Since after v3.5.6 etcd-io switched to a
distroless base image. Etcd anchor pods
are now using etcd-utility and etcd is
running a sidecar for health checks.
Change-Id: I198dca1209097de4d60a53a7568f0c4790679599
Update helm toolkit ref so that ingress will be created with a pathType
of Prefix.
https: //review.opendev.org/c/openstack/openstack-helm-infra/+/905757
Change-Id: I4b655daccdc613902f66c35615c1369e15001344
This PS updates python modules and code to match Airflow 2.6.2:
- bionic py36 gates were removed
- python code corrected to match new modules versions
- selection of python modules versions was perfoemed based on
airflow-2.6.2 constraints
Change-Id: I9c3e139b3437414a61af7e7c0b7d7e533fadefda
This PS restores image build for ubuntu_bionic and adds appropriate
gates to keep it tested by appropriate functional and integrational
tests.
Change-Id: I8ef524a1f66f1a88593a18334b8c37c4db0175c6
upgrades kubernetes client to v1.26.0
remove installation of containerd during genesis.sh to prevent containerd downgrade
update bitnami kubectl image to image with curl installed for readiness check
Change-Id: I3afd5a7e7211bae3f52263167a62a012da0619a0
add focal dockerfile
update zuul jobs for focal
update tox for tox4 changes
update all requirements to latest and match deckhand
update cfssl from R1.2 to v1.6.3
fixed local gates for focal
updated examples promenade manifests to run on focal
Change-Id: I2af4043784766d36588c6f738053ad66e7b89a90
Updating etcd chart with added backup validation function empty implementation(subject for future realization). This has to be done because helm-toolkit chart in openstack-helm-infra is now calling that function verify_databases_backup_archives() as part of backup_databases() function implementation:
https://review.opendev.org/c/openstack/openstack-helm-infra/+/853027
Changed apiVersion of etcd cronjob from batch/v1beta to batch/v1 and fixed securityContext for etcd_backup.
Also bumping up HTK version to 0.2.48 from a commit id obtained from merge of https://review.opendev.org/c/openstack/openstack-helm-infra/+/853027 and set proper commit id in this file: tools/helm_tk.sh
Change-Id: Ie047dd0e6a2aae6483ace89cad22d6720890cdfc
Address changes and deprecations in Kubernetes v1.21=>v1.23
controller-manager:
* --authorization-kubeconfig and --authentication-kubeconfig must be set
* liveness/readiness probes must use HTTPS
* the default port has been changed to 10257
kubelet:
* --dynamic-config-dir has been deprecated, will not move to GA
* --cni-bin-dir has been deprecated, will be removed with dockershim
* --cni-conf-dir has been deprecated, will be removed with dockershim
* --network-plugin has been deprecated, will be removed with dockershim
https: //github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#deprecation
https: //kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/
https: //github.com/kubernetes/enhancements/tree/master/keps/sig-node/281-dynamic-kubelet-configuration
Change-Id: Ia996d7c14d81d1d8b8067f11c02ffb4ce90eb49a
Update the anchor pods to use a regularly patched and updated kubectl
image that contains the necessary components (bash, jq, curl, etc.) in
addition to kubectl: https://hub.docker.com/r/bitnami/kubectl
Change-Id: Ia3e75dc334c3c1a88abfec10fb0367447e79a538
Removing set -x from within the dump_databases_to_directory function.
The set -x from within the function is causing all the code that
follows the function call to have debug tracing on. This in turns
causing multiple identical logs for the same event. Looking at this
function, there should be enough logging to aid debugging.
Reference ps: https://review.opendev.org/c/openstack/openstack-helm-infra/+/830533
(commit 2fc1ce4a142e605a9fc6c90dceabbf7c4bfb81e3)
Change-Id: Id442972bbcca983afab7c4f3c29f3686e9e0b481
1) Uplift helm-toolkit to include db-backup-restore error log string
prefixes for the generation of alert
https://review.opendev.org/c/openstack/openstack-helm-infra/+/823867
2) Error log string prefixes are added to etcd backup-restore as well
Change-Id: Iad51a3e55567d0861140a97c17a1b7d859e13938
Uplifting tiller image to ghcr.io/helm/tiller:v2.17.0 since
v2.16.1 is not available anymore
Update the helm installation script to download and install v2.17.0
Change-Id: I92a7fe096a32377e155a298dc258bc2f4b93a2c1
Update example manifests to use latest bionic based armada and deckhand images to fix the zuul gates.
Change-Id: Ic70b7269a73a3b34608442ee71620358fa8785c2
In v1.20, TokenRequest and TokenRequestProjection become GA features,
and the following flags are required by the API server:
* --service-account-issuer
* --service-account-key-file
* --service-account-signing-key-file
This change ensures that the flags are set, and that the required keys
are in the right places.
Change-Id: I6606c5b1c9ff005d1943b424e3e7ad4d20b68408
Replace all usages of the hyperkube image with standalone container
images for apiserver, controller, scheduler, and proxy.
Change-Id: I44392c7900a72edd35bc5afa1c50bec8e04f927f
The extraction of the monolithic hyperkube binary from its container
image to be used as kubelet was last relevant in Kubernetes 1.16. Since
then, the hyperkube image has been deprecated, the structure of the
image has been changed, and it has ultimately been eliminated in
Kubernetes 1.19.
This change cleans up promenade accordingly.
Reverts the following commits:
* 886007b New CLI option to extract hyperkube
* 32a6c15 hyperkube image in promenade init
* 955deed New source for hyperkube binary definition
Change-Id: Ib62ecdf1af13abe8202a4ba4f86c39b9042ed13f
Modifies the script that cleans up the local environment between runs to
allow the removal of /var/lib/kubelet/pods. The previous script hung up
on volume-subpaths (in addition to io~secret and empty-dir, which were
explicitly handled). This just unmounts everything before the files are
removed in remove_files.
Change-Id: I52cbe7d0f493336c1362ca3d3988038a1a15bcef
gcr.io/google_containers/ no longer contains some of the image
versions we require, use the new location.
Change-Id: I8f9a976a35ca632d785dd4d05f2a55713bde8c3e
The upstream Helm chart repos have moved permanently, causing a failure
when running "make helm-serve": 'Error: error initializing: Looks like
"https://kubernetes-charts.storage.googleapis.com" is not a valid chart
repository or cannot be reached'.
This change skips the chart refresh, since the upstream charts are not
used anyway.
Change-Id: Ia55b7f48ce03d1ecf9a26181fea0ab159e99c8a5
This patch includes the upstream helm toolkit change below which adds
the capability to delete an archive from the local or remote data stores.
https://review.opendev.org/#/c/758859/
(commit 2d1fe882bb751c03ee741a6166c9c8a5fad8f926)
Change-Id: Iec3f234f5be780bd90d233b1cba58d11127d5d28
Include below patchset to make database backups work with
openstack Train release.
https://review.opendev.org/#/c/754831
Change-Id: I8004ac8320f02bb0acbf0edd9caa9520a94aada1