From d64c5fea64499bdd7043641e1b7420afbd7dac73 Mon Sep 17 00:00:00 2001 From: "Gupta, Sangeet (sg774j)" Date: Tue, 9 Feb 2021 21:45:49 +0000 Subject: [PATCH] TLS gates from infra monitoring Change-Id: If41dae31763abac8c9c65b1650556438a9b6b0df --- tools/deployment/common/015-cert-manager.sh | 5 + .../000-install-packages.sh | 1 + .../osh-infra-logging-tls/005-deploy-k8s.sh | 1 + .../osh-infra-logging-tls/010-ingress.sh | 50 ++++ .../osh-infra-logging-tls/015-cert-manager.sh | 1 + .../osh-infra-logging-tls/020-ceph.sh | 227 ++++++++++++++++++ .../025-ceph-ns-activate.sh | 61 +++++ .../030-radosgw-osh-infra.sh | 69 ++++++ .../osh-infra-logging-tls/040-ldap.sh | 1 + .../050-elasticsearch.sh | 122 ++++++++++ .../osh-infra-logging-tls/060-fluentd.sh | 1 + .../osh-infra-logging-tls/070-kibana.sh | 33 +++ .../600-kibana-selenium.sh | 1 + .../000-install-packages.sh | 1 + .../005-deploy-k8s.sh | 1 + .../015-cert-manager.sh | 1 + .../osh-infra-monitoring-tls/020-ingress.sh | 1 + .../030-nfs-provisioner.sh | 35 +++ .../osh-infra-monitoring-tls/040-ldap.sh | 1 + .../osh-infra-monitoring-tls/045-mariadb.sh | 41 ++++ .../050-prometheus.sh | 37 +++ .../060-alertmanager.sh | 36 +++ .../070-kube-state-metrics.sh | 1 + .../075-node-problem-detector.sh | 45 ++++ .../080-node-exporter.sh | 1 + .../090-process-exporter.sh | 1 + .../100-openstack-exporter.sh | 1 + .../105-blackbox-exporter.sh | 32 +++ .../osh-infra-monitoring-tls/110-grafana.sh | 37 +++ .../osh-infra-monitoring-tls/120-nagios.sh | 36 +++ .../170-postgresql.sh | 1 + .../600-grafana-selenium.sh | 1 + .../610-prometheus-selenium.sh | 1 + .../620-nagios-selenium.sh | 1 + zuul.d/jobs.yaml | 66 +++++ zuul.d/project.yaml | 2 + 36 files changed, 953 insertions(+) create mode 100755 tools/deployment/common/015-cert-manager.sh create mode 120000 tools/deployment/osh-infra-logging-tls/000-install-packages.sh create mode 120000 tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh create mode 100755 tools/deployment/osh-infra-logging-tls/010-ingress.sh create mode 120000 tools/deployment/osh-infra-logging-tls/015-cert-manager.sh create mode 100755 tools/deployment/osh-infra-logging-tls/020-ceph.sh create mode 100755 tools/deployment/osh-infra-logging-tls/025-ceph-ns-activate.sh create mode 100755 tools/deployment/osh-infra-logging-tls/030-radosgw-osh-infra.sh create mode 120000 tools/deployment/osh-infra-logging-tls/040-ldap.sh create mode 100755 tools/deployment/osh-infra-logging-tls/050-elasticsearch.sh create mode 120000 tools/deployment/osh-infra-logging-tls/060-fluentd.sh create mode 100755 tools/deployment/osh-infra-logging-tls/070-kibana.sh create mode 120000 tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/020-ingress.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/040-ldap.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/110-grafana.sh create mode 100755 tools/deployment/osh-infra-monitoring-tls/120-nagios.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh create mode 120000 tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh diff --git a/tools/deployment/common/015-cert-manager.sh b/tools/deployment/common/015-cert-manager.sh new file mode 100755 index 000000000..80aab419a --- /dev/null +++ b/tools/deployment/common/015-cert-manager.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +set -eux + +./${OSH_PATH}tools/scripts/tls/cert-manager.sh diff --git a/tools/deployment/osh-infra-logging-tls/000-install-packages.sh b/tools/deployment/osh-infra-logging-tls/000-install-packages.sh new file mode 120000 index 000000000..d702c4899 --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/000-install-packages.sh @@ -0,0 +1 @@ +../common/000-install-packages.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh b/tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh new file mode 120000 index 000000000..257a39f7a --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh @@ -0,0 +1 @@ +../common/005-deploy-k8s.