Hello community, here is the log from the commit of package velum for openSUSE:Factory checked in at 2018-05-22 17:02:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/velum (Old) and /work/SRC/openSUSE:Factory/.velum.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "velum" Tue May 22 17:02:49 2018 rev:28 rq:611201 version:4.0.0+dev+git_r779_59c041df8d903e1d017edbdd1063c3f76492b733 Changes: -------- --- /work/SRC/openSUSE:Factory/velum/velum.changes 2018-05-13 16:06:27.967265089 +0200 +++ /work/SRC/openSUSE:Factory/.velum.new/velum.changes 2018-05-22 17:02:51.790257953 +0200 @@ -1,0 +2,177 @@ +Tue May 22 07:46:07 UTC 2018 - [email protected] + +- Commit a660c5b by Vítor Avelino [email protected] + js: removal of pending acceptance state + + We are storing the minion id in session storage while it goes under pending + acceptance state. However we were not handling its removal if the acceptance + succeeded or if an error happened after the request. + + This patch fixes those scenarios avoiding unwanted user experiences. + + bsc#1093869 + + Signed-off-by: Vítor Avelino <[email protected]> + + +------------------------------------------------------------------- +Mon May 21 10:20:44 UTC 2018 - [email protected] + +- Commit 5312422 by Vítor Avelino [email protected] + ui: show kubectl config download link on auth page + + Some people that are not the admin user need the kubectl config file. This + link is only accessible in the dashboard page. + + This patch shows s a link on for anonymous users on the authentication page. + + bsc#1093528 + + Signed-off-by: Vítor Avelino <[email protected]> + + +------------------------------------------------------------------- +Mon May 21 10:18:32 UTC 2018 - [email protected] + +- Commit dc2884b by Flavio Castelli [email protected] + Allow override of CNI related pillars + + Make Velum aware of some pillars related with CNI/cilium. That makes possible + to switch to cilium. + + No UI is needed for that right now. + + feature#cilium-selected-preview-on-v3 + + +------------------------------------------------------------------- +Sat May 19 13:24:37 UTC 2018 - [email protected] + +- Commit 7af7b29 by Flavio Castelli [email protected] + Provide UI to manage kubernetes auditing + + feature#auditing fate#325337 + + +------------------------------------------------------------------- +Fri May 18 18:08:45 UTC 2018 - [email protected] + +- Commit 9c31386 by Florian Bergmann [email protected] + Redirect to registry page instead of mirror when editing a registry. + + +------------------------------------------------------------------- +Thu May 17 13:45:32 UTC 2018 - [email protected] + +- Commit 4e4eaff by Maximilian Meister [email protected] + drop some css that overwrites bootstrap button defaults + + ui#css-enhancements + + Signed-off-by: Maximilian Meister <[email protected]> + + Commit b3251e6 by Maximilian Meister [email protected] + emphasize settings apply workflow + + the warning that any changes are not immediately applied should be more + visible + + a blue flash message background with a blue button is not visible enough + + settings-ui#apply + + Signed-off-by: Maximilian Meister <[email protected]> + + +------------------------------------------------------------------- +Thu May 17 07:52:15 UTC 2018 - [email protected] + +- Commit 99550aa by Flavio Castelli [email protected] + Allow users to choose flannel's backend + + Starting with v3 we changed the default flannel backend from UDP to VXLAN. + + The VXLAN backend does not work when users have segmented networks, while the + UDP one does. + + The salt states are already capable of switching between the two backends, we + just needed to expose the right pillars from Velum. + + This commit changes the setup UI to allow users to choose the backend of and + the port used by flannel. + + feature#flannel-backend + + Signed-off-by: Flavio Castelli <[email protected]> + + +------------------------------------------------------------------- +Wed May 16 12:55:09 UTC 2018 - [email protected] + +- Commit 95ecd9e by Rafael Fernández López [email protected] + Mark admin as updated when we are going to reboot it + + This ensures that when the admin is back, the status of the minion on the + database will match the grains from the very beginning, without having to + rely on the background task updating all minions (including the admin) update + status. + + Fixes: bsc#1092910 + + +------------------------------------------------------------------- +Tue May 15 13:11:28 UTC 2018 - [email protected] + +- Commit 546b96a by Maximilian Meister [email protected] + validate pillars + + dont allow whitespaces at the beginning and at the end + + bsc#1087447 + + Signed-off-by: Maximilian Meister <[email protected]> + + Commit 878dde3 by Maximilian Meister [email protected] + dont thrown away errors when applying pillars + + bsc#1087447 + + Signed-off-by: Maximilian Meister <[email protected]> + + +------------------------------------------------------------------- +Tue May 15 12:52:02 UTC 2018 - [email protected] + +- Commit 3678b52 by Flavio Castelli [email protected] + Handle kubelet resource reservations + + Allow users to specify the compute resource reservations for the `kube` and + the `system` components. + + This is going to be done by using a new page available under the `settings` + section. + + This is required to address bsc#1086185 + + +------------------------------------------------------------------- +Tue May 15 09:33:52 UTC 2018 - [email protected] + +- Commit 4ec7dba by Maximilian Meister [email protected] + rebase patch + + it got wrongly rebased in #502 + + fix#patch + + Signed-off-by: Maximilian Meister <[email protected]> + + +------------------------------------------------------------------- +Tue May 15 00:53:34 UTC 2018 - [email protected] + +- Commit 8b75d9f by Kiall Mac Innes [email protected] + Add Housekeeping Job + + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ velum.spec ++++++ --- /var/tmp/diff_new_pack.L1hqKR/_old 2018-05-22 17:02:52.326238448 +0200 +++ /var/tmp/diff_new_pack.L1hqKR/_new 2018-05-22 17:02:52.330238301 +0200 @@ -23,7 +23,7 @@ # Version: 1.0.0 # %%define branch 1.0.0 -Version: 4.0.0+dev+git_r754_6c7835c7a3cc0999ebebf57517c32bf35bbd8bd0 +Version: 4.0.0+dev+git_r779_59c041df8d903e1d017edbdd1063c3f76492b733 Release: 0 %define branch master Summary: Dashboard for CaasP @@ -96,7 +96,7 @@ %description velum is the dashboard for CaasP to manage and deploy kubernetes clusters on top of MicroOS -This package has been built with commit 6c7835c7a3cc0999ebebf57517c32bf35bbd8bd0 from branch master on date Fri, 11 May 2018 12:59:37 +0000 +This package has been built with commit 59c041df8d903e1d017edbdd1063c3f76492b733 from branch master on date Tue, 22 May 2018 07:45:26 +0000 %prep %setup -q -n velum-%{branch} ++++++ 0_set_default_salt_events_alter_time_column_value.rpm.patch ++++++ --- /var/tmp/diff_new_pack.L1hqKR/_old 2018-05-22 17:02:52.350237574 +0200 +++ /var/tmp/diff_new_pack.L1hqKR/_new 2018-05-22 17:02:52.354237428 +0200 @@ -1,8 +1,8 @@ diff --git a/db/schema.rb b/db/schema.rb -index b8392cd..6061543 100644 +index 1275187..9eb6291 100644 --- a/db/schema.rb +++ b/db/schema.rb -@@ -95,7 +95,7 @@ ActiveRecord::Schema.define(version: 20180427014552) do +@@ -106,7 +106,7 @@ ActiveRecord::Schema.define(version: 20180508070232) do create_table "salt_events", force: :cascade do |t| t.string "tag", limit: 255, null: false t.text "data", limit: 16777215, null: false @@ -11,12 +11,12 @@ t.string "master_id", limit: 255, null: false t.datetime "taken_at" t.datetime "processed_at" -@@ -113,7 +113,7 @@ ActiveRecord::Schema.define(version: 20180427014552) do +@@ -135,7 +135,7 @@ ActiveRecord::Schema.define(version: 20180508070232) do t.string "id", limit: 255, null: false t.string "success", limit: 10, null: false t.text "full_ret", limit: 16777215, null: false - t.datetime "alter_time", null: false + t.column "alter_time", "DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP" end - + add_index "salt_returns", ["fun"], name: "fun", using: :btree ++++++ master.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/Jenkinsfile.housekeeping new/velum-master/Jenkinsfile.housekeeping --- old/velum-master/Jenkinsfile.housekeeping 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/Jenkinsfile.housekeeping 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,5 @@ +def targetBranch = env.getEnvironment().get('CHANGE_TARGET', env.BRANCH_NAME) + +library "kubic-jenkins-library@${targetBranch}" + +coreKubicProjectHousekeeping() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/assets/javascripts/dashboard/dashboard.js new/velum-master/app/assets/javascripts/dashboard/dashboard.js --- old/velum-master/app/assets/javascripts/dashboard/dashboard.js 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/assets/javascripts/dashboard/dashboard.js 2018-05-22 09:45:37.000000000 +0200 @@ -181,6 +181,9 @@ updateAvailable = true; updateAvailableNodeCount++; } + + // removes node from the pending acceptance state in the browser + removePendingAcceptance(minions[i].minion_id); } $(".nodes-container tbody").html(rendered); @@ -479,11 +482,32 @@ sessionStorage.removeItem(minionId); } -function requestMinionApproval(selector) { +function requestMinionApproval(selector, minionIds) { + var $alert = $('.failed-acceptance-alert'); + var error = 'Failed to accept all nodes. Please try again.'; + + // normalize input + if (!Array.isArray(minionIds)) { + error = 'Failed to accept ' + minionIds + ' node. Please try again.'; + minionIds = [minionIds]; + } + + // set pending acceptance + $.each(minionIds, function(_, id) { + setPendingAcceptance(id); + }); + + $alert.remove(); $.ajax({ url: '/accept-minion.json', method: 'POST', data: { minion_id: selector } + }).error(function () { + $alert.remove(); + showAlert(error, 'alert', 'failed-acceptance-alert'); + $.each(minionIds, function (_, id) { + removePendingAcceptance(id); + }); }); } @@ -499,18 +523,18 @@ e.preventDefault(); $btn.prop('disabled', true); - $acceptLinks.each(function(_, el) { - setPendingAcceptance(el.dataset.minionId); + var minionIds = $.map($acceptLinks, function(el) { + return el.dataset.minionId; }); - requestMinionApproval('*'); + + requestMinionApproval('*', minionIds); }); $('body').on('click', '.accept-minion', function(e) { var minionId = $(this).data('minionId'); e.preventDefault(); - setPendingAcceptance(minionId); - requestMinionApproval(minionId); + requestMinionApproval(minionId, minionId); checkAcceptAllAvailability(); }); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/assets/stylesheets/components/header.scss new/velum-master/app/assets/stylesheets/components/header.scss --- old/velum-master/app/assets/stylesheets/components/header.scss 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/assets/stylesheets/components/header.scss 2018-05-22 09:45:37.000000000 +0200 @@ -12,6 +12,9 @@ margin-right: -$grid-gutter-width/2; padding-left: $grid-gutter-width/2; padding-right: $grid-gutter-width/2; + position: fixed; + width: inherit; + z-index: 99; .navbar-toggle { border-color: $velum-navbar-toggle-color; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/assets/stylesheets/velum_bootstrap-variables.sass new/velum-master/app/assets/stylesheets/velum_bootstrap-variables.sass --- old/velum-master/app/assets/stylesheets/velum_bootstrap-variables.sass 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/assets/stylesheets/velum_bootstrap-variables.sass 2018-05-22 09:45:37.000000000 +0200 @@ -21,7 +21,6 @@ $brand-success: #04a36f // $brand-info: #5bc0de // $brand-warning: #f0ad4e -$brand-warning: #d9534f // $brand-danger: #d9534f @@ -182,9 +181,7 @@ // $btn-warning-color: #fff // $btn-warning-bg: $brand-warning -$btn-warning-bg: $brand-warning // $btn-warning-border: darken($btn-warning-bg, 5%) -$btn-warning-border: #d43f3a // $btn-danger-color: #fff // $btn-danger-bg: $brand-danger diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/assets/stylesheets/velum_general.scss new/velum-master/app/assets/stylesheets/velum_general.scss --- old/velum-master/app/assets/stylesheets/velum_general.scss 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/assets/stylesheets/velum_general.scss 2018-05-22 09:45:37.000000000 +0200 @@ -79,4 +79,8 @@ } } +.content-wrapper { + margin-top: 60px; +} + @import 'pages/**/*'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/application_controller.rb new/velum-master/app/controllers/application_controller.rb --- old/velum-master/app/controllers/application_controller.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/controllers/application_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -22,7 +22,8 @@ # setup means the setup phase was completed def setup_done? - Pillar.exists? pillar: Pillar.all_pillars[:apiserver] + Pillar.exists?(pillar: [Pillar.all_pillars[:apiserver], + Pillar.all_pillars[:dashboard_external_fqdn]]) end def accessible_hosts diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/internal_api/v1/pillars_controller.rb new/velum-master/app/controllers/internal_api/v1/pillars_controller.rb --- old/velum-master/app/controllers/internal_api/v1/pillars_controller.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/controllers/internal_api/v1/pillars_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -8,6 +8,8 @@ cloud_framework_contents ).merge( cloud_provider_contents + ).merge( + kubelet_contents ) end @@ -129,5 +131,25 @@ } } end + + def kubelet_contents + reservations = {} + KubeletComputeResourcesReservation.all.each do |r| + reservations[r.component] = { + cpu: r.cpu, + memory: r.memory, + "ephemeral-storage" => r.ephemeral_storage + } + end + + eviction_hard = Pillar.find_or_initialize_by(pillar: "kubelet:eviction-hard") + + { + kubelet: { + "compute-resources" => reservations, + "eviction-hard" => eviction_hard.value || "" + } + } + end end # rubocop:enable Metrics/ClassLength diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/settings/auditing_controller.rb new/velum-master/app/controllers/settings/auditing_controller.rb --- old/velum-master/app/controllers/settings/auditing_controller.