This updates the maas chart to include the pod
security context on the pod template.
This also adds the container security context to set
readOnlyRootFilesystem flag
Change-Id: I1eba6ab3a7c27ddcb3e8ddc8e743b91dc5e521c3
Upgrades to the MAAS chart to allow for the Pods
running the rack and region services to work across
all control plane hosts.
Change-Id: I84c856599a1122a2b4a64242a7cea357887b0462
- When specifying the list of upstream DNS or NTP servers
to configure MAAS with, use YAML sequences rather than
forcing a string
Change-Id: If0da29c0ad2c7299250ecba120bca54920e54052
Looks like new version of MAAS has fixed long standing bug
https://bugs.launchpad.net/maas/+bug/1779712
This will match internal MAAS ports to NodePort.
Change-Id: I639a4c492eb80545c69fd132d3b2dc4cca524933
This PS adds the ability to attach a release uuid to pods and rc
objects as desired. This can be used, for example, to force an
artificial manifest change in CICD scenarios, for upgradability
testing purposes.
Change-Id: I994f9eb9cd75947ee36276a542fa23cc547065e0
This PS updates the maas chart to support modern helm toolkits.
Change-Id: Id70343afdec622dc84b89b0d7f496e9ef498ea6b
Signed-off-by: Pete Birley <pete@port.direct>
- Fix bash conditional error causing the export
key job to fail for any chart upgrade
- Enhance the image import/configuration job to
be more robust with additional retrying and better
failure detection
Change-Id: I874a98587a56b03905d740cd53cdd70a8419a04e
- Allow overrides to configure the default operating
system, distribution and kernel to use in MAAS
- The defaults will be used for node enlistment and
commissioning and for deployment if per node overrides
are not used
Change-Id: I872df1c7b7741ec5e599a7a1d05c2707afd6d99e
- Fully support Postgres configuration
in the endpoints stanza
- Add RBAC support to the region and rack
pods
- Add custom RBAC for export API key job
to allow secret creation
Change-Id: I9d0b63ac329bb0b9539b14123c5e16ad3cd1c9f0
For better security use Kubernetes secrets
to set environmental variables for the
bootstrapping job
- Create secret manifest for the MaaS admin user
- Update job-bootstrap-admin-user to use secret for environment
setup
- Update job-export-api-key to source admin username
from secret
- Update job-import to source admin username
from secret
Change-Id: I0ea5a5517c5a90f481c459e836f081f3d2744dad
- If conf.cache.enabled is true, deploy a sidecar container
in the region pod with a simplestreams repo populated w/ a Ubuntu image
- If conf.cache.enabled is true, configure MaaS to source the image
from the sidecar
- Update README
Closes #1
Change-Id: I968614d6fb7ca86589dc6e2efd1f66ae920d03a8
Anselme, Schubert (sa246v)