This PS updates python modules and code to match Airflow 2.6.2:
- bionic py36 gates were removed
- python code corrected to match new modules versions
- selection of python modules versions was perfoemed based on
airflow-2.6.2 constraints
Change-Id: I9c3e139b3437414a61af7e7c0b7d7e533fadefda
upgrades kubernetes client to v1.26.0
remove installation of containerd during genesis.sh to prevent containerd downgrade
update bitnami kubectl image to image with curl installed for readiness check
Change-Id: I3afd5a7e7211bae3f52263167a62a012da0619a0
add focal dockerfile
update zuul jobs for focal
update tox for tox4 changes
update all requirements to latest and match deckhand
update cfssl from R1.2 to v1.6.3
fixed local gates for focal
updated examples promenade manifests to run on focal
Change-Id: I2af4043784766d36588c6f738053ad66e7b89a90
Address changes and deprecations in Kubernetes v1.21=>v1.23
controller-manager:
* --authorization-kubeconfig and --authentication-kubeconfig must be set
* liveness/readiness probes must use HTTPS
* the default port has been changed to 10257
kubelet:
* --dynamic-config-dir has been deprecated, will not move to GA
* --cni-bin-dir has been deprecated, will be removed with dockershim
* --cni-conf-dir has been deprecated, will be removed with dockershim
* --network-plugin has been deprecated, will be removed with dockershim
https: //github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#deprecation
https: //kubernetes.io/docs/tasks/administer-cluster/reconfigure-kubelet/
https: //github.com/kubernetes/enhancements/tree/master/keps/sig-node/281-dynamic-kubelet-configuration
Change-Id: Ia996d7c14d81d1d8b8067f11c02ffb4ce90eb49a
This ps makes following changes to upgrade kubernetes from v1.17.3
to v1.18.6.
- Updated all references to k8s images to 1.18.6
- Updated command options and api object and versions based on
k8s 1.18 release notes:
https://kubernetes.io/docs/setup/release/notes/
- Uplifted uwsgi to 2.0.19.1 to align with other airship
components, and to bring in fixes and improvements.
- Added build-essentials and python3-dev packages to pass the zull
gate, which was looking for a c compiler.
Change-Id: I1160d1e6e2f02a0524043641b9296ea39edb301e
Added ntp server configuration to be used by chrony as the recommended
ntp service for ubuntu 18.04.
Since, chorny is not installed by default in ubuntu 18.04, also added
chrony apt package to be installed on airship nodes.
Change-Id: If1437a79cf89806043f62e2eac49c3b4b5eae2cd
Introduced new name for the field to define package that has files
which will be used as runtime for UCP containers.
Prepared set of yaml files as an example of containerd usage.
Prepared zuul job to use containerd in simple deployment.
Change-Id: Ifc82a505d064c4f13efccfd92ffc336a510220bf
In a recent change [0] the HostSystem schema was updated, but some of
the example files were not updated to follow this, which is currently
breaking the resiliency gate
[0] aea0c9d1e9
Change-Id: Ib87ebf27eb19ffe12c920e0c370f0b57399cd98d
Now it's possible to use hyperkube Docker image to extract hyperkube binary.
Use case for this feature is kubelet/kubectl delivery in one binary(hyperkube)
which is built into Docker image. Promenade will extract hyperkube from Docker image,
create symlinks for kubelet/kubectl pointed to hyperkube. To do so promenade container
need to be configured to use Docker on the host where this container will be created.
This is happening only for script generation for genesis node. Later when promenade
will be started as a service pod inside ucp cluster it will generate scripts for joining nodes
by using cached hyperkube from /tmp.
Old way to delivery kubelet from tarball is still supported.
Configuration for the new method.
Need to export environment variables to properly configure Docker in Docker.
Docker socket should be provided as a mounted file inside promenade.
Also need to set temporary permissions for this socket during the build scripts stage.