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-logging-tls/010-ingress.sh b/tools/deployment/osh-infra-logging-tls/010-ingress.sh new file mode 100755 index 000000000..5ede0f5fc --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/010-ingress.sh @@ -0,0 +1,50 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make ingress + +#NOTE: Deploy global ingress +tee /tmp/ingress-kube-system.yaml << EOF +deployment: + mode: cluster + type: DaemonSet +network: + host_namespace: true +EOF +helm upgrade --install ingress-kube-system ./ingress \ + --namespace=kube-system \ + --values=/tmp/ingress-kube-system.yaml + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh kube-system + +#NOTE: Display info +helm status ingress-kube-system + +#NOTE: Deploy namespace ingress +for NAMESPACE in osh-infra ceph; do + helm upgrade --install ingress-${NAMESPACE} ./ingress \ + --namespace=${NAMESPACE} \ + ${OSH_EXTRA_HELM_ARGS} \ + ${OSH_EXTRA_HELM_ARGS_INGRESS_OPENSTACK} + + #NOTE: Wait for deploy + ./tools/deployment/common/wait-for-pods.sh ${NAMESPACE} + + #NOTE: Display info + helm status ingress-${NAMESPACE} +done diff --git a/tools/deployment/osh-infra-logging-tls/015-cert-manager.sh b/tools/deployment/osh-infra-logging-tls/015-cert-manager.sh new file mode 120000 index 000000000..ee278fd9f --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/015-cert-manager.sh @@ -0,0 +1 @@ +../common/015-cert-manager.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-logging-tls/020-ceph.sh b/tools/deployment/osh-infra-logging-tls/020-ceph.sh new file mode 100755 index 000000000..095b4695b --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/020-ceph.sh @@ -0,0 +1,227 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +# setup loopback devices for ceph +./tools/deployment/common/setup-ceph-loopback-device.sh --ceph-osd-data \ +${CEPH_OSD_DATA_DEVICE:=/dev/loop0} --ceph-osd-dbwal ${CEPH_OSD_DB_WAL_DEVICE:=/dev/loop1} + +#NOTE: Lint and package chart +for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do + make "${CHART}" +done + +#NOTE: Deploy command +: ${OSH_EXTRA_HELM_ARGS:=""} +[ -s /tmp/ceph-fs-uuid.txt ] || uuidgen > /tmp/ceph-fs-uuid.txt +CEPH_FS_ID="$(cat /tmp/ceph-fs-uuid.txt)" +#NOTE(portdirect): to use RBD devices with Ubuntu kernels < 4.5 this +# should be set to 'hammer' +. /etc/os-release +if [ "x${ID}" == "xcentos" ] || \ + ([ "x${ID}" == "xubuntu" ] && \ + dpkg --compare-versions "$(uname -r)" "lt" "4.5"); then + CRUSH_TUNABLES=hammer +else + CRUSH_TUNABLES=null +fi +tee /tmp/ceph.yaml <- + "Delete indices older than 365 days" + options: + timeout_override: + continue_if_exception: False + ignore_empty_list: True + disable_action: False + filters: + - filtertype: pattern + kind: prefix + value: logstash- + - filtertype: age + source: name + direction: older + timestring: '%Y.%m.%d' + unit: days + unit_count: 365 + 2: + action: snapshot + description: >- + "Snapshot all indices older than 365 days" + options: + repository: logstash_snapshots + name: "snapshot-%Y-.%m.%d" + wait_for_completion: True + max_wait: 36000 + wait_interval: 30 + ignore_empty_list: True + continue_if_exception: False + disable_action: False + filters: + - filtertype: age + source: name + direction: older + timestring: '%Y.%m.%d' + unit: days + unit_count: 365 + 3: + action: delete_snapshots + description: >- + "Delete index snapshots older than 365 days" + options: + repository: logstash_snapshots + timeout_override: 1200 + retry_interval: 120 + retry_count: 5 + ignore_empty_list: True + continue_if_exception: False + disable_action: False + filters: + - filtertype: pattern + kind: prefix + value: snapshot- + - filtertype: age + source: name + direction: older + timestring: '%Y.%m.