| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Previously the installer would exit immediately after a failure by one
of the addon tests. Now, record the failure and run subsequent tests,
then exit if any fail.
Issue-ID: MULTICLOUD-1258
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I4fcad9b51b58277344de4fed0e40e87493dc3663
|
|
The intention with this change is to disable CAP_NET_RAW (which can be
a security vulnerability) for created Pods.
kubespray provides the podsecuritypolicy_enabled variable for enabling
privileged (for kube-system) and restricted (for everyone else)
policies. Enabling this requires binding the KUD_ADDONs to the
privileged policy and specifying the security context correctly for
Pods running in the default namespace.
As of this change, the only difference between the privileged and
restricted security policies is the dropping of CAP_NET_RAW in the
restricted policy. To use the default restricted policy provided with
kubespray, additional changes must be made to the Pods that are run in
the default namespace (such as runing as a non-root user, not
requesting privileged mode, etc.).
Issue-ID: MULTICLOUD-1256
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I7d6add122ad4046f9116ef03a249f5c9da1d7eec
|
|
|
|
- Replace move of ansible.cfg from kubespray distribution to
/etc/ansible with ANSIBLE_CONFIG environment variable. Ansible
modifies ansible.cfg during installation, and the paths in it are
relative.
- kubespray 2.14.1 requires a kubernetes version > 1.16. Use the
default versions of kubernetes and helm provided by kubespray
2.14.1.
- kubespray 2.14.1 replaces helm 2 with helm 3. This removes support
for helm init and helm serve. It is no longer necessary to call
helm init, and the helm serve repository is replaced with file
relative URLs. This also triggered a subsequent update of the
kubernetes-helm ansible module to include the newer helm versions.
- Add "storageType: hostPath" to etcd/values.yaml. Helm deploy of
etcd will fail without this due to nil
PersistentVolume.metadata.labels.type.
- The mitogen module used by kubespray/ansible requires python2 on the
hosts. Use the linear strategy to bypass mitogen and install
python2 on the cluster hosts.
Issue-ID: MULTICLOUD-1230
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I9f50bb4e123fdcacab6b6a97e79cd09fb5c96634
|
|
Building on the target host fixes a couple issues:
- In the containerized installer, the container image does not include
the necessary kernel headers to build the module.
- The build and target host must have the same kernel version. There
is no guarantee of this.
The deploy uses NFD, similar to the QAT playbook.
Issue-ID: MULTICLOUD-1228
Signed-off-by: Todd Malsbary <todd.malsbary@intel.com>
Change-Id: I58705b73b8ce6d381b4649d5a20b8644e51e1b13
|
|
Integrate topology manager by utilizing ansible
scripts from openness.
Issue-ID: MULTICLOUD-1102
Signed-off-by: ChenjieXu <chenjie.xu@intel.com>
Change-Id: Ibaaf77e44c97edffe1ae03bf77c2422c89783e75
|
|
|
|
Updates the kud/hosting_providers/vagrant/README.md to include
info about the ./config/samples/pdf.yml.* sample files.
Issue-ID: MULTICLOUD-1129
Change-Id: I5ab02948932d8a9e9e5a8cfc65350726183cd78d
Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
|
|
host_providers/vagrant/setup.sh -p virtualbox
update to /etc/apt/sources.list is now 'bionic' (was 'trusty')
Issue-ID: MULTICLOUD-1122
Signed-off-by: Larry Sachs <larry.j.sachs@intel.com>
Change-Id: I0cd989466bab4a571b9e18a5e666c8516b168c1d
|
|
Using "--no-cache-dir" flag in pip install ,make sure dowloaded packages
by pip don't cached on system . This is a best practise which make sure
to fetch ftom repo instead of using local cached one . Further , in case
of Docker Containers , by restricing caching , we can reduce image size.
In term of stats , it depends upon the number of python packages
multiplied by their respective size . e.g for heavy packages with a lot
of dependencies it reduce a lot by don't caching pip packages.
Further , more detail information can be found at
https://medium.com/sciforce/strategies-of-docker-images-optimization-2ca9cc5719b6
Issue-ID: MULTICLOUD-1080
Signed-off-by: Pratik Raj <rajpratik71@gmail.com>
Change-Id: Ib79fae7e69eb669e39bc3eb52373668367460ba2
|
|
|
|
Issue-ID: MULTICLOUD-1046
Change-Id: I1853e071a99702c5e6f7ba9ca819746576fd0aca
Signed-off-by: Chen, Tingjie <tingjie.chen@intel.com>
|
|
Update kubespray to 2.12 to deploy Kubernetes 1.16
Issue-ID: MULTICLOUD-1063
Signed-off-by: Yao Le <le.yao@intel.com>
Change-Id: I537f6395e5d05d8b72411dd1e0789e19972f1947
|
|
Issue-ID: MULTICLOUD-1037
Co-authored-by: yu marin <weifei.yu@intel.com>
Signed-off-by: Kuralamudhan Ramakrishnan <kuralamudhan.ramakrishnan@intel.com>
Change-Id: Id07394cc454b3660fb5f06982fea020e93b26039
|
|
Change docker version to fix kubespray issue
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Issue-ID: MULTICLOUD-1073
Change-Id: I79571677f81efbb12a963b7527d918eddaf8db1f
|
|
Openness EAA provides application/service registration
and authentication. EAA is integrated by running EAA via
ONAP4K8S.