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/controllers/settings/auditing_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,44 @@ +# Settings::Auditing is responsibe to manage all the requests +# related to the kubernetes auditing feature. +class Settings::AuditingController < SettingsController + def index + set_instance_variables + end + + def create + @errors = Pillar.apply audit_params + if @errors.empty? + redirect_to settings_auditing_index_path, + notice: "Auditing settings successfully saved." + else + set_instance_variables + render action: :index, status: :unprocessable_entity + end + end + + private + + def set_instance_variables + @audit_enabled = Pillar.value(pillar: :api_audit_log_enabled) || "false" + @maxsize = Pillar.value(pillar: :api_audit_log_maxsize) || 10 + @maxage = Pillar.value(pillar: :api_audit_log_maxage) || 15 + @maxbackup = Pillar.value(pillar: :api_audit_log_maxbackup) || 20 + @policy = Pillar.value(pillar: :api_audit_log_policy) || "" + end + + def audit_params + ret = {} + params.require( + :audit + ).permit( + :enabled, + :maxage, + :maxsize, + :maxbackup, + :policy + ).each do |k, v| + ret["api_audit_log_#{k}".to_sym] = v + end + ret + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/settings/kubelet_compute_resources_reservations_controller.rb new/velum-master/app/controllers/settings/kubelet_compute_resources_reservations_controller.rb --- old/velum-master/app/controllers/settings/kubelet_compute_resources_reservations_controller.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/controllers/settings/kubelet_compute_resources_reservations_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,78 @@ +# Settings::KubeletComputeResourcesReservations is responsibe to manage all the requests +# related to the kubelet compute resources reservations feature. +class Settings::KubeletComputeResourcesReservationsController < SettingsController + def index + @kube_reservations = KubeletComputeResourcesReservation.find_or_initialize_by( + component: "kube" + ) + @system_reservations = KubeletComputeResourcesReservation.find_or_initialize_by( + component: "system" + ) + @eviction_hard = Pillar.find_or_initialize_by(pillar: "kubelet:eviction-hard") + end + + def create + @kube_reservations = KubeletComputeResourcesReservation.find_or_initialize_by( + component: "kube" + ) + @system_reservations = KubeletComputeResourcesReservation.find_or_initialize_by( + component: "system" + ) + + @kube_reservations.update_attributes(kube_reservation_params) + @system_reservations.update_attributes(system_reservation_params) + @eviction_hard = Pillar.find_or_initialize_by(pillar: "kubelet:eviction-hard") + + ActiveRecord::Base.transaction do + @kube_reservations.save! + @system_reservations.save! + + if eviction_hard_param.blank? + @eviction_hard.destroy + @eviction_hard = Pillar.find_or_initialize_by(pillar: "kubelet:eviction-hard") + else + @eviction_hard.value = eviction_hard_param + @eviction_hard.save! + end + end + + redirect_to settings_kubelet_compute_resources_reservations_path, + notice: "kubelet resource reservations successfully saved." + rescue ActiveRecord::RecordInvalid + render action: :index, status: :unprocessable_entity + end + + private + + def kube_reservation_params + ret = {} + params.require( + :kubelet_compute_resources_reservations + ).permit( + :kube_cpu, + :kube_memory, + :kube_ephemeral_storage + ).each do |k, v| + ret[k.gsub("kube_", "")] = v + end + ret + end + + def system_reservation_params + ret = {} + params.require( + :kubelet_compute_resources_reservations + ).permit( + :system_cpu, + :system_memory, + :system_ephemeral_storage + ).each do |k, v| + ret[k.gsub("system_", "")] = v + end + ret + end + + def eviction_hard_param + params["kubelet_compute_resources_reservations"]["eviction_hard"] + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/setup_controller.rb new/velum-master/app/controllers/setup_controller.rb --- old/velum-master/app/controllers/setup_controller.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/controllers/setup_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -49,6 +49,10 @@ @cloud_openstack_lb_mon_retries = Pillar.value(pillar: :cloud_openstack_lb_mon_retries) || "3" @cloud_openstack_bs_version = Pillar.value(pillar: :cloud_openstack_bs_version) || "v2" + # flannel settings + @flannel_backend = Pillar.value(pillar: :flannel_backend) || "vxlan" + @flannel_port = Pillar.value(pillar: :flannel_port) || "8472" + # container runtime setting @cri = Pillar.value(pillar: :container_runtime) || "docker" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/controllers/updates_controller.rb new/velum-master/app/controllers/updates_controller.rb --- old/velum-master/app/controllers/updates_controller.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/controllers/updates_controller.rb 2018-05-22 09:45:37.000000000 +0200 @@ -6,6 +6,9 @@ # Reboot the admin node. def create + # rubocop:disable SkipsModelValidations + Minion.admin.update_all highstate: Minion.highstates[:applied] + # rubocop:enable SkipsModelValidations ::Velum::Salt.call( action: "cmd.run", targets: "admin", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/helpers/application_helper.rb new/velum-master/app/helpers/application_helper.rb --- old/velum-master/app/helpers/application_helper.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/helpers/application_helper.rb 2018-05-22 09:45:37.000000000 +0200 @@ -15,6 +15,15 @@ Pillar.exists? pillar: Pillar.all_pillars[:apiserver] end + def can_download_kubeconfig? + masters_applied_count = Minion.where(role: Minion.roles[:master], + highstate: Minion.highstates[:applied]).count + masters_count = Minion.where(role: Minion.roles[:master]).count + masters_applied = masters_count == masters_applied_count + + setup_done? && masters_applied + end + def active_class?(path_or_bool) case path_or_bool when String diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/helpers/settings_helper.rb new/velum-master/app/helpers/settings_helper.rb --- old/velum-master/app/helpers/settings_helper.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/helpers/settings_helper.rb 2018-05-22 09:45:37.000000000 +0200 @@ -12,6 +12,14 @@ request.fullpath.starts_with?(settings_registry_mirrors_path) end + def settings_kubelet_compute_resources_reservations_path? + request.fullpath.starts_with?(settings_kubelet_compute_resources_reservations_path) + end + + def settings_auditing_index_path? + request.fullpath.starts_with?(settings_auditing_index_path) + end + def registries_options_for_select registries = Registry.suse + Registry.displayable registries_for_options = registries.collect { |r| [r.name, r.id] } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/models/kubelet_compute_resources_reservation.rb new/velum-master/app/models/kubelet_compute_resources_reservation.rb --- old/velum-master/app/models/kubelet_compute_resources_reservation.