- Use a statefulset and PVC to make rackd systemid assignment
stateful between pod restarts. This is to alleviate instability
in MAAS upgrades.
Change-Id: Iea5c3d3897b561d4ba479203ee6aec5885282e1a
This PS updates the charts and images for running systemd in a more
kubernetes friendly way:
- The hosts cgroupfs is mounted in read only
- Required mounts are created (tmp tmp/lock)
- A tty is created for the container
- A unit is added to each image that streams journald to stdout
Follow up patches will improve the image builds, create cgroups in an
init container, and also drop unrequired privileges from the containers
in addition to compatibility with recent helm-toolkits.
Change-Id: If3b0df28fea967c5ff67df51e1e95bc74f906222
Signed-off-by: Pete Birley <pete@port.direct>
- Currently the start.sh script is crashlooping because it
is attempting to chown files and failing due to a read-only
filesystem. Rather than mounting the files in place directly,
they can be copied in the container and permissions and ownership
set.
Change-Id: I1da93dd7c177c027457c640a4254357f29c97a5b
- Add support for optionally mounting a
private key for the maas user to access
remote hosts via ssh (e.g. virsh)
- Add libvirt-bin to the rack controller
Change-Id: I18efb6a6947a5a5f91800bf6494b7d9d15d8aaf2
This allows ntpd to be disabled in both the privileged
rack and region controllers for use cases where we
do not wish these processes to conflict with ntpd
on the physical host running the containers. This
method as opposed to overriding sysvinit style scripts
and potentially other ways to launch ntpd that may
exist appears to be the safest way to ensure it does
not ever run.
Change-Id: Ib52727becc1849a2a75d2d62d1c51553047a8fcf
- Fully support Postgres configuration
in the endpoints stanza
- Add RBAC support to the region and rack
pods
- Add custom RBAC for export API key job
to allow secret creation
Change-Id: I9d0b63ac329bb0b9539b14123c5e16ad3cd1c9f0
- If conf.cache.enabled is true, deploy a sidecar container
in the region pod with a simplestreams repo populated w/ a Ubuntu image
- If conf.cache.enabled is true, configure MaaS to source the image
from the sidecar
- Update README
Closes #1
Change-Id: I968614d6fb7ca86589dc6e2efd1f66ae920d03a8