The named and nginx processes both try to use all available CPUs. In
addition, there is a bug in named that sometimes causes it to spin on a
FUTEX, pegging the CPU.
This change constrains those processes to a single CPU (overridable in
values.yaml), and includes /etc/bind/bind.keys in named.conf to avoid
the CPU spike.
Change-Id: I4a278023f5c0dd5e7bdee46891591b278f2ddcad
MAAS uses MBR for boot disks smaller than 2 TiB. This change provides an
option to force the use of GPT, regardless of boot disk size. The chart
value is: conf.maas.force_gpt=true.
The 2 TiB "threshold" for when GPT is required is simply lowered to 0:
https://github.com/maas/maas/blob/2.3/src/maasserver/models/partitiontable.py#L51-L53
This change could be accomplished with a patch to the maas-region image
directly, but then it would not be configurable, and it may not be
useful for all users. Using sed in the startup script seems like a fair
solution.
Change-Id: I87d3f4b9c97048cdef383cbd15c5a16ac219066b
Since maas containers are running as non-privileged,
the maas root user might not be able to get lock on
the host's /etc/paasword to change shell for the maas
user. Added retry/sleep to eventually get the lock and
make the shell update for the user.
Also, using usermod instead of chsh.
Change-Id: Iaba6276bd6d54b22980aef8c6f7c5c113d0f2fff
- Use a statefulset and PVC to make rackd systemid assignment
stateful between pod restarts. This is to alleviate instability
in MAAS upgrades.
Change-Id: Iea5c3d3897b561d4ba479203ee6aec5885282e1a
This PS updates the charts and images for running systemd in a more
kubernetes friendly way:
- The hosts cgroupfs is mounted in read only
- Required mounts are created (tmp tmp/lock)
- A tty is created for the container
- A unit is added to each image that streams journald to stdout
Follow up patches will improve the image builds, create cgroups in an
init container, and also drop unrequired privileges from the containers
in addition to compatibility with recent helm-toolkits.
Change-Id: If3b0df28fea967c5ff67df51e1e95bc74f906222
Signed-off-by: Pete Birley <pete@port.direct>
- Currently the start.sh script is crashlooping because it
is attempting to chown files and failing due to a read-only
filesystem. Rather than mounting the files in place directly,
they can be copied in the container and permissions and ownership
set.
Change-Id: I1da93dd7c177c027457c640a4254357f29c97a5b
- Add support for optionally mounting a
private key for the maas user to access
remote hosts via ssh (e.g. virsh)
- Add libvirt-bin to the rack controller
Change-Id: I18efb6a6947a5a5f91800bf6494b7d9d15d8aaf2
Phil Sphicas