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/models/kubelet_compute_resources_reservation.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,20 @@ +# KubeletComputeResourcesReservation represents the pillar values +# used to configure kubelet resource reservations. +class KubeletComputeResourcesReservation < ApplicationRecord + BYTES_REGEX = /\A(\d+(e\d+)?([EPTGMK]i?)?)?\z/ + + validates :component, inclusion: { + in: %w[kube system], message: "%<value>s is not a valid component" + } + validates :cpu, format: { + with: /\A(\d+(\.\d+|m))?\z/, message: "%<value>s format invalid" + } + + validates :memory, format: { + with: BYTES_REGEX, message: "%<value>s format invalid" + } + + validates :ephemeral_storage, format: { + with: BYTES_REGEX, message: "%<value>s format invalid" + } +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/models/pillar.rb new/velum-master/app/models/pillar.rb --- old/velum-master/app/models/pillar.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/models/pillar.rb 2018-05-22 09:45:37.000000000 +0200 @@ -26,6 +26,10 @@ cluster_cidr_min: "cluster_cidr_min", cluster_cidr_max: "cluster_cidr_max", cluster_cidr_len: "cluster_cidr_len", + flannel_backend: "flannel:backend", + flannel_port: "flannel:port", + cni_plugin: "cni:plugin", + cilium_image: "cilium:image", services_cidr: "services_cidr", api_cluster_ip: "api:cluster_ip", dns_cluster_ip: "dns:cluster_ip", @@ -51,7 +55,12 @@ cloud_framework: "cloud:framework", cloud_provider: "cloud:provider", kubernetes_feature_gates: "kubernetes:feature_gates", - container_runtime: "cri:chosen" + container_runtime: "cri:chosen", + api_audit_log_enabled: "api:audit:log:enabled", + api_audit_log_maxsize: "api:audit:log:maxsize", + api_audit_log_maxage: "api:audit:log:maxage", + api_audit_log_maxbackup: "api:audit:log:maxbackup", + api_audit_log_policy: "api:audit:log:policy" } end @@ -114,8 +123,8 @@ Pillar.all_pillars.each do |key, pillar_key| next if !unprotected_pillars.include?(key) && pillars[key].blank? - set_pillar key: key, pillar_key: pillar_key, value: pillars[key], - required_pillars: required_pillars, errors: errors + errors = set_pillar key: key, pillar_key: pillar_key, value: pillars[key], + required_pillars: required_pillars, errors: errors end errors @@ -125,18 +134,20 @@ def set_pillar(key:, pillar_key:, value:, required_pillars:, errors:) optional_pillars = Pillar.all_pillars.keys - required_pillars + value_ = value.to_s.strip # The following pillar keys can be blank, delete them if they are. - if optional_pillars.include?(key) && value.blank? + if optional_pillars.include?(key) && value_.blank? Pillar.destroy_all pillar: pillar_key else pillar = Pillar.find_or_initialize_by(pillar: pillar_key).tap do |pillar_| - pillar_.value = value + pillar_.value = value_ end unless pillar.save exp = pillar.errors.empty? ? "" : ": #{pillar.errors.messages[:value].first}" errors << "'#{key}' could not be saved#{exp}." end end + errors end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/dashboard/index.html.slim new/velum-master/app/views/dashboard/index.html.slim --- old/velum-master/app/views/dashboard/index.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/dashboard/index.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -52,9 +52,9 @@ .panel-heading h3.panel-title Nodes - = link_to kubectl_config_path, id: "download-kubeconfig", class: "btn btn-sm btn-default pull-right", disabled: true do + = link_to kubeconfig_path, id: "download-kubeconfig", class: "btn btn-sm btn-default pull-right", disabled: true do i.fa.fa-download.fa-fw - | kubectl config + | kubeconfig = link_to orchestrations_bootstrap_path, method: :post, id: "retry-cluster-bootstrap", class: "hidden btn btn-sm btn-primary pull-right" do i.fa.fa-refresh.fa-fw diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/devise/sessions/new.html.slim new/velum-master/app/views/devise/sessions/new.html.slim --- old/velum-master/app/views/devise/sessions/new.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/devise/sessions/new.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -12,6 +12,11 @@ | Don't have an account? a.btn.btn-default[href="/users/sign_up"] | Create an account + - if can_download_kubeconfig? + p + | Do you need the kubeconfig file? + = link_to kubeconfig_path, id: "download-kubeconfig", class: "btn btn-default" do + | Download kubeconfig .col-sm-4.col-sm-offset-1 h2.Raleway-font | Log In diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/layouts/application.html.slim new/velum-master/app/views/layouts/application.html.slim --- old/velum-master/app/views/layouts/application.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/layouts/application.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -18,7 +18,7 @@ body class="#{yield :body_class}" .container = render :partial => "shared/header" - .row + .row.content-wrapper .col-xs-12.alerts-container = render :partial => "shared/notifications" .row diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/layouts/settings.html.slim new/velum-master/app/views/layouts/settings.html.slim --- old/velum-master/app/views/layouts/settings.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/layouts/settings.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -20,7 +20,7 @@ .container = render partial: "shared/header" - .row + .row.content-wrapper .settings-sidebar = render partial: "settings/sidebar" .col-xs-12.settings-content diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/_apply.html.slim new/velum-master/app/views/settings/_apply.html.slim --- old/velum-master/app/views/settings/_apply.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/settings/_apply.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -1,6 +1,6 @@ -.alert.alert-info.alert-with-btn-sm.clearfix role="alert" +.alert.alert-warning.alert-with-btn-sm.clearfix role="alert" .left | Changes are not immediately reflected. You might want to apply it. .right - = button_to "Apply changes", settings_apply_path, class: "btn btn-info btn-sm pull-right" + = button_to "Apply changes", settings_apply_path, class: "btn btn-danger btn-sm pull-right" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/_sidebar.html.slim new/velum-master/app/views/settings/_sidebar.html.slim --- old/velum-master/app/views/settings/_sidebar.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/settings/_sidebar.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -4,4 +4,10 @@ li class="#{active_class?(settings_registries_path?)}" = link_to "Remote Registries", settings_registries_path li class="#{active_class?(settings_registry_mirrors_path?)}" - = link_to "Mirrors", settings_registry_mirrors_path \ No newline at end of file + = link_to "Mirrors", settings_registry_mirrors_path + h5.title Kubernetes + ul.list + li class="#{active_class?