Example:
DOCKER_SOCK="/var/run/docker.sock"
sudo chmod o+rw $DOCKER_SOCK
export DOCKER_HOST="unix:/${DOCKER_SOCK}"
export PROMENADE_TMP="abs_path_tmp_dir_on_host"
export PROMENADE_TMP_LOCAL="tmp_dir_inside_container"
After genesis scripts generation Docker socket permission should be turned back:
sudo chmod o-rw $DOCKER_SOCK
Change-Id: Ida22ea934fc551fec34df162d8147c8b9e630330
This version fixes manifest validation [0], so a couple invalid
manifests are fixed in this patchset as well.
[0]: 32d7f1a3fc
Change-Id: I0cbdf21cf016271bef2d8a541687ce3ab28081ce
This change updates the following components in the Promenade charts,
docs, and example bootstrap configuration:
Kubernetes 1.10.11 -> 1.11.6
CoreDNS 1.1.2 -> 1.1.3 (per k8s 1.11 recommendations)
Etcd 3.2.14 -> 3.2.18 (per k8s 1.11 recommendations)
Tiller 2.10.0 -> 2.12.1 (per Helm k8s support)
This change has been tested by the Promenade resiliency gate.
Change-Id: Ia70de212dd2d50c6638578b92c750a4d5c791229
This also makes a corresponding update to the Makefile to address a bug
with which $(HELM) is being used that was exposed during local testing.
Change-Id: I08da45c1f232960c58ab482053befed83da6fdd6
These pinned versions are frequently removed from Ubuntu's repositories,
leading to broken tests. Removing them will expose us to breakage from
unexpected updates, but will avoid issues with removed packages.
Change-Id: I30bf993fa20f0054ee77eb47086a784f6d02d2ac
Update all Helm and Tiller references to 2.9.1, which has fixes
for template rendering bugs. Some references are already updated,
and this PS updates the rest.
Change-Id: Id617cc866d09f5cb3708fcf329a21bc60e17ce45
The image used to test kubectl logs in the validation scripts was hard
coded and is now configurable.
This also makes the power-up-node.sh gate script more robust by making
it wait for the node to be ready.
Change-Id: I531ca8477ac3575dd4249ab5e991881af290fa52
* Updates version references
* Increase memory of test VMs due to higher usage with bump
* Move etcd chart scripts from /tmp to /tmp/bin
* Remove certificate signing options for controller manager
* Remove -a from `kubectl get pods`, since that is deprecated in 1.10
* Shorten liveness/readiness probe times for CoreDNS
Change-Id: I16db0370f1c619e16002dd58e29025eb1538691f
This removes the reliance on coredns for APIserver discovery, allowing
a simpler configuration that is compatible with corednx 1.0.x
Change-Id: Ia3b7b5627c16ec47af6b0d6d5e8dee2674e9b1ee
This PS bumps the version of K8s used to 1.8.6 which adds:
* prometheus metrics for the PodSecurityPolicy admission controller
* Numerious scheduler fixes
* fixes for overlay2 metrics
* fixes for podSecurityPolicy
Change-Id: Ib46ea1a68c9f34f83b04976f49230ae67f811e66
Though logs are likely to be managed by log aggregation tooling such as
fluentd, it is still sometimes useful to have additional logration rules
in places as a backup. This demonstrates that capability.
Change-Id: I62faf85cd1abc04d6be6129d788932814850f4a5
* Freeze busybox version for log validation.
* Move static labels to dynamic in remaining places.
* Stop using node-role.kubernetes.io/master= label.
* Update older coredns image usage.
* Add content to plaeholder file to avoid warning.
* Add external DNS check to DNS validation check.
Change-Id: I9d0665a940ab055e6426aeca9c8e2be269e6b13a
This extends the virsh-based test tooling to both the previous, basic
example and the new "complete" example. It also removes the Vagrant
tooling.
Change-Id: I249f937e9b3eedc486e31a3d1c1ac31bcfdf0ca8