This PS fixes the libvirt image, buy removing the ubuntu-cloud
archive repo and pinning to a good version.
Change-Id: I5097d8893b92d020f7a5a1cb5925dec0b01d4da2
Signed-off-by: Pete Birley <pete@port.direct>
Problem was discovered regarding issues being caused by RGW dynamic
bucket resharding. It is at this time recommended to disable this feature.
Change-Id: Id524415f4ed08ee5374f7fd3b53f6e36c3ab084e
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.
We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.
We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.
Change-Id: I2ced79bfdfb8dd17f966fdf985e06b2f835cfa13
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
This commit adds falco daemonset of the node for behavioral activity
monitor designed to detect anomalous activity.
Change-Id: I783a2acc03592471c81a8a54e1dc0df140b34a42
This PS moves to use k8s 1.10.8, which includes a couple of fixes
for PVC mounts.
* https://github.com/kubernetes/kubernetes/pull/66863
Change-Id: Ica30950a8200f5755897b51fd2b4d24c69a10e61
Signed-off-by: Pete Birley <pete@port.direct>
This PS removes the unused pull images role and playbook.
Change-Id: Ic26035c3f58efb6269fd58e570601cccfdd84949
Signed-off-by: Pete Birley <pete@port.direct>
This PS removes the unused helm chart deployment role and playbook.
Change-Id: I01c58a628589ec35af2557c8cc93ea47fe084089
Signed-off-by: Pete Birley <pete@port.direct>
This PS updates the gate tasks to tollerate failures in the post
run log collection tasks.
Change-Id: I8b982112955f4112e8107a7eae35680aa68c87ab
Signed-off-by: Pete Birley <pete@port.direct>
This updates the multinode jobs to the five node jobs to attempt
to address resource issues encountered in the multinode jobs
Change-Id: If96a33099997aae2c7914a98332380ea32f2a3fe
This PS moves to run the Libvirt process as a transient unit
on the host, free fom k8s controlled cgroups. In addition it
also uses the cloud archive provided libvirt/qemu packages.
Change-Id: Idfe9ae6f072acd86f877df0c3dfe3db4c20902d6
Signed-off-by: Pete Birley <pete@port.direct>
This PS moves the centos job to experimental untill we have
done some optimisation on the gates
Change-Id: I3bfa8be9ac86025199060ec1ad9e7485bff30901
Signed-off-by: Pete Birley <pete@port.direct>
This PS realigns Calico v2 with the pending Calico v3.2 chart in order
to minimize differences. It's mostly refactoring with a few small fixes.
Change-Id: Ie5157b4ae324b6eb4c8ccb5cc07d8b9bc5a83ebd
This PS fixes the error logs in mariadb-server.
Each partition has its own lost+found directory and mysql consider
the directory as a database.
Change-Id: Ibce0dddb5065fd56fa841ebcb91c7c9f15de6c62
Closes-Bug: #1795381
This adds inputs for kernel logs on the host, as well as dockerd
and kubelet logs via the systemd plugin. This also adds a filter
for adding the hostname to the kernel log events, for renaming the
fields for systemd logs as kibana can not visualize fields that
begin with an underscore, and adds elasticsearch indexes for both
kernel and systemd logs
Change-Id: I026470dd45a971047f1e5bd1cd49bd0889589d12
This removes the recording rules for Kubernetes, as these rules
add signficant overhead to the total evaluation time for rules.
Any recording rules should be handled as operator overrides and
not set by default, in order to prevent undesired overhead time
for rules that aren't currently used by the charts
Change-Id: I183d32e62619b71b5020cd3733e4707d7c9ad11b
Using a random bootstrap filename means any upgrade (even without
changes) causes MariaDB to churn and restart.
Change-Id: Ieaf577e413f8d672d24bf42c90b6110b52e542f0
This adds session affinity to Kibana's ingress. This allows for
the use of cookies for Kibana's session affinity
Change-Id: I0863493ba7051a08350971da9c6e4d59cc2d8fa5
This patch set adds helm toolkit functions to annotate apparmor profile
in the container's metadata section.
Change-Id: Ib0ca04e8b8527194778afb8053046797abdfdb98
Signed-off-by: Tin Lam <tin@irrational.io>
This PS updates the server init process to init desired accounts
before serving external requests.
Change-Id: Ida9e3b93ed332a621e0c2fcb39a9870886c9ffe7
Signed-off-by: Pete Birley <pete@port.direct>
adding configmap hash to following ds/deployments to trigger
rolling updates if there are any update for configmap
- ceph-mon
- ceph-mds
- ceph-mgr
- ceph-rgw
Change-Id: I4173cb12c18640c9b1a0e5a698d48f4735e250fb
This PS adds documentation for the kubernetes entrypoint macros.
Change-Id: I1bec4d7a58878742462de624ebe0b77579759c09
Signed-off-by: Pete Birley <pete@port.direct>
Fixing opebstack API monitors
Adding additional neutron services monitors
Adding new Pod CrashLoopBaackOff status check
Adding new Host readiness check
Updated the nagios image reference(https://review.gerrithub.io/c/att-comdev/nagios/+/420590 - Pending)
This updated image provides a mechanism for querying Elasticsearch
with the goal of triggering alerts based on specified applications
and log levels.
Finally, this moves the endpoints resulting from the authenticated
endpoint lookups required for Nagios to the nagios secret instead
of handled via plain text environment variables
Change-Id: I517d8e6e6e8fa1d359382be8a131a8e45bf243e2
This patch set updates the default docker image to use the official
k8scloudprovider image for the kubernetes-keystone-webhook.
Change-Id: Ib9cc3efaf63569e20d07fa9b3ad9f45b49ab7cc9
Signed-off-by: Tin Lam <tin@irrational.io>
This ps adds the ability to use the ceph radosgw s3 api for
snapshot repositories. It removes the ability to use a RWM pvc, as
the radosgw solution provides a more robust approach for storing
index snapshots
Change-Id: Ie56ac41ccdc61bfadcac52b400cceb35403e9fae
This proposes adding the following:
Snippets for the environment variables for the s3 admin user and
service users for using rgw's s3 api
Scripts for creating s3 users for use by a particular service and
for creating and linking buckets to those users
Manifest templates for the jobs for creating the s3 users and for
creating and linking the buckets to those users
Change-Id: Ibd5ed0aac49d172c56faffdacd44bdd487978570
This updates the configuration for fluentd, providing a mechanism
for basic determination of the log level of a logged event via
entries from /var/log/containers. This log level is prepended to
the tag for that event, and also added as a new `level` key in
the resulting event. These two improvements allow for querying
specific log level events via the tag.
This also adds similar functionality to any events captured via
the oslo log fluentd handler/formatter. This allows for
elasticsearch queries akin to `error.openstack.keystone`, which
can be used by nagios or another alerting mechanism to raise
alerts when a particular level event has been captured.
Change-Id: I016ddcfcf7408de7b6511ddf7009e1e6a5f3a1d9