The extraction of the monolithic hyperkube binary from its container
image to be used as kubelet was last relevant in Kubernetes 1.16. Since
then, the hyperkube image has been deprecated, the structure of the
image has been changed, and it has ultimately been eliminated in
Kubernetes 1.19.
This change cleans up promenade accordingly.
Reverts the following commits:
* 886007b New CLI option to extract hyperkube
* 32a6c15 hyperkube image in promenade init
* 955deed New source for hyperkube binary definition
Change-Id: Ib62ecdf1af13abe8202a4ba4f86c39b9042ed13f
New option --extract-hyperkube to declare the way how hyperkube
will be delivered.
By default this option is disabled which means hyperkube should be
extracted before running promenade container for the first time.
When it's enabled the appropriate env vars should be set for
promenade container to be able to extract hyperkube binary from image.
Change-Id: I2c45100e1e953d859d768ec80f268bd490ce3a81
Adds an optional external_ip parameter to the prom join script API,
and to the Genesis and KubernetesNode schema.
This is used to populate the host's IP address in its /etc/hosts
file if present, according to normal hosts conventions.
If the value is not passed to prom-join or is absent from a
Genesis or KubernetesNode document, then the hosts file defaults
to the current loopback IP for the hostname (business as usual).
Change-Id: I58dc219923b18aaf9c83453b896ce509664d8766
Adds functionality to read context marker and end-user
from request headers and log that information where
available, to aid in tracing transactions that span
multiple Airship components.
Change-Id: I31c26b269ef6db9ebf44eb381eb6745ce40fc4ea
This was removed in Iccf6228ab9e6d621d3047994b3adc192d67273c9 but should
not have been as it has allowed for code format drift.
This also
* Pins the version of yapf to 0.24.0
* Fixes some drift
* Updates formatting to the version of yapf being used
Change-Id: Ie3d9fd6344a29d8ddb76a36d4a31d001a4c8b7c6
- This addresses a bug where Promenade doesn't detect some invalid
configurations during genesis script generation.
- Refactor some validation checks for performance
Change-Id: I8b39caaab04819a935b83eb544979eac333fe409
- During the genesis or join operation when /etc/hosts and
/etc/resolv.conf are controlled by Promeande, we need to
support including a domain name. This can be configured
by YAML definition or by the join-script API. To support
backward compatability use a default of 'local' when no
domain is specified.
Testing: `./tools/gate.sh resiliency` has passed locally
Change-Id: Ia0d300912d3ec25eb7f1cb9c580eaa40b5b4addb
This provides more robustness in testing and removes a nosec.
Additionally, commit 5a8b1d8 introduced a random failure in the
resiliency gate, due to there being a chance to choose the intentionally
downed node for the join ip.
Change-Id: I77b410b8e51f9d41eca2be4f5f770694140733b4
We are seeing the following error [0] while using Shipyard to run
a commit configdocs. The relevant exceptions are [1] and it is a
result of incorrect reference to method name.
The bug will be triggered when we use ext_marker. This patch set is
meant to correct that.
[0] shipyard commit configdocs
Error: Validations failed
Reason: Validation
- Error: None
Message: Promenade unable to validate configdocs
Source: Promenade
- Error: None
Message: 500 Server Error: Internal Server Error for url: http://promenade-api.ucp.svc.cluster.local:80/api/v1.0/validatedesign
Source: Promenade
[1] Exceptions messages in Promenade API pod
2018-05-14 14:56:20,147 ERROR - - - promenade.exceptions:default_exception_handler [142] Unhanded Exception being handled:
Traceback (most recent call last):
File "/usr/local/lib/python3.6/site-packages/falcon/api.py", line 201, in __call__
process_request(req, resp)
File "./promenade/control/middleware.py", line 103, in process_request
if ext_marker is not None and self.is_uuid_like(ext_marker):
AttributeError: 'ContextMiddleware' object has no attribute 'is_uuid_like'
Change-Id: I89713fbb953a46e61093c4dadaa5a752b1a81c6c
* Detect and re-use existing Certs/Keys
* Negative functional test for join with missing cert
* Positive functional test to generate cert after initial construction
* Extract some promenade test code into tools/g2/lib/promenade.sh
* Add timestamps to tar'd up files
Change-Id: Ib717785fc2c8f6cd1db1970ecdf1f5184ed40e92
This behavior can be disabled with the `leave_kubectl` query parameter
to the `join-scripts` endpoint.
Change-Id: Ia2d9d11f2e900aed0b69394de6ba30442921d5a0
Adds policy enforcement to validatedesign and adds testing for
validatedesign endpoint. Also fixes error when raising
ValidationException.
Change-Id: Ie48fc49a05f7890866d2dd3480c4d6333ef3a087
This avoids a tricky-to-debug situation where it can appear that
different labels (or even a different ip address) is applied to a host
than expected.
Change-Id: I29fc99581a85f9cd1275f5cc07dfcb1be0e98339
This PS resolves a recent issue with Deckhand in which missing
substitution sources cause Promenade to fail during genesis,
while using Deckhand to render documents. The fix involves
introducing a new flag called fail_on_missing_sub_src which
if False logs a warning rather than raises an exception
in the event that a substitution source document is missing.
Also adds better exception handling and logging around
Deckhand.
Example error:
Traceback (most recent call last):
File "/usr/local/bin/promenade", line 10, in <module>
sys.exit(promenade())
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 722, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 697, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 1066, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 895, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.6/site-packages/click/core.py", line 535, in invoke
return callback(*args, **kwargs)
File "/opt/promenade/promenade/cli.py", line 55, in genereate_certs
debug=debug, streams=config_files, substitute=True, validate=False)
File "/opt/promenade/promenade/config.py", line 49, in from_streams
return cls(documents=documents, **kwargs)
File "/opt/promenade/promenade/config.py", line 29, in __init__
documents = [dict(d) for d in deckhand_eng.render()]
File "/usr/local/lib/python3.6/site-packages/deckhand/engine/layering.py", line 485, in render
self.secrets_substitution.substitute_all(doc))
File "/usr/local/lib/python3.6/site-packages/deckhand/engine/secrets_manager.py", line 182, in substitute_all
document_name=document.name)
Depends-On: https://review.gerrithub.io/#/c/400880/
Change-Id: I4486535d4555ece54eb4d47bfb56472250f97ab4