094d579d3df1fcb99a497
* Added support for www_authenticate_uri in ContextHook.
* Made code path consistent with keystone.py impl.
Story: 2004271
Task: 28073
Change-Id: I7e3f23964a55be3255e87a4c4af7bae0a1415676
On node reboot, kubelet and kube-proxy set
iptables -P FORWARD DROP which doesn't work with
flannel in the way we use it.
Add a systemd unit to set the rule to ACCEPT after
flannel,docker,kubelet,kube-proxy.
Change-Id: I7f6200a4966fda1cc701749bf1f37ddc492390c5
Co-Authored-By: Spyros Trigazis <spyridon.trigazis@cern.ch>
A user may not rely on nova-keypairs to access their cluster
such as a preconfigured SSSD.
story: 2004402
task: 28035
Change-Id: I77fbdc174d3dddfd312fb8dac20516314d4c182e
Switch to systemd logging to take advantage of some of the newer
logging features.
Story: 2004272
Task: 27820
Change-Id: I475bf26e24b3a725f68c7da355807374bf1e189b
We do currently not support www_authentication_uri at all, which
is the new standard, as auth_uri has long been deprecated.
* Make sure we support both auth_uri and www_authenticate_uri.
* Switched to www_authenticate_uri for devstack.
* Fixed a bug where a bad exception would be thrown if auth_uri
was not set.
Story: 2004271
Task: 27819
Change-Id: Ibc932d35f3d6ba2ac7ffb6193aa37bd4a3d4422e
Adding the client enables the manipulation of Octavia
resources with Magnum such as during cluster deletion,
being able to clean up non-heat created resouces.
Change-Id: I976ab136e24b98d447d61028ce07d0f5dd9d255a
story: 2004259
task: 27795
The cluster name is useful to identify resources created in different
k8s clusters, especially in the cloud environment, the cluster name is
always injected into the name of the cloud resources(e.g. the load
balancer, volume, etc.), which is helpful for the cluster resource
clean up.
The magnum cluster UUID is used as the value of '--cluster-name' option.
Story: 2004242
Task: 27766
Change-Id: I245a8869948a0b8bfa8d5cc32e7fb9277477026a
Ironic has evolved and a few items were no longer correct
in the contributed scripts for use with ironic.
Additionally a database workaround was fixed, and as such
commented out.
Change-Id: I105791985973e8348d43d41982ac7ba3e0cf970c
Ensure the --live-restore is not in the Docker daemon OPTIONS.
Some images has this option by default which will cause the node
not being able to perform it swarm init process.
Change-Id: I287a5274143903fad5d4476e9d1640b26bdb46d4
Story: 2004095
Task: 27497
Update heat-container-agent version tag to include the multi region
fix.
Task: 27051
Story: 2003992
Change-Id: Ided337dafa52cce771126e96ef41a62a3358fda1
We are currently hitting this error with the gate.
> NOT_ALLOWED - access to vhost 'None' refused for user 'stackrabbit'
This patch fixes this by using the inbuilt devstack construct
to create an appropriate transport_url.
Change-Id: I9aae96094b7bd8bc148ae3e42c118ba160eff8ae
--register-with-taints take no effect when --register-schedulable=false
configured. It's better to drop --register-schedulable and
leave --register-with-taints to make master schedulable
add --pod-infra-container-image=CONTAINER_INFRA_PREFIX
for kubelet on master nodes.
Change-Id: Ia2ce59841d823ba02a65224088e5af1a8c9610b1
Cleaning up comments and logging to make sure they properly adhere
to Openstack standards.
* Consistently use """ instead of ''' for comments.
* Always lazy-load logging parameters.
* Fixed bad log line in cert_manager.
Change-Id: I547f5dfa61609a899aef9b1470be8d8a6d8e4b81
Cluster update was used for scaling operations only,
but if the heat-temaplates where changed for any reason
(eg upgrade of the magnum server), the stack update command
was destructive.
This patch uses the existing parameter in the stack update call.
story: 1722573
task: 21583
Change-Id: Id84e5d878b21c908021e631514c2c58b3fe8b8b0
When using 'prometheus_monitoring=true' in the label option,
'kube-enable-monitoring.service' in the master node has stuck in
'Wait for Grafana pod and then inject data source'.
It caused the 'prometheus-monitoring' namespace doesn't exist,
so scripts don't create pods about Prometheus and Grafana.
To fix the error, I added codes in 'magnum/drivers/common/templates/
kubernetes/fragments/enable-prometheus-monitoring.sh' to make
'prometheus-monitoring' namespace.
We could put codes in a new file like 'magnum/magnum/drivers/
k8s_coreos_v1/templates/fragments/create-kube-namespace.yaml',
but I think it's ok.
Change-Id: I23395b41919c6f39cfcc2b4480bcd4b040cae031
Task: 26347
Story: 2003697
This is a mechanically generated patch to switch the documentation
jobs to use the new PTI versions of the jobs as part of the
python3-first goal.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I3672dad9be3d60d243af9f7bb422f86d9ce87ad4
Story: #2002586
Task: #24308