%d' + unit: days + unit_count: 365 + +EOF + +: ${OSH_INFRA_EXTRA_HELM_ARGS_ELASTICSEARCH:="$(./tools/deployment/common/get-values-overrides.sh elasticsearch)"} + +helm upgrade --install elasticsearch ./elasticsearch \ + --namespace=osh-infra \ + --values=/tmp/elasticsearch.yaml\ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_ELASTICSEARCH} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status elasticsearch + +# Delete the test pod if it still exists +kubectl delete pods -l application=elasticsearch,release_group=elasticsearch,component=test --namespace=osh-infra --ignore-not-found +helm test elasticsearch diff --git a/tools/deployment/osh-infra-logging-tls/060-fluentd.sh b/tools/deployment/osh-infra-logging-tls/060-fluentd.sh new file mode 120000 index 000000000..c4b76c18c --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/060-fluentd.sh @@ -0,0 +1 @@ +../common/fluentd.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-logging-tls/070-kibana.sh b/tools/deployment/osh-infra-logging-tls/070-kibana.sh new file mode 100755 index 000000000..850ebc621 --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/070-kibana.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make kibana + +: ${OSH_INFRA_EXTRA_HELM_ARGS_KIBANA:="$(./tools/deployment/common/get-values-overrides.sh kibana)"} + +#NOTE: Deploy command +: ${OSH_EXTRA_HELM_ARGS:=""} +helm upgrade --install kibana ./kibana \ + --namespace=osh-infra \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_KIBANA} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status kibana diff --git a/tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh b/tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh new file mode 120000 index 000000000..d5114e2cc --- /dev/null +++ b/tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh @@ -0,0 +1 @@ +../common/kibana-selenium.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh b/tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh new file mode 120000 index 000000000..d702c4899 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh @@ -0,0 +1 @@ +../common/000-install-packages.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh b/tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh new file mode 120000 index 000000000..257a39f7a --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh @@ -0,0 +1 @@ +../common/005-deploy-k8s.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh b/tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh new file mode 120000 index 000000000..ee278fd9f --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh @@ -0,0 +1 @@ +../common/015-cert-manager.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/020-ingress.sh b/tools/deployment/osh-infra-monitoring-tls/020-ingress.sh new file mode 120000 index 000000000..94b1e92f9 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/020-ingress.sh @@ -0,0 +1 @@ +../common/020-ingress.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh b/tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh new file mode 100755 index 000000000..669e5e251 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +make nfs-provisioner + +#NOTE: Deploy nfs instance for logging, monitoring and alerting components +tee /tmp/nfs-provisioner.yaml << EOF +labels: + node_selector_key: openstack-control-plane + node_selector_value: enabled +storageclass: + name: general +EOF +helm upgrade --install nfs-provisioner \ + ./nfs-provisioner --namespace=nfs \ + --values=/tmp/nfs-provisioner.yaml + +#NOTE: Wait for deployment +./tools/deployment/common/wait-for-pods.sh nfs + +#NOTE: Validate Deployment info +helm status nfs-provisioner diff --git a/tools/deployment/osh-infra-monitoring-tls/040-ldap.sh b/tools/deployment/osh-infra-monitoring-tls/040-ldap.sh new file mode 120000 index 000000000..4ed4b9d4b --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/040-ldap.sh @@ -0,0 +1 @@ +../common/040-ldap.