(settings_kubelet_compute_resources_reservations_path?)}" + = link_to "Compute Resources Reservations", settings_kubelet_compute_resources_reservations_path + li class="#{active_class?(settings_auditing_index_path?)}" + = link_to "Auditing", settings_auditing_index_path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/auditing/index.html.slim new/velum-master/app/views/settings/auditing/index.html.slim --- old/velum-master/app/views/settings/auditing/index.html.slim 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/views/settings/auditing/index.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,62 @@ += render 'settings/apply' + +.alert.alert-warning role='alert' + p Warning: Entering invalid values for any of the following settings will cause + the nodes to enter into a broken state. + +h2 Auditing + +p Enable Kubernetes auditing feature to keep track of the activities that + affected the cluster. + += form_for :audit, url: settings_auditing_index_path, method: :post do |f| + .panel.panel-default + + .panel-heading + h3.panel-title Log backend + .panel-body + p + | All the audit events will be logged to the + code + | /var/log/kube-apiserver/audit.log + | file on the Kubernetes master node(s). + p From there the user can use a data collector software like fluentd or + logstash to collect and distribute the events. + + .form-group + = f.label :enabled, "Enable auditing" + br + .btn-group.btn-group-toggle.enable-auditing-btn-group data-toggle="buttons" + = label_tag :enabled, nil, class: "btn btn-default #{'btn-primary active' if @audit_enabled == "true"}" + = f.radio_button :enabled, "true", checked: @audit_enabled == "true" + | Enabled + = label_tag :enabled, nil, class: "btn btn-default #{'btn-primary active' if @audit_enabled == "false"}" + = f.radio_button :enabled, "false", checked: @audit_enabled == "false" + | Disabled + + .form-group + = f.label :maxsize, "Max size" + = f.text_field :maxsize, value: @maxsize, class: "form-control", 'aria-describedby' => 'maxsize_help' + small.form-text.text-muted#maxsize_help + | Maximum size in megabytes of the audit log file before it gets rotated + + .form-group + = f.label :maxage, "Max age" + = f.text_field :maxage, value: @maxage, class: "form-control", 'aria-describedby' => 'maxage_help' + small.form-text.text-muted#maxage_help + | Maximum number of days to retain old audit log files + + .form-group + = f.label :maxbackup, "Max backup" + = f.text_field :maxbackup, value: @maxbackup, class: "form-control", 'aria-describedby' => 'maxbackup_help' + small.form-text.text-muted#maxbackup_help + | Maximum number of audit log files to retain + + .form-group + = f.label :policy, "Policy" + = f.text_area :policy, class: "form-control", value: @policy, 'aria-describedby' => 'policy_help', rows: 20 + small.form-text.text-muted#policy_help + | The YAML file defining the auditing policy rules + + .clearfix.text-right.steps-container + = submit_tag "Save", id: "save", class: "btn btn-primary pull-right" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/kubelet_compute_resources_reservations/_resources.html.slim new/velum-master/app/views/settings/kubelet_compute_resources_reservations/_resources.html.slim --- old/velum-master/app/views/settings/kubelet_compute_resources_reservations/_resources.html.slim 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/views/settings/kubelet_compute_resources_reservations/_resources.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,34 @@ +.form-group + = f.label :cpu, "CPU" + = f.text_field "#{reservation.component}_cpu", value: reservation.cpu, class: 'form-control', 'aria-describedby' => "#{reservation.component}_cpu_help" + small.form-text.text-muted id="#{reservation.component}_cpu_help" + | The amount of CPU units to reserve, as a decimal number or in "millicores" (e.g. + code 100m + | , + code 0.1 + | ). Leave empty for no CPU reservation. + +.form-group + = f.label :memory, "Memory" + = f.text_field "#{reservation.component}_memory", value: reservation.memory, class: "form-control", 'aria-describedby' => "#{reservation.component}_memory_help" + small.form-text.text-muted id="#{reservation.component}_memory_help" + | The amount of memory to reserve, measured in bytes (e.g. + code 1024 + | , + code 1G + | , + code 1Gi + | ). Leave empty for no memory reservation. + +.form-group + = f.label :storage, "Ephemeral storage" + = f.text_field "#{reservation.component}_ephemeral_storage", value: reservation.ephemeral_storage, class: 'form-control', 'aria-describedby' => "#{reservation.component}_ephemeral_storage_help" + small.form-text.text-muted id="#{reservation.component}_ephemeral_storage_help" + | The amount of ephemeral storage to reserve, measured in bytes (e.g. + code 1024 + | , + code 1G + | , + code 1Gi + | ). Leave empty for no ephemeral storage reservation. + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/kubelet_compute_resources_reservations/index.html.slim new/velum-master/app/views/settings/kubelet_compute_resources_reservations/index.html.slim --- old/velum-master/app/views/settings/kubelet_compute_resources_reservations/index.html.slim 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/app/views/settings/kubelet_compute_resources_reservations/index.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,96 @@ += render 'settings/apply' + +- unless @kube_reservations.errors.empty? + .alert.alert-danger role='alert' + p Error saving reservations for Kubernetes core services: + ul + - @kube_reservations.errors.messages.map{|k, errs| "#{k}: #{errs.join(',')}"}.each do |msg| + li= msg + + +- unless @system_reservations.errors.empty? + .alert.alert-danger role='alert' + p Error saving reservations for Host system services: + ul + - @system_reservations.errors.messages.map{|k, errs| "#{k}: #{errs.join(',')}"}.each do |msg| + li= msg + +- unless @eviction_hard.errors.empty? + .alert.alert-danger role='alert' + p Error saving eviction hard policies: + ul + - @eviction_hard.errors.messages.map{|k, errs| "#{k}: #{errs.join(',')}"}.each do |msg| + li= msg + +.alert.alert-warning role='alert' + p Warning: Entering invalid values for any of the following settings will cause + the nodes to enter into a broken state. + +h2 Compute resources reservations + +p Every node of the Kubernetes cluster has a kubelet instance running. By default, + the kubelet process will try to use all available resources on each node. This + behaviour can lead to resource starvation for critical system services as well + as for Kubernetes' own components. + +p To prevent this, it is possible to instruct kubelet to reserve a certain + amount of resources for the host system and for Kubernetes core services on each node. + The Kubernetes scheduler takes these limits into account by when deciding + on which node to schedule a certain pod. + += form_for :kubelet_compute_resources_reservations, url: settings_kubelet_compute_resources_reservations_path, method: :post do |f| + .panel.panel-default + + .panel-heading + h3.panel-title Kubernetes core services + .panel-body + p This category include processes such as: + ul + li kubernetes API server + li kubernetes controller manager + li kubernetes scheduler + li kubelet + li kube-proxy + li Container runtime: Docker daemon, containerd, CRI-O or runc + + = render 'resources', f: f, reservation: @kube_reservations + + .panel.panel-default + .panel-heading + h3.panel-title Host system services + .panel-body + p This category include processes such as: + ul + li Regular system services (eg: sshd, cron, journald,...) + li As-yet non-containerized services (eg: etcd) + + = render 'resources', f: f, reservation: @system_reservations + + .panel.panel-default + .panel-heading + h3.panel-title Eviction threshold + .panel-body + p If nodes run out of memory, the Out-Of-Memory (OOM) killer will + relieve the memory pressure by forcibly killing those containers which are using the most resources + and with the lowest quality of service until the system can resume proper behaviour. + p Note that nodes undergoing the memory reclamation process can become temporarily + unreachable. + p To reduce or avoid the risk of this occurring, it is possible to instruct kubelet + to start evicting pods as soon as the utilization of some resources + (e.g. memory or disk) approaches a critical level. + + .form-group + = f.label :eviction_hard, "Hard eviction" + = f.text_field :eviction_hard, value: @eviction_hard.value, class: "form-control", 'aria-describedby' => 'eviction_hard_help' + small.form-text.text-muted#eviction_hard_help + | Eviction policy rules to apply (eg: + code memory.available<10% + | , + code memory.available<100M + | , + code memory.available<500Mi,nodefs.available<10% + | ). Leave empty for no hard eviction policy. + + + .clearfix.text-right.steps-container + = submit_tag "Save", id: "save", class: "btn btn-primary pull-right" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/settings/registries/_form.html.slim new/velum-master/app/views/settings/registries/_form.html.slim --- old/velum-master/app/views/settings/registries/_form.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/settings/registries/_form.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -16,4 +16,4 @@ .form-actions.clearfix = f.submit "Save", class: "btn btn-primary action" - = link_to "Cancel", settings_registry_mirrors_path, class: "btn btn-default action" + = link_to "Cancel", settings_registries_path, class: "btn btn-default action" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/app/views/setup/welcome.html.slim new/velum-master/app/views/setup/welcome.html.slim --- old/velum-master/app/views/setup/welcome.html.slim 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/app/views/setup/welcome.html.slim 2018-05-22 09:45:37.000000000 +0200 @@ -70,6 +70,24 @@ hr + .form-group + = f.label :flannel_backend, "Flannel backend" + = f.select :flannel_backend, options_for_select([["VXLAN", "vxlan"], ["UDP", "udp"]], @flannel_backend), {}, {class: "form-control", 'aria-describedby' => "flannel_backend_help"} + small.form-text.text-muted#flannel_backend_help + | The backend used by Flannel to encapsulate network traffic. VXLAN is the recommended choice. + + .form-group + = f.label :flannel_port, "Flannel port" + = f.text_field :flannel_port, value: @flannel_port, class: "form-control", required: true, 'aria-describedby' => "flannel_port_help" + small.form-text.text-muted#flannel_port_help + | The port used by Flannel to encapsulate network traffic. + code 8472 + | is the recommended port for the VXLAN backend. + code 8285 + | is the recommended port for the UDP backend. + + hr + p The Service Network is used internally within Kubernetes for pod to service communications. Each Kubernetes service will be allocated an IP from this range, this IP will be independant of any single master or worker. This network range will not be accessible from outside the cluster, however, conflicts with preexisting address ranges used elsewhere should be avoided. .form-group diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/config/routes.rb new/velum-master/config/routes.rb --- old/velum-master/config/routes.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/config/routes.rb 2018-05-22 09:45:37.000000000 +0200 @@ -20,7 +20,8 @@ end get "/autoyast", to: "dashboard#autoyast" - get "/kubectl-config", to: "oidc#index" + get "/kubectl-config", to: redirect("/kubeconfig") # deprecated + get "/kubeconfig", to: "oidc#index" get "/_health", to: "health#index" post "/update", to: "salt#update" post "/accept-minion", to: "salt#accept_minion" @@ -60,6 +61,8 @@ resources :registries post :apply resources :registry_mirrors, path: :mirrors + resources :kubelet_compute_resources_reservations, only: [:index, :create] + resources :auditing, only: [:index, :create] end end # rubocop:enable Metrics/BlockLength diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/db/migrate/20180508070232_create_kubelet_compute_resources_reservations.rb new/velum-master/db/migrate/20180508070232_create_kubelet_compute_resources_reservations.rb --- old/velum-master/db/migrate/20180508070232_create_kubelet_compute_resources_reservations.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/db/migrate/20180508070232_create_kubelet_compute_resources_reservations.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,13 @@ +class CreateKubeletComputeResourcesReservations < ActiveRecord::Migration + def change + create_table :kubelet_compute_resources_reservations do |t| + t.string :component, null: false + t.string :cpu, default: '' + t.string :memory, default: '' + t.string :ephemeral_storage, default: '' + t.timestamps + end + + add_index :kubelet_compute_resources_reservations, :component, unique: true + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/db/schema.rb new/velum-master/db/schema.rb --- old/velum-master/db/schema.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/db/schema.rb 2018-05-22 09:45:37.000000000 +0200 @@ -11,7 +11,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20180427014552) do +ActiveRecord::Schema.define(version: 20180508070232) do create_table "certificate_services", force: :cascade do |t| t.integer "certificate_id", limit: 4 @@ -36,6 +36,17 @@ add_index "jids", ["jid"], name: "jid", unique: true, using: :btree + create_table "kubelet_compute_resources_reservations", force: :cascade do |t| + t.string "component", limit: 255, null: false + t.string "cpu", limit: 255, default: "" + t.string "memory", limit: 255, default: "" + t.string "ephemeral_storage", limit: 255, default: "" + t.datetime "created_at" + t.datetime "updated_at" + end + + add_index "kubelet_compute_resources_reservations", ["component"], name: "index_kubelet_compute_resources_reservations_on_component", unique: true, using: :btree + create_table "minions", force: :cascade do |t| t.string "minion_id", limit: 255 t.string "fqdn", limit: 255 