Issue-ID: MULTICLOUD-1044
Signed-off-by: ChenjieXu <chenjie.xu@intel.com>
Change-Id: I66dffc5bcfc66675f6b62672e32496ec7f71454c
|
|
- deploy cmk related pods
- untaint compute nodes if necessary
- run cmk unit tests: allocate CPUs from exclusive and shared pools
- deploy a testing nginx pod along with cmk testing pods
- preset 1/2 CPUs for shared/exlusive pools to fit CI server machines
users can adjust the parameters to meet their own requirements
Test Results:
- many rounds of vagrant/5 VMs(controller01/02/03 and compute01/02)
based test are all OK
- 14 rounds tests on my local server (S2600WFQ (36C/72T) )and
PC(HP Z228 (4C/4T)) with all-in-one bare metal deployment are all OK
- CI(a 4C/4T machine) results of latest patch set also show that the
test of bare metal deployment is OK
- NOTE: both my local test and CI use the same testing method of calling
aio.sh after applying the latest patch set.
Change-Id: I046a4a63b94f92f23347ab76c21a661521e01119
Issue-ID: MULTICLOUD-879
Signed-off-by: Liang Ding <liang.ding@intel.com>
|
|
|
|
The /tmp will refresh after reboot, so change it to &HOME
Issue-ID: MULTICLOUD-1050
Signed-off-by: Yao Le <le.yao@intel.com>
Change-Id: I47a030b0e33f48c653b21d81d52f7cf717b6d34f
|
|
Fix bug ICN-260 KUD Multi Vagrant 18.04 issue
Fix bug ICN-303 Compute01 no spcae left in KUD Multi Vagrant
Fix bug ICN-285 Nameserver issues behind a proxy
Issue-ID: MULTICLOUD-1004
Signed-off-by: Yao Le <le.yao@intel.com>
Change-Id: I9e5c6c0e618ebd63babe650f06ca21ff10669cc4
|
|
|
|
This reverts commit f802b87c1d3caecc74789d435358d4f8ff2555a3.
Reason for revert: Will rebuild with Nameserver issue solved
Issue-ID: MULTICLOUD-1004
Change-Id: Ieafee94e4fe909c30ef8a4167d242f40e114d767
Signed-off-by: Yao Le <le.yao@intel.com>
|
|
Fix bug ICN-260 KUD Multi Vagrant 18.04 issue
Fix bug ICN-303 Compute01 no spcae left in KUD Multi Vagrant
Issue-ID: MULTICLOUD-1004
Signed-off-by: Yao Le <le.yao@intel.com>
Change-Id: Ic74d4ec2c9ae4bbe42c71f13380f779f842e496d
|
|
|
|
|
|
Basic working skeleton. Adding install script
adding vars and updated the playbook. Working on Kernel
mode updates and driver installation. Removing SRIOV vars
Adding script to change the SSL value for 2 kinds of config files.
Updating daemonset image. Adding prereq packages for qat.
Minor edits for bashate.Adding testcase and conditions to
Ansible tasks for clean, uninstall and install the driver.
Updating the plays to use templating.
Adding qat-kernel mode test case.
Signed-off-by: akhilakishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-860
Change-Id: I5ad99e7211c859dc3cb054df644edd3fa77b2596
|
|
Adding sudo to setup for VM based deployment.
Additionally adding the link to Vagrant
documentation for CLI.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-908
Change-Id: I1af5b1c4e201ad4363a8fae1004189e55c514261
|
|
This script offers means to cleanup, Docker and
Ansible and their configurations.
Updated the script to use docker go templating as
opposed to regex for docker operations. Further
modified the script to include if/else for
docker operations for better code readability.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-981
Change-Id: Ia6484ebb039daf0b1cb8e698fa7bfa758eeaa568
|
|
Currently we face issue with VM based deployment causing
vagrant up to fail and quit abruptly.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-974
Change-Id: I9a9e28357f1f56d17643d8f2a31f4cdca70fb456
|
|
Remove no longer public jonathonf ppa
Issue-ID: CIMAN-359
Signed-off-by: Marcus G K Williams <marcus.williams@intel.com>
Change-Id: I12a24a28914654127e3bd27e7814b42ecd897ca1
|
|
Issue-ID: MULTICLOUD-474
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: I77709f4b05d7501fa6faf41187fbe0bf6e189b3b
|
|
Testing_enabled: true in the installer script, causes
the test cases to run immediately after the playbook even before
the pods are completely up. Causing some of the test cases to fail.
