Expose the early logging level for calico-node.
Use conf.node.FELIX_LOGSEVERITYSCREEN to set logging level in
BGPConfiguration and FelixConfiguration (whilst this is an odd
name/location it backwards compatible and will in most cases set
things as expected).
Change-Id: I70c3028423eddb4721456f645c4475da4af7ced5
This PS shares pid namespaces for containers in pods under docker,
bringing running in this runtime inline with other runc based container
backends, allowing the pause process in the pod to act as a reaper.
Change-Id: I70965a62b585de31fb953ba98189a84021dba1cb
Signed-off-by: Pete Birley <pete@port.direct>
This PS shares pid namespaces for containers in pods under docker,
bringing running in this runtime inline with other runc based container
backends, allowing the pause process in the pod to act as a reaper.
Change-Id: I1e511b1cd11a4b2f4818a772a91e8a8dfd342be3
Signed-off-by: Pete Birley <pete@port.direct>
This PS shares pid namespaces for containers in pods under docker,
bringing running in this runtime inline with other runc based container
backends, allowing the pause process in the pod to act as a reaper.
Change-Id: I43bea4cd9e91f9d27a846879dfc329cfa26f8ee7
Signed-off-by: Pete Birley <pete@port.direct>
- Use whole disk /dev/sdc format.
- Don't specify partition and let ceph-osd util create
and manage partition.
- On an OSD disk failure, during manintanance window,
Journal partition for failed OSD should be deleted.
This will allow ceph-osd util to reuse space for new partition.
- Disk partition count num will continue to
increase as more OSD fails.
Change-Id: I87522db8cabebe8cb103481cdb65fc52f2ce2b07
This adds the Decode_Field_As configuration key to the docker
parser for fluentbit. This is required to escape utf-8 encoded
characters appropriately in the log field
Change-Id: Ie2600cfe22045e3ab651fddf61ed2f676ab8a1d5
This adds a simple check to the Elasticsearch snapshot repo job
that will cause the job to fail if the repository isn't added
successfully
Change-Id: I9dca6ef545b43c52a37542319fa2f706b174c44b
This updates the Elasticsearch helm test to execute a clean on the
test index before attempting to create it, in cases where a
stranded test index may exist
Change-Id: I87533f94f6ea55b0b2f929543f8d3e75baa81bed
This ps allows multiple ceph test pods to be present in cluster with
more than one ceph deployment.
Change-Id: I002a8b4681d97ed6ab95af23e1938870c28f5a83
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the sleep function to not require dumb-init to be
present in images.
Change-Id: I9ee7270f2c101a3a85b2aecd01097a70014ea4a6
Signed-off-by: Pete Birley <pete@port.direct>
This PS removes the server headers from client responses, as per
security guidelines.
Change-Id: I351f396e8e735e1d13f00c661b9c4068664d934a
Signed-off-by: Pete Birley <pete@port.direct>
This patch set adds in a helm-toolkit function to render the
securityContext in the chart.
Change-Id: Id0fe9b75432076d0b87e89dcaa5a4b88487972aa
Signed-off-by: Tin Lam <tin@irrational.io>
The minimium requirements for a Ceph OSD have changed in the latest
Luminous release to accomodate Bluestore changes. We need to support
these changes as we look into upgrading Ceph to the latest Luminous
and beyond releases.
Change-Id: I3eddffe73cfd188ff012db7c74702de6921711e7
- Adds AppArmor profile to the privileged pod
using kubernetes_manadatory_access_control_annotation.
- Added apparmor install to the gate jobs.
Change-Id: I8b53e0b8ddc2695fa278481edf5688efa23ab06b
This removes the default Curator action configuration. As these
values will potentially be merged with any supplied overrides, it
could result in undesirable behavior. As a result, we should leave
the existing defaults commented out as a reference instead.
Change-Id: Idaf1dc8f3e476f1189058b69b841588a15deb7cd
This PS shares pid namespaces for containers in pods under docker,
bringing running in this runtime inline with other runc based container
backends, allowing the pause process in the pod to act as a reaper.
Change-Id: Ib5fc101d930446d848246eb5ca4d554b756cb91f
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the ceph failure domain overrides to support
dynamic configuration based on host/label based overrides.
Also fixes typo identified in the following ps for directories:
* https://review.openstack.org/#/c/623670/1
Change-Id: Ia449be23353083f9a77df2b592944571c907e277
Signed-off-by: Pete Birley <pete@port.direct>
Small typo in the logic filtering of the failure domain type for
an OSD pod. This wasn't initially found since it didn't break any
expected behavior tests.
Change-Id: I2b895bbc83c6c71fffe1a0db357b120b3ffb7f56
This adds a nonvoting check that will deploy two ceph clusters
and then deploy two radosgw instances, each one backed by a unique
ceph cluster. This allows us validate whether we can reliably
deploy multiple ceph clusters, as in the case of tenant-ceph outlined
in openstack-helm specs
Change-Id: I76a416eddcdb3ea2416d475ea8c8756925cd9580
Co-Authored-By: Meghan Heisler <mh783g@att.com>
This PS adds labels to secrets created by charts, which allows them
to be easily identified in deployed sites.
PS4: This PS resolves undefined variable "$envAll" issue
Change-Id: Icbe3584b0ac18b23e32489c4a04ad5aa7aad67e6
Signed-off-by: Pete Birley <pete@port.direct>
Adding auth tags for the logs to support special filter
for openstack and application security logs
Change-Id: Ifbd2395e4268d8d8fc4a2a3ac4d351db3d3e0845
osd_scrub_load_threshold set to 10.0 (default 0.5)
- With the number of multi-core processors nowadays, it's fairly
typical to see systems over a load of 1.0. We need to adjust the
scrub load threshold so that scrubbing runs as scheduled even
when a node is moderately/lightly under load.
filestore_max_sync_interval set to 10s (default 5s)
- Larger default journal sizes (>1GB) will not be effectively used
unless the max sync interval time is increased for Filestore. The
benefit of this change is increased performance especially around
sequential write workloads.
mon_osd_down_out_interval set to 1800s (default 600s)
- OSD PODs can take longer then several minutes to boot up. Mark
an OSD as 'out' in the CRUSH map only after 15 minutes of being
'down'.
Change-Id: I62d6d0de436c270d3295671f8c7f74c89b3bd71e