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/packaging/suse/patches/0_set_default_salt_events_alter_time_column_value.rpm.patch new/velum-master/packaging/suse/patches/0_set_default_salt_events_alter_time_column_value.rpm.patch --- old/velum-master/packaging/suse/patches/0_set_default_salt_events_alter_time_column_value.rpm.patch 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/packaging/suse/patches/0_set_default_salt_events_alter_time_column_value.rpm.patch 2018-05-22 09:45:37.000000000 +0200 @@ -1,8 +1,8 @@ diff --git a/db/schema.rb b/db/schema.rb -index b8392cd..6061543 100644 +index 1275187..9eb6291 100644 --- a/db/schema.rb +++ b/db/schema.rb -@@ -95,7 +95,7 @@ ActiveRecord::Schema.define(version: 20180427014552) do +@@ -106,7 +106,7 @@ ActiveRecord::Schema.define(version: 20180508070232) do create_table "salt_events", force: :cascade do |t| t.string "tag", limit: 255, null: false t.text "data", limit: 16777215, null: false @@ -11,12 +11,12 @@ t.string "master_id", limit: 255, null: false t.datetime "taken_at" t.datetime "processed_at" -@@ -113,7 +113,7 @@ ActiveRecord::Schema.define(version: 20180427014552) do +@@ -135,7 +135,7 @@ ActiveRecord::Schema.define(version: 20180508070232) do t.string "id", limit: 255, null: false t.string "success", limit: 10, null: false t.text "full_ret", limit: 16777215, null: false - t.datetime "alter_time", null: false + t.column "alter_time", "DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP" end - + add_index "salt_returns", ["fun"], name: "fun", using: :btree diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/controllers/internal_api/v1/pillars_controller_spec.rb new/velum-master/spec/controllers/internal_api/v1/pillars_controller_spec.rb --- old/velum-master/spec/controllers/internal_api/v1/pillars_controller_spec.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/spec/controllers/internal_api/v1/pillars_controller_spec.rb 2018-05-22 09:45:37.000000000 +0200 @@ -13,7 +13,11 @@ registries: [ url: Registry::SUSE_REGISTRY_URL, cert: nil - ] + ], + kubelet: { + :"compute-resources" => {}, + :"eviction-hard" => "" + } } end @@ -65,7 +69,11 @@ } ] } - ] + ], + kubelet: { + :"compute-resources" => {}, + :"eviction-hard" => "" + } } end @@ -90,6 +98,33 @@ end end + context "when contains kubelet resources" do + + let!(:kube_reservation) { create(:kube_resouces_reservation) } + + let(:expected_response) do + { + registries: [ + ], + kubelet: { + :"compute-resources" => { + kube: { + cpu: kube_reservation.cpu, + memory: kube_reservation.memory, + :"ephemeral-storage" => kube_reservation.ephemeral_storage + } + }, + :"eviction-hard" => "" + } + } + end + + it "has remote registries and respective mirrors" do + get :show + expect(json).to match expected_response + end + end + context "when in EC2 framework" do let(:custom_instance_type) { "custom-instance-type" } let(:subnet_id) { "subnet-9d4a7b6c" } @@ -98,6 +133,10 @@ let(:expected_response) do { registries: [], + kubelet: { + :"compute-resources" => {}, + :"eviction-hard" => "" + }, cloud: { framework: "ec2", profiles: { @@ -158,6 +197,10 @@ let(:expected_response) do { registries: [], + kubelet: { + :"compute-resources" => {}, + :"eviction-hard" => "" + }, cloud: { framework: "azure", providers: { @@ -243,6 +286,10 @@ let(:expected_response) do { registries: [], + kubelet: { + :"compute-resources" => {}, + :"eviction-hard" => "" + }, cloud: { provider: "openstack", openstack: { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/controllers/settings/auditing_controller_spec.rb new/velum-master/spec/controllers/settings/auditing_controller_spec.rb --- old/velum-master/spec/controllers/settings/auditing_controller_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/spec/controllers/settings/auditing_controller_spec.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,67 @@ +require "rails_helper" + +RSpec.describe Settings::AuditingController, type: :controller do + let(:user) { create :user } + + before do + setup_done + sign_in user + end + + describe "GET #index" do + before do + get :index + end + + # rubocop:disable RSpec/MultipleExpectations + it "populates the default values" do + expect(assigns(:audit_enabled)).to eq("false") + expect(assigns(:maxsize)).to eq(10) + expect(assigns(:maxage)).to eq(15) + expect(assigns(:maxbackup)).to eq(20) + expect(assigns(:policy)).to eq("") + end + # rubocop:enable RSpec/MultipleExpectations + end + + describe "POST #create" do + context "when setting new valid audit settings" do + before do + post :create, audit: { enabled: "true", maxage: 20, maxsize: 20, maxbackup: 30, + policy: "some\n\yaml\npolicy" } + end + + # rubocop:disable RSpec/MultipleExpectations + it "saves the new audit settings" do + expect(Pillar.value(pillar: :api_audit_log_enabled)).to eq("true") + expect(Pillar.value(pillar: :api_audit_log_maxage)).to eq("20") + expect(Pillar.value(pillar: :api_audit_log_maxsize)).to eq("20") + expect(Pillar.value(pillar: :api_audit_log_maxbackup)).to eq("30") + expect(Pillar.value(pillar: :api_audit_log_policy)).to eq("some\nyaml\npolicy") + end + # rubocop:enable RSpec/MultipleExpectations + end + + context "when setting new invalid audit settings" do + before do + allow(Pillar).to receive(:apply).and_return ["One error", "Another error"] + post :create, audit: { enabled: "true", maxage: 20, maxsize: 20, maxbackup: 30, + policy: "some\n\yaml\npolicy" } + end + + # rubocop:disable RSpec/MultipleExpectations + it "does not save the new audit settings" do + expect(assigns(:audit_enabled)).to eq("false") + expect(assigns(:maxsize)).to eq(10) + expect(assigns(:maxage)).to eq(15) + expect(assigns(:maxbackup)).to eq(20) + expect(assigns(:policy)).to eq("") + end + # rubocop:enable RSpec/MultipleExpectations + + it "returns unprocessable entity as http status" do + expect(response).to have_http_status(:unprocessable_entity) + end + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/controllers/settings/kubelet_compute_resources_reservations_controller_spec.rb new/velum-master/spec/controllers/settings/kubelet_compute_resources_reservations_controller_spec.rb --- old/velum-master/spec/controllers/settings/kubelet_compute_resources_reservations_controller_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/spec/controllers/settings/kubelet_compute_resources_reservations_controller_spec.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,131 @@ +require "rails_helper" + +RSpec.describe Settings::KubeletComputeResourcesReservationsController, type: :controller do + let(:user) { create(:user) } + + before do + setup_done + sign_in user + end + + describe "GET #index" do + let!(:kube_expected) do + create( + :kube_resouces_reservation, + cpu: "100m", + memory: "1024", + ephemeral_storage: "1G" + ) + end + + let!(:system_expected) do + create( + :system_resouces_reservation, + cpu: "200m", + memory: "1024Gi", + ephemeral_storage: "2M" + ) + end + + let!