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh b/tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh new file mode 100755 index 000000000..4f9a81f3c --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make mariadb + +: ${OSH_INFRA_EXTRA_HELM_ARGS_MARIADB:="$(./tools/deployment/common/get-values-overrides.sh mariadb)"} + +#NOTE: Deploy command +: ${OSH_INFRA_EXTRA_HELM_ARGS:=""} + +helm upgrade --install mariadb ./mariadb \ + --namespace=osh-infra \ + --set monitoring.prometheus.enabled=true \ + --set pod.replicas.server=1 \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_MARIADB} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status mariadb + +# Delete the test pod if it still exists +kubectl delete pods -l application=mariadb,release_group=mariadb,component=test --namespace=osh-infra --ignore-not-found +#NOTE: Validate the deployment +helm test mariadb diff --git a/tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh b/tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh new file mode 100755 index 000000000..ce467af48 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make prometheus + +FEATURE_GATES="alertmanager,ceph,elasticsearch,kubernetes,nodes,openstack,postgresql,tls,apparmor" +: ${OSH_INFRA_EXTRA_HELM_ARGS_PROMETHEUS:="$({ ./tools/deployment/common/get-values-overrides.sh prometheus;} 2> /dev/null)"} + +#NOTE: Deploy command +helm upgrade --install prometheus ./prometheus \ + --namespace=osh-infra \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_PROMETHEUS} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status prometheus + +# Delete the test pod if it still exists +kubectl delete pods -l application=prometheus,release_group=prometheus,component=test --namespace=osh-infra --ignore-not-found +helm test prometheus diff --git a/tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh b/tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh new file mode 100755 index 000000000..7a7448295 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make prometheus-alertmanager + +: ${OSH_INFRA_EXTRA_HELM_ARGS_ALERTMANAGER:="$(./tools/deployment/common/get-values-overrides.sh prometheus-alertmanager)"} + +#NOTE: Deploy command +: ${OSH_INFRA_EXTRA_HELM_ARGS:=""} + +#NOTE: Deploy command +helm upgrade --install prometheus-alertmanager ./prometheus-alertmanager \ + --namespace=osh-infra \ + --set pod.replicas.alertmanager=1 \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_ALERTMANAGER} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status prometheus-alertmanager diff --git a/tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh b/tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh new file mode 120000 index 000000000..2a18ebb8b --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh @@ -0,0 +1 @@ +../common/070-kube-state-metrics.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh b/tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh new file mode 100755 index 000000000..6188f97c2 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh @@ -0,0 +1,45 @@ +#!/bin/bash +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make kubernetes-node-problem-detector + +: ${OSH_INFRA_EXTRA_HELM_ARGS_PROBLEM_DETECTOR:="$(./tools/deployment/common/get-values-overrides.sh kubernetes-node-problem-detector)"} + +#NOTE: Deploy command +tee /tmp/kubernetes-node-problem-detector.yaml << EOF +monitoring: + prometheus: + pod: + enabled: false + service: + enabled: true +manifests: + service: true +EOF + +: ${OSH_INFRA_EXTRA_HELM_ARGS:=""} + +helm upgrade --install kubernetes-node-problem-detector \ + ./kubernetes-node-problem-detector --namespace=kube-system \ + --values=/tmp/kubernetes-node-problem-detector.yaml \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_PROBLEM_DETECTOR} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh kube-system + +#NOTE: Validate Deployment info +helm status kubernetes-node-problem-detector diff --git a/tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh b/tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh new file mode 120000 index 000000000..412748a74 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh @@ -0,0 +1 @@ +../common/080-node-exporter.