Making sure, the test cases run only after all of playbooks
have finished running. Correcting the identation
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-904
Change-Id: Ieec33f46301d7c8d9cb36ac5f32caefca2981804
|
|
Issue-ID: MULTICLOUD-900
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: Ibacec8deafa5f1fd9ded5822236db730fedddc82
|
|
|
|
|
|
Integrating SRIOV as an add-on to KuD. A device
should have X700 series NIC for this Add-on to work.
Getting the device driver, build and installing it is
a part of this patch. Followed by running the SRIOV CNI
Daemonset, and NetworkAttachmentDefinition.
Reworked the way SRIOV check happens.
Previously ran on installer.sh.
Now the script is injected into kube-nodes and playbook will run
only if the hardware check is true by creating a conf file.
Removed unwanted comments and nit changes.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-832
Change-Id: I1701a50bc717ddca0d332d6a42d329eaf4c03820
|
|
Removed not needed packages for 18.04 for
OVN, updated the vagrant image to 18.04
and added some needed apt packages
Issue-ID: MULTICLOUD-474
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: I82550f8e58371af1c2476540c6b864384c450967
|
|
Seeing intermittent issues with DNS failing
on KUD. Disabling node local DNS for now as
a possible workaround. This can be enabled
once other issues a isolated.
Issue-ID: MULTICLOUD-861
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: I502f1a41651cb9b7f284f6be36a752d302777703
|
|
Issue-ID: MULTICLOUD-454
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Change-Id: I779971c21aac6e27a7f8fcafc708c4a70438f823
|
|
Current NFD code in KuD is unused and obsolete.
Integrating NFD as DaemonSet and updating test case for NFD.
Added comments. Addressed comments and changed the
matchExpression to kernel features. Changed operator from "In" to Gt,
and values 4 to 3 better fit broader spectrum of O.S's.
Adding exit conditon in case there's an error status.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-797
Change-Id: I454fb1998fc84e5f0d566f32b7dcfd85872c5183
|
|
Updating Kubespray version from 2.8.2 to 2.10.4 for KuD offline
support and integration with new add-ons in future.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-772
Change-Id: I4b7887aae359cd6197e696010acde6e204c41931
|
|
This reverts commit 5f760c3fb7d0e74833b1a2137e6ff3dadc71b2f5.
Issue-ID: MULTICLOUD-772
Change-Id: I6feffd87545195992fb28e98dcee4038d9b08474
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
|
|
Updating Kubespray version from 2.8.2 to 2.10.4 for KuD offline
support and integration with new add-ons in future.
Signed-off-by: Akhila Kishore <akhila.kishore@intel.com>
Issue-ID: MULTICLOUD-772
Change-Id: Ib1263e86adb9815e1ee56038507a3c092aad1feb
|
|
This test checks vFW lifecycle using the k8splugin.
Issue-ID: MULTICLOUD-708
Change-Id: I46d47e64562d75d8b1f7552fc073b1e59efa443e
Signed-off-by: Ritu Sood <ritu.sood@intel.com>
Co-authored-by: Konrad Bańka <k.banka@samsung.com>
|
|
Issue-ID: MULTICLOUD-686
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: I02724ca72a217cbb5be8cfee5edf136f4bf8ce2c
|
|
Issue-ID: MULTICLOUD-685
Change-Id: I62199f64da360627a13c467139a39430ae389167
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
|
|
|
|
installer.sh script is configuring ovn-central address <ip>:<port>
to environment variable.
Ip address is detected from the ovn-central host through ansible
by grepping ifconfig output, but in this step detected network
interface is hard-coded in the code to be "eth1".
This commit makes network interface configurable in aio/vagrant
deployment.
Issue-ID: MULTICLOUD-621
Change-Id: Icbe22ffdcb45c5f16067ea609eec76fb70c0ea78
Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com>
|
|
* changes:
Remove the requirement to run aio.sh as root
Documentation update for aio.sh CI change
|
Todd Malsbary
Ritu Sood
chenjie1
Larry Sachs
Pratik Raj
Huang Haibin
Chen, Tingjie
Yao Le
Kuralamudhan Ramakrishnan
Liang Ding
akhilakishore
Marcus G K Williams
Konrad Bańka
Kiran Kamineni
Samuli Silvius
Bin Yang