(:eviction_expected) do + e = Pillar.new( + pillar: "kubelet:eviction-hard", + value: "memory.available<10%" + ) + e.save + e + end + + before do + get :index + end + + it "populates kube reservations" do + expect(assigns(:kube_reservations)).to eq(kube_expected) + end + + it "populates system reservations" do + expect(assigns(:system_reservations)).to eq(system_expected) + end + + it "populates eviction hard" do + expect(assigns(:eviction_hard)).to eq(eviction_expected) + end + + end + + describe "POST #create" do + context "when no pre-existing reservations are in place" do + let(:kube_cpu) { "100m" } + let(:kube_memory) { "100M" } + let(:kube_ephemeral_storage) { "1G" } + + let(:system_cpu) { "200m" } + let(:system_memory) { "200M" } + let(:system_ephemeral_storage) { "2G" } + + let(:eviction_policy) { "memory.available<10%" } + + before do + post :create, kubelet_compute_resources_reservations: { + kube_cpu: kube_cpu, + kube_memory: kube_memory, + kube_ephemeral_storage: kube_ephemeral_storage, + system_cpu: system_cpu, + system_memory: system_memory, + system_ephemeral_storage: system_ephemeral_storage, + eviction_hard: eviction_policy + } + end + + # rubocop:disable RSpec/ExampleLength,RSpec/MultipleExpectations + it "saves the kube reservations" do + kube_reservations = KubeletComputeResourcesReservation.find_by( + component: "kube" + ) + expect(kube_reservations.cpu).to eq(kube_cpu) + expect(kube_reservations.memory).to eq(kube_memory) + expect(kube_reservations.ephemeral_storage).to eq(kube_ephemeral_storage) + end + + it "saves the system reservations" do + system_reservations = KubeletComputeResourcesReservation.find_by( + component: "system" + ) + expect(system_reservations.cpu).to eq(system_cpu) + expect(system_reservations.memory).to eq(system_memory) + expect(system_reservations.ephemeral_storage).to eq(system_ephemeral_storage) + end + # rubocop:enable RSpec/ExampleLength,RSpec/MultipleExpectations + + it "saves the eviction policy" do + eviction_hard = Pillar.find_by(pillar: "kubelet:eviction-hard") + expect(eviction_hard.value).to eq(eviction_policy) + end + end + + context "when an eviction policy is already defined" do + before do + Pillar.new( + pillar: "kubelet:eviction-hard", + value: "memory.available<10%" + ).save + end + + it "removes the eviction policy when an empty value is given" do + post :create, kubelet_compute_resources_reservations: { + eviction_hard: "" + } + + expect(Pillar.find_by(pillar: "kubelet:eviction-hard")).to be_nil + end + end + + it "send a 422 response when validation fails" do + post :create, kubelet_compute_resources_reservations: { + kube_cpu: "hello" + } + expect(response).to have_http_status(:unprocessable_entity) + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/factories/kubelet_compute_resources_reservation.rb new/velum-master/spec/factories/kubelet_compute_resources_reservation.rb --- old/velum-master/spec/factories/kubelet_compute_resources_reservation.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/spec/factories/kubelet_compute_resources_reservation.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,14 @@ +FactoryGirl.define do + factory :kube_resouces_reservation, class: KubeletComputeResourcesReservation do + sequence(:cpu) { |n| "#{n}m" } + sequence(:memory) { |n| "#{n}M" } + sequence(:ephemeral_storage) { |n| "#{n}Gi" } + component "kube" + end + factory :system_resouces_reservation, class: KubeletComputeResourcesReservation do + sequence(:cpu) { |n| "#{n}m" } + sequence(:memory) { |n| "#{n}M" } + sequence(:ephemeral_storage) { |n| "#{n}Gi" } + component "system" + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/features/bootstrap_cluster_feature_spec.rb new/velum-master/spec/features/bootstrap_cluster_feature_spec.rb --- old/velum-master/spec/features/bootstrap_cluster_feature_spec.rb 2018-05-09 20:02:40.000000000 +0200 +++ new/velum-master/spec/features/bootstrap_cluster_feature_spec.rb 2018-05-22 09:45:37.000000000 +0200 @@ -108,6 +108,26 @@ expect(page).to have_content("Accept Node") end + it "removes node from pending acceptance state if accepted", js: true do + setup_stubbed_pending_minions!(stubbed: [minions[3].minion_id]) + allow(::Velum::Salt).to receive(:accept_minion) + + visit setup_discovery_path + + expect(page).to have_content("Accept Node") + click_on("Accept Node") + + expect(page).to have_content("Acceptance in progress") + is_pending = evaluate_script("hasPendingAcceptance('#{minions[3].minion_id}')") + expect(is_pending).to be true + + setup_stubbed_pending_minions! + + expect(page).not_to have_content("Acceptance in progress") + is_pending = evaluate_script("hasPendingAcceptance('#{minions[3].minion_id}')") + expect(is_pending).to be false + end + it "A user selects a subset of nodes to be bootstrapped", js: true do # select master minion0.k8s.local find(".minion_#{minions[0].id} .master-btn").click diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/velum-master/spec/models/kubelet_compute_resources_reservation_spec.rb new/velum-master/spec/models/kubelet_compute_resources_reservation_spec.rb --- old/velum-master/spec/models/kubelet_compute_resources_reservation_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/velum-master/spec/models/kubelet_compute_resources_reservation_spec.rb 2018-05-22 09:45:37.000000000 +0200 @@ -0,0 +1,66 @@ +require "rails_helper" + +describe KubeletComputeResourcesReservation, type: :model do + + it { is_expected.not_to validate_presence_of(:cpu) } + it { is_expected.not_to validate_presence_of(:memory) } + it { is_expected.not_to validate_presence_of(:ephemeral_storage) } + + describe "#cpu_validations" do + let(:reservation) { KubeletComputeResourcesReservation.new(component: "kube") } + + it "allows numbers with digits" do + reservation.cpu = "0.1" + expect(reservation.valid?).to be true + end + + it "does not allow numbers without digits" do + reservation.cpu = "1" + expect(reservation.valid?).to be false + end + + it "allows millicpu format" do + reservation.cpu = "100m" + expect(reservation.valid?).to be true + end + + it "does not allow to mix millicpu format and digits" do + reservation.cpu = "100.0m" + expect(reservation.valid?).to be false + end + end + + describe "#bytes_validations" do + let(:reservation) { KubeletComputeResourcesReservation.new(component: "kube") } + + it "allows numbers without suffix" do + reservation.memory = "1024" + reservation.ephemeral_storage = "1024" + + expect(reservation.valid?).to be true + end + + it "does not allow numbers with digits" do + reservation.memory = "1024.1" + reservation.ephemeral_storage = "1024.1" + + expect(reservation.valid?).to be false + end + + it "allows numbers with e-notation" do + reservation.memory = "129e6" + reservation.ephemeral_storage = "129e6" + + expect(reservation.valid?).to be true + end + + it "allows numbers with valid suffixes" do + %w[E P T G M K Ei Pi Ti Gi Mi Ki].each do |suffix| + reservation.memory = "1024#{suffix}" + reservation.ephemeral_storage = "1024#{suffix}" + + expect(reservation.valid?).to be true + end + end + end +end