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh b/tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh new file mode 120000 index 000000000..fe8036bc0 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh @@ -0,0 +1 @@ +../common/090-process-exporter.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh b/tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh new file mode 120000 index 000000000..2389a3bec --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh @@ -0,0 +1 @@ +../common/openstack-exporter.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh b/tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh new file mode 100755 index 000000000..6fce52cac --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make prometheus-blackbox-exporter + +#NOTE: Deploy command +: ${OSH_INFRA_EXTRA_HELM_ARGS_BLACKBOX_EXPORTER:="$(./tools/deployment/common/get-values-overrides.sh prometheus-blackbox-exporter)"} + +#NOTE: Deploy command +helm upgrade --install prometheus-blackbox-exporter \ + ./prometheus-blackbox-exporter --namespace=osh-infra \ + ${OSH_INFRA_EXTRA_HELM_ARGS_BLACKBOX_EXPORTER} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status prometheus-blackbox-exporter diff --git a/tools/deployment/osh-infra-monitoring-tls/110-grafana.sh b/tools/deployment/osh-infra-monitoring-tls/110-grafana.sh new file mode 100755 index 000000000..548efba0f --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/110-grafana.sh @@ -0,0 +1,37 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make grafana + +FEATURE_GATES="calico,ceph,containers,coredns,elasticsearch,kubernetes,nginx,nodes,openstack,prometheus,home_dashboard,persistentvolume,tls,apparmor" +: ${OSH_INFRA_EXTRA_HELM_ARGS_GRAFANA:="$({ ./tools/deployment/common/get-values-overrides.sh grafana;} 2> /dev/null)"} + +#NOTE: Deploy command +helm upgrade --install grafana ./grafana \ + --namespace=osh-infra \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_GRAFANA} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status grafana + +# Delete the test pod if it still exists +kubectl delete pods -l application=grafana,release_group=grafana,component=test --namespace=osh-infra --ignore-not-found +helm test grafana diff --git a/tools/deployment/osh-infra-monitoring-tls/120-nagios.sh b/tools/deployment/osh-infra-monitoring-tls/120-nagios.sh new file mode 100755 index 000000000..b48f6cff8 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/120-nagios.sh @@ -0,0 +1,36 @@ +#!/bin/bash + +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +set -xe + +#NOTE: Lint and package chart +make nagios + +: ${OSH_INFRA_EXTRA_HELM_ARGS_NAGIOS:="$(./tools/deployment/common/get-values-overrides.sh nagios)"} + +#NOTE: Deploy command +helm upgrade --install nagios ./nagios \ + --namespace=osh-infra \ + ${OSH_INFRA_EXTRA_HELM_ARGS} \ + ${OSH_INFRA_EXTRA_HELM_ARGS_NAGIOS} + +#NOTE: Wait for deploy +./tools/deployment/common/wait-for-pods.sh osh-infra + +#NOTE: Validate Deployment info +helm status nagios + +# Delete the test pod if it still exists +kubectl delete pods -l application=nagios,release_group=nagios,component=test --namespace=osh-infra --ignore-not-found +helm test nagios diff --git a/tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh b/tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh new file mode 120000 index 000000000..dad2d5019 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh @@ -0,0 +1 @@ +../common/postgresql.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh b/tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh new file mode 120000 index 000000000..ca1714bb5 --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh @@ -0,0 +1 @@ +../common/grafana-selenium.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh b/tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh new file mode 120000 index 000000000..aeb8622ba --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh @@ -0,0 +1 @@ +../common/prometheus-selenium.sh \ No newline at end of file diff --git a/tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh b/tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh new file mode 120000 index 000000000..a4f66c4ea --- /dev/null +++ b/tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh @@ -0,0 +1 @@ +../common/nagios-selenium.sh \ No newline at end of file diff --git a/zuul.d/jobs.yaml b/zuul.d/jobs.yaml index 9cb348b3c..4fe3c6616 100644 --- a/zuul.d/jobs.yaml +++ b/zuul.d/jobs.yaml @@ -653,4 +653,70 @@ - ./tools/deployment/openstack-support/090-keystone.sh - ./tools/deployment/openstack-support/110-openstack-exporter.sh - ./tools/deployment/apparmor/140-ceph-radosgateway.sh + +- job: + name: openstack-helm-infra-aio-monitoring-tls + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + required-projects: + - openstack/openstack-helm + vars: + osh_params: + feature_gates: tls + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-monitoring-tls/000-install-packages.sh + - ./tools/deployment/osh-infra-monitoring-tls/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-monitoring-tls/015-cert-manager.sh + - - ./tools/deployment/osh-infra-monitoring-tls/020-ingress.sh + - ./tools/deployment/osh-infra-monitoring-tls/030-nfs-provisioner.sh + - ./tools/deployment/osh-infra-monitoring-tls/040-ldap.sh + - ./tools/deployment/osh-infra-monitoring-tls/045-mariadb.sh + - - ./tools/deployment/osh-infra-monitoring-tls/050-prometheus.sh + - ./tools/deployment/osh-infra-monitoring-tls/060-alertmanager.sh + - ./tools/deployment/osh-infra-monitoring-tls/070-kube-state-metrics.sh + - ./tools/deployment/osh-infra-monitoring-tls/075-node-problem-detector.sh + - ./tools/deployment/osh-infra-monitoring-tls/080-node-exporter.sh + - - ./tools/deployment/osh-infra-monitoring-tls/090-process-exporter.sh + # - ./tools/deployment/osh-infra-monitoring-tls/100-openstack-exporter.sh + - ./tools/deployment/osh-infra-monitoring-tls/105-blackbox-exporter.sh + - - ./tools/deployment/osh-infra-monitoring-tls/110-grafana.sh + - ./tools/deployment/osh-infra-monitoring-tls/120-nagios.sh + - ./tools/deployment/osh-infra-monitoring-tls/170-postgresql.sh + - ./tools/deployment/osh-infra-monitoring-tls/600-grafana-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring-tls/610-prometheus-selenium.sh || true + - ./tools/deployment/osh-infra-monitoring-tls/620-nagios-selenium.sh || true +- job: + name: openstack-helm-infra-aio-logging-tls + parent: openstack-helm-infra-functional + timeout: 7200 + pre-run: + - playbooks/osh-infra-upgrade-host.yaml + - playbooks/osh-infra-deploy-selenium.yaml + post-run: playbooks/osh-infra-collect-logs.yaml + nodeset: openstack-helm-single-node + required-projects: + - openstack/openstack-helm + vars: + osh_params: + feature_gates: tls + gate_scripts_relative_path: ../openstack-helm-infra + gate_scripts: + - ./tools/deployment/osh-infra-logging-tls/000-install-packages.sh + - ./tools/deployment/osh-infra-logging-tls/005-deploy-k8s.sh + - ./tools/deployment/osh-infra-logging-tls/015-cert-manager.sh + - - ./tools/deployment/osh-infra-logging-tls/010-ingress.sh + - ./tools/deployment/osh-infra-logging-tls/020-ceph.sh + - - ./tools/deployment/osh-infra-logging-tls/025-ceph-ns-activate.sh + - ./tools/deployment/osh-infra-logging-tls/030-radosgw-osh-infra.sh + - ./tools/deployment/osh-infra-logging-tls/040-ldap.sh + - ./tools/deployment/osh-infra-logging-tls/050-elasticsearch.sh + - - ./tools/deployment/osh-infra-logging-tls/060-fluentd.sh + - ./tools/deployment/osh-infra-logging-tls/070-kibana.sh + - ./tools/deployment/osh-infra-logging-tls/600-kibana-selenium.sh || true ... diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml index 6fa88ca8c..7bc3ddb7c 100644 --- a/zuul.d/project.yaml +++ b/zuul.d/project.yaml @@ -73,4 +73,6 @@ - openstack-helm-infra-aio-logging-apparmor - openstack-helm-infra-openstack-support-apparmor - openstack-helm-infra-metacontroller + - openstack-helm-infra-aio-monitoring-tls + - openstack-helm-infra-aio